GoFuckYourself.com - Adult Webmaster Forum - View Single Post

irishfury · 10-24-2003, 11:46 PM

I have found that it is in DNSerr.dll in winnt, iedll.exe in windows media player, loader.exe in windows media player, and wmplayer.exe. When ever any of these executes it infects the registry again.
I used windows explorer to search for any file containing thesten and dnserr. It takes a long time but at least it ids the files.

Also, these things infect the hosts file in winnt and the hosts file in system32/drivers/etc with bad ip addresses. You need to delete the bad addresses or it will redirect IE and here you go again.

10-24-2003, 11:46 PM
irishfury Confirmed User Join Date: Aug 2003 Location: In the hearts of cowards Posts: 2,611	I have found that it is in DNSerr.dll in winnt, iedll.exe in windows media player, loader.exe in windows media player, and wmplayer.exe. When ever any of these executes it infects the registry again. I used windows explorer to search for any file containing thesten and dnserr. It takes a long time but at least it ids the files. Also, these things infect the hosts file in winnt and the hosts file in system32/drivers/etc with bad ip addresses. You need to delete the bad addresses or it will redirect IE and here you go again. __________________ Trust no one there all snakes