The configured DNS server basically tells the web browser where to look for when a web address such as www.google.co.uk is entered into the browser’s address bar. If that lookup is manipulated part or all of the page elements of the website can be replaced by the operators of the rogue DNS server.
The FBI back then replaced the DNS servers that the cyber criminals used with working servers to avoid interruption of service for users affected by the DNS server change.
These DNS servers will however be shut down on March 8th, 2012. Affected users from that day on may not be able to connect to Internet addresses anymore until they replace the DNS server with working ones.
Security company Avira, famous for their antivirus solution, has released the Avira DNS Repair-tool.
You can run the portable program on your system to see if your computer’s DNS server has been manipulated by DNSChanger.
The program will reset the DNS servers to Windows default values if it finds out that they have been manipulated by the malware.
It is alternatively possible to check for manipulation manually.
Use the shortcut Windows-r to bring up the run box. Enter cmd in there and tap on the enter key to open the command prompt. Now run the command ipconfig /all and locate the DNS Servers entry. Compare what you see there with the list of rogue DNS servers below
64.28.176.0 – 64.28.191.25567.210.0.0 – 67.210.15.25585.255.112.0 – 85.255.127.25577.67.83.0 – 77.67.83.25593.188.160.0 – 93.188.167.255213.109.64.0 – 213.109.79.255
If your DNS server IPs differ from the ones above then congratulations, you are not infected. You otherwise need to change the DNS server. While you could do that manually, you may prefer to use a program for that. You can use the Avira tool to reset the DNS Server, or a program like DNS Jumper to select a public DNS server instead.
You can download the Avira DNS Repair-Tool from the official Avira website
0 comments :
Post a Comment