Home » Security » DnsChanger Trojan

DNSChanger is a trojan that will change the infected system’s Domain Name Server (DNS) settings, in order to divert traffic to unsolicited, and potentially illegal sites. This Trojan is designed to change the ‘NameServer’ Registry key value to a custom IP address. This IP address is usually encrypted in the body of a trojan.

The FBI under a court order expiring July 9 the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.

July 9th is being called Internet Dooms Day.  The FBI set up a safety net months ago using government computers, but that system will shut down July 9. At that point, infected users won’t be able to connect to the Internet.

The Trojan can be removed

Manual Removal Instructions:
1. Navigate to the following paths in the registry.
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParameters “DhcpNameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “DhcpNameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “NameServer”
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesTcpipParametersInterfaces%Random CLSID% “DhcpNameServer”

2. Look for unknown IP Addresses in the Data part. Change them into IP addresses for your DNS Servers.

Comments

comments

Latest

adobe photoshop Microsoft Store Offers Discount on Adobe Photoshop
Natural Weight Loss Remedies – The Latest Craze Toppling Under-The-Knife Alternatives
DJI Spark Drone Gesture Control Update
glow netflix GLOW On Another Streaming Service?
onenote-windows-10 OneNote for Windows 10 Gets Update

Tech Geek Today

Tech Geek Today

MonTueWedThuFriSatSun
 123456
78910111213
14151617181920
21222324252627
28293031   
       

Subscribe To The Technology Geek

Archives