Home » , , , » How to find Whether you PC is Infected by DNSChanger malware ?

How to find Whether you PC is Infected by DNSChanger malware ?


DNSChanger malware scam!!


In 2007 small group of cyber criminals distributed a malware called ‘DNSChanger’ which when installed would change the user's DNS settings to point to the criminals rogue DNS network. It redirects valid searches and URLs to malicious Web sites, attempt to steal personal information and generate illegal Ad revenue to criminals.

To combat this, FBI launched mission called ‘Operation Ghost Click’ which resulted in number of arrests. FBI provided list of infected servers to Internet Service Providers, and instead of shutting down the same they redirected infected servers to healthy DNS Servers. In January of this year, the German Federal Office for Information Security announced that the tamed DNS network would be shut down on March 8; however, it appears that the efforts to clear the DNS changer malware from the millions of infected PCs has taken a lot longer than expected with hundreds of thousands still being infected, according to the DNS Changer Working Group. Therefore, the closure of the rogue DNS network has been delayed for four months, and is now scheduled to be shut down on July 9, 2012. . This action means that many of the millions of computers that are still currently infected with the DNSChanger malware should now be receiving healthy DNS server activity even if the DNS server IP addresses on their systems are changed by the malware until July 9. If still malware is not removed then it might stop working after Due date.

How to check if your pc is infected?

Windows xp users can follow following steps to verify if they are infected by the malware or not.
Go to:
  • Start->run->type ‘cmd’.This will open command prompt window.
  • In Command prompt type ‘ipconfig/all’ hit enter.This will display list of IPs used by the system.
  • Check if any of the IP address falls into given list.

List of infected servers:
  • 85.255.112.0 to 85.255.127.255
  • 67.210.0.0 to 67.210.15.255
  • 93.188.160.0 to 93.188.167.255
  • 77.67.83.0 to 77.67.83.255
  • 213.109.64.0 to 213.109.79.255
  • 64.28.176.0 to 64.28.191.255

Also FBI has a ‘DNS IP Checker Web page’ that you can use to check your DNS servers.
https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS

What if your PC is infected?
  1. Back up all your files into personal drive.
  2. Run any of the Malware removal program from numerous options available.
  3. Re-install your OS.

Find More Tricks here
Share this article :
Labels: , , ,

1 comments:

If you are asking some question on this comment
Click on subscribe by Email To Get the
Reply in Your Email Inbox.
Thanks For Reading.

Want to Request Trick ? Post here..

flipkart

Submit your Email Address to Get Free Updates

Like our Facebook Page

 
Copyright © 2015. GPRS TRICKS - All Rights Reserved
Blog by Gprs9