[37863] in North American Network Operators' Group
Re: "Big Red"
daemon@ATHENA.MIT.EDU (Scott Francis)
Fri May 25 04:00:53 2001
Date: Thu, 24 May 2001 22:54:58 -0700
From: Scott Francis <scott@virtualis.com>
To: "Tim Langdell, PhD" <langdell@technologist.com>
Cc: nanog@merit.edu
Message-ID: <20010524225458.I168@virtualis.com>
Mail-Followup-To: Scott Francis <scott@virtualis.com>,
"Tim Langdell, PhD" <langdell@technologist.com>, nanog@merit.edu
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="6lCXDTVICvIQMz0h"
Content-Disposition: inline
In-Reply-To: <045301c0e4a8$33c103e0$0200a8c0@Magnus>; from langdell@technologist.com on Thu, May 24, 2001 at 04:20:59PM -0700
Errors-To: owner-nanog-outgoing@merit.edu
--6lCXDTVICvIQMz0h
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, May 24, 2001 at 04:20:59PM -0700, Tim Langdell, PhD exclaimed:
>=20
> Has anyone heard of "bigred.com"? A client has suddenly discovered that a=
ll
> of its browser queries that do not resolve (www.rubbishcharacters.com for
> e.g.) get diverted to the BigRed search engine web site. No one in the
> company is aware of having installed anything that could have intentional=
ly
> have caused this effect for DNS failures. Anyone got any ideas what is go=
ing
> on here? Is it a known problem? Viral or otherwise?
One of my friends had the same problem on her PC at home. Found out that she
had installed some 'browser enhancement' software that made a considerable
number of well-hidden registry entries changing everything from her default
home page to her search engine results to ads displayed in the browser's ti=
tle
bar (MSIE 5). Took quite a bit of digging about with regedit.exe to get rid=
of
the bugger.
> T.L.
--=20
Scott Francis scott@ [work:] v i r t u a l i s . c o m
Systems Analyst darkuncle@ [home:] d a r k u n c l e . n e t
West Coast Network Ops GPG keyid 0xCB33CCA7
illum oportet crescere me autem minui
--6lCXDTVICvIQMz0h
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.5 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQIXAwUBOw3zsYgCD7rLM8ynFAP1LAgAhrm8xBn1H88Wuxxs16vMWQDVG1HlCv+v
yU427+ZTyMDwG+e48BSyF3OlcJgDddb2ESAISIpdulhov2pBcs6Iorx/Zne6McXe
8C2znHgumTSakAE7SbYMamJsiESYBna2MdcFss1BsS9lkrDU8jY9MtkcfTK2DcgG
j56NaoHDRwNIW3yEY4NMYg1FHNmKPV8TiwxJLF041qX10cq4cITTuCgDtVWMemqK
7OoKYgvbWXCL2dK/7Oa/Ulrzlu3gPRDqGtreXZVxo8EIPTHvYleb1lIdJhezBn8N
JhmO0e+THsJTzmU5fAvR4MhV7JI/z2ATJfQgFM2qkq+YxybzrEJYLwf/VZG3LdCT
EwIStPgVsR7ZGuE9F65JUgTevzNRqmxguf+avK+u8Luc2QTYdgEynvl4Fv7TpT46
TMVR2GGdoKTJqFmLZd1pQsdEzDg9KC0cAtAerd3xkcpfPpGPnVC2/ENJYLoJmWOs
pCnUn/VmvVc9DTfCz6Tw6vuPwbSxNkoIMlWCbBZVwyN9L1XhLzup/OTiFCl1IAq/
Ce2oD6CL9F18ijOXePuxZ/XQL0nZorg/Ayyy3QHtqrJJp2BLMwAsf3Es9bWnyc5y
sDL5Ols4JsQx6GGvqOiLuzUpSW4UaGDafhqic6E8YkCCD/M0fKk7+A3VVVUvIqo2
aIYycMmQzaA2Dg==
=+RV5
-----END PGP SIGNATURE-----
--6lCXDTVICvIQMz0h--
