Home » Security » DnsChanger Trojan

DNSChanger is a trojan that will change the infected system’s Domain Name Server (DNS) settings, in order to divert traffic to unsolicited, and potentially illegal sites. This Trojan is designed to change the ‘NameServer’ Registry key value to a custom IP address. This IP address is usually encrypted in the body of a trojan.

The FBI under a court order expiring July 9 the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.

July 9th is being called Internet Dooms Day.  The FBI set up a safety net months ago using government computers, but that system will shut down July 9. At that point, infected users won’t be able to connect to the Internet.

The Trojan can be removed

Manual Removal Instructions:
1. Navigate to the following paths in the registry.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters “DhcpNameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “DhcpNameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “NameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “DhcpNameServer”

2. Look for unknown IP Addresses in the Data part. Change them into IP addresses for your DNS Servers.

Comments

comments

Latest

skype Using Skype To Replace Landline Phone
riff Bеѕt VR Apps and Games for Meditation
google pixel The World Is On Your Palm Now, Go Mobile
security lock Top In-Demand Skills For Cloud Computing
Facebook Messenger Lite Facebook Messenger Lite Announced

Tech Geek Today

Tech Geek Today

MonTueWedThuFriSatSun
      1
9101112131415
16171819202122
23242526272829
3031     
    123
45678910
11121314151617
252627282930 
       
 123456
78910111213
14151617181920
21222324252627
28293031   
       

Subscribe To The Technology Geek

Archives