Facebook Hacking | Hacking Tools | Facebook Hacking Tool | Twitter Hacking | Crash Website | Hack Gmail Account
Home / malwares / How to remove trojan DNSChanger?

How to remove trojan DNSChanger?

Posted by Deepanker Verma Friday, May 25, 2012 0 comments

What is DNSChanger malware?


Yesterday, i reported that Google will warn users who are affected with DNSChanger trojan. After the post, many readers asked me to write about this Trojan in detail. In this post, i am writing about DNSChanger trojan.


DNSChanger is kind of trojan which changes the DNS (Domain Name System) settings of a system to redirect system to some illegal websites. This trojan changer the nameserver registry key value to a fake IP address. As a result of this change, when a user try to access that website, its computer redirectes the request to that fake IP addresses added by DNSChanger.


How to check your computer?


If you want to check this infection in your system, i am writing some steps for windows system. 
open command prompt. (i assume you know what is command prompt and how to open this.)
Now write


ipconfig /all and press enter.


Now look for the entry "DNS Servers"
See the ip address in front of this and compare them to the 
table of known rogue DNS servers listed below.



85.255.112.0 through 85.255.127.255 
67.210.0.0 through 67.210.15.255
93.188.160.0 through 93.188.167.255
77.67.83.0 through 77.67.83.255
213.109.64.0 through 213.109.79.255
64.28.176.0 through 64.28.191.255


If your computer is configured to use one or more of the rogue DNS servers listed above, your system may be infected with DNSChanger malware.


You can also visit website www.dns-ok.de to check whether your system is infected or not.


How to remove infection?


If your system is infected with DNSChanger, download free DNS changer removal tool from Avira



Follow thse additional steps:

  1. Go to Start --> Control Panel -->Network Connections.
  2. Right click your default connection, usually Local Area Connection or Dial-up Connection, if you are using Dial-up, and left click on Properties.
  3. Double-click on the Internet Protocol (TCP/IP) item and select the radio button that says Obtain DNS servers automatically. Click OK twice.
  4. Go to Start --> Run, type CMD and then click OK.
  5. At the Dos Prompt Screen, type in cd\ and then press ENTER.
  6. Now type in ipconfig /flushdns and then press ENTER. (notice the space after ipconfig)
  7. Close the command prompt window.
  8. Reboot your PC and try to open any website.




Categories: , ,

If You Like This Post, Share it With Your Friends


Subscribe us to receive free updates in your inbox:


0 comments:

Post a Comment

Featured FREE Resource:
X




Security Tools

Loading...
Share
Get This

About Me

My Photo
Deepanker Verma
I am Deepanker Verma. A computer geek, Security researcher blogger and software developer. I have deep interest and Information security and web development and try to learn new things. you will see my blogs on hackingtricks, TechlomediaWebtips and Usethistip.

I was also honoured by Apple, Ebay, Symantec, PandaSecurity and various other computer software giants for my security work for their company. I also contribute on some opensource projects regularly.

I also own a web app called NoteDIP that allows users to send self-destructive messages with password protection.

You can add me to circles to get my daily tips :)

View my complete profile

Partners

Blog Archive

Copyright © Hacking Tricks. All rights reserved. Blogger template designed by BLog Bamz