Replaces TCP/IP registry settings with alternatives.
TCPIPAddress:[old ip(s)],[new ip(s)]
Used to counter malware that sets itself as DNS server or other similar basic TCP/IP properties.
- The first parameter specifies one or more IPs to detect.
- The second parameter specifies one or more IPs the previous ones should be replaced with. Make sure this is something that would fit all users; e.g. for DNS, you might want to take a look at OpenDNS.
- Entries that will update the infected registry values, replacing the bad IPs with new, good ones.