Last year, one of the biggest malware program called the DNS Changer infected around half a million of computers and PC connected to internet. To understand more about this virus or Trojan you should know. It changes the DNS (Domain Name Server) configuration of your computer. The virus hijacks your Internet Service Provider’s (ISP) DNS servers and modifies with its own entries to direct your web browser to illegal, unsolicited, and other illegal websites. For those who don’t know.
What are DNS Servers?
A DNS server is any computer registered to join the Domain Name System. A DNS server runs special-purpose networking program which has of public IP address of the websites, and contains a database of network names and addresses for other Internet websites.
What Role A DNS Server Play When I Use Internet?
When you use a internet browser like google chrome, internet explorer or any other web browser like these and you type www.troublefixers.com you get connected to a DNS server which stores the IP address of the web server or another computer on internet which has web pages of TroubleFixers so that I allows you to download those webpages on your computer to read our website through the internet browser you are using on your PC.
Why I May Lose Internet Connectivity On 9th July 2012?
In November 2011, many hackers were caught for spreading the DNS Changer malware but thousands of infected machines were left with the fake DNS Server entries pointing to their bogus DNS servers. But US government and the agencies that caught the hackers changed these DNS to be legitimate ones, at least temporarily so that people whose computers were infected should remain connected to internet. It comes at a cost to the government of about $10,000/month. On July 9th 2012, those Hackers created DNS servers which are now working right way, are going to be shut down.
How To Do I Know If My Computer Is Infected With DNS Changer?
First find out whether your PC or internet router is infected with DNS Changer Malware.
1. On your PC, press Windows + r to open run prompt and then type cmd and press enter to launch command prompt.
2. Type ‘ipconfig/all’ (without quotes) and hit Enter. Locate the DNS server entries.
These right DNS server entries should be anything between the span of 0 and 255.
on the other hand, The fake DNS Entries are
220.127.116.11 to 18.104.22.168; 22.214.171.124 to 126.96.36.199; 188.8.131.52 to 184.108.40.206; 220.127.116.11 to 18.104.22.168; 22.214.171.124 to 126.96.36.199; 188.8.131.52 to 184.108.40.206; and 220.127.116.11
Another way to know that you are infected, just search for the file named ndisprot.sys – if you find this file in %Windir%\system32\drivers it confirms that your computer is or was infected with DNS Changer Malware.
The other most simple way to know that your PC is infected with this Trojan is to go to this website page – you will get to know if you are or are not infected (see below). You will see the green image if your PC is not infected or if found infected you will see red image.
- No Software is Downloaded! The tools do not need to to load any software on your computer to perform the check.
- No changes are performed on your computer! Nothing is changed on your computer when you use sites like http://www.dns-ok.us/.
- No scanning! The “are you infected with DNS Changer” tool does not need to scan your computer.
How To Fix DNS Changer Malware Infection On My PC?
In order to fix this malware infection on your computer, the first recommended tool is Windows Defender Offline which was formerly known as Microsoft Standalone System Sweeper and the second one that would be targeted for deletion of DNS Changer is [ Avira’s DNS Repair-Tool ] or else you can run the following tools which will fix and remove and delete DNS Changer from your PC
Hitman Pro (32bit and 64bit versions)
Kaspersky Labs TDSSKiller
Microsoft Windows Defender Offline
Microsoft Safety Scanner
Norton Power Eraser
Trend Micro Housecall