How to Check DNS Changer malware and remove it

This is an age old story dating back to 2007 when DNS Changer malware was first started which went viral on the Internet infecting computer systems, guessing personal data such as passwords and making changes which were not authorized. The company called Rove Digital was also started by the creators which had arranged the DNS servers to process their codes. Later, FBI got into action but could only punish the janitors before they removed millions from the Internet. There were 19642 IP addresses infected in India with 45619 and 21831 IP addresses respectively in America and Italy. This was the statistics given by DNS Changer Working Group. This led US to take a decision of shutting down the rogue servers that is the users whose servers had been infected with the DNS Changer Malware. This means that the Internet access would be lost which would lead to losing the access to sites such as Facebook, YouTube and not to forget Google. If the System is not fixed, then the ISP needs to be called and even paid to get a new IP address. So, it becomes really important to recognize whether the system is infected with the DNS malware or not. The few following steps are to be followed:

Visiting the following sites to check their reports:

http://dns-changer.eu
http://dns-ok.gov.au/
http://dns-ok.jpcert.or.jp/
http://dnschanger.detect.my/
http://www.dns-ok.ax
http://www.dns-ok.be/
http://www.dns-ok.ca/
http://www.dns-ok.de/
http://www.dns-ok.fi/

Sample Page


http://www.dns-ok.it
http://www.dns-ok.lu/
http://www.dns-ok.nl/
http://www.dns-ok.us/

Manual checking: Manually also this can be checked to see whether the system has been turned into a rogue one or not.

  • Opening Command Prompt or clicking windows button + R which will open the run pane and writing cmd over there.
  • Writing the command: ipconfig/all
  • This will show the whole IP configuration from where the DNS server in the column is to be copied.
  • Make a visit to the FDI DNS check page to paste copied DNS and check it. The computer system is safe if the message is displayed: Your IP is not configured to use the rogue DNS servers.
  • But, if the computer system is shown as the infected one, then the top security companies had created a list of software to remove the DNS Changer Malware. It just requires downloading it and following a certain set of steps:
  • Trend Micro Housecall
  • MacScan
  • Norton Power Eraser
  • Kaspersky Labs TDSSKiller
  • Microsoft Windows Defender Offline
  • Avira
  • McAfee Stinger
  • Microsoft Safety Scanner
  • Hitman Pro (32bit and 64bit versions)
Tagged with 
           

Leave a Reply

Your email address will not be published. Required fields are marked *