TCPIPAddress: Difference between revisions
Jump to navigation
Jump to search
(added info box, added build params) |
m (→Examples: made more generic) |
||
| Line 15: | Line 15: | ||
===Examples=== | ===Examples=== | ||
TCPIPAddress:"1.2.3.4","192.168. | TCPIPAddress:"1.2.3.4","192.168.1.1" | ||
===Description=== | ===Description=== | ||
Latest revision as of 16:42, 22 February 2008
| TCPIPAddress | |
| Group | Registry |
| Main Application | Version 1.4 or later |
| Required Update | 2007-06-06 |
| File Parameters | no |
| Registry Parameters | no |
| Build Parameters | yes (third) ≥ 1.5.2 |
| Special Parameters | no |
Replaces TCP/IP registry settings with alternatives.
Usage
TCPIPAddress:<old ip(s)>,<new ip(s)>[,advanced build parameters]
Examples
TCPIPAddress:"1.2.3.4","192.168.1.1"
Description
Used to counter malware that sets itself as DNS server or other similar basic TCP/IP properties.
- The first parameter specifies one or more IPs to detect.
- The second parameter specifies one or more IPs the previous ones should be replaced with. Make sure this is something that would fit all users; e.g. for DNS, you might want to take a look at OpenDNS.
- Versions starting 1.5.2 allow optional advanced build parameters in third place.
Scan Results
- Entries that will update the infected registry values, replacing the bad IPs with new, good ones.