07 July 2012

July 9 2012: A Internet Doomsday Malware

Is July 09, 2012 the end of the World Internet access? If you are infected with the malware called DNSChanger then most likely you will suffer a doomsday - you cannot access websites after July 09, 2012. All computers that is still infected with the DNSChanger malware will no longer able to access Internet.
What is DNSChanger?
DNSChanger, as its name indicates, is a family of malware that operates as a botnet and infects millions of computers with the ability to redirect Users to fake DNS Servers - sometimes it redirects them to fake sites that promote fake products, manipulating search results, displaying fake ads, and it redirects the victim to malicious websites.
DNSChanger is a malware that surfaced in 2007 infecting approximately 4 millions of machines in the world. Though it is not new virus but it can cause damages on Machines. To see what countries it infects: http://i1-news.softpedia-static.com/images/news2/Internet-Shutdown-Postponed-by-Court-to-July-9-2012-2.png

In 2011, an international group of law enforcement agencies arrested the group operating DNSChanger malware botnets and FBI shut downs with its operation.

What is DNS (Domain Name Server) ?
DNS - Domain Name Server is a core Internet technology that is created to convert human readable domain names like google.com into an IP address 173.194.38.134 though google has more IP address range -- IP address that computer can understand. 

ISP(Internet Service Provider) has provided DNS server to its subscribers to access Internet. And usually it is dynamically added to your system.
How to check if i am infected with the DNSChanger?
Option 1:
To check whether you are infected with the malware go this page: DNS changer check up tool
If you are 100% clean it displays:

DNS Resolution = GREEN
Your computer appears to be looking up IP addresses correctly!
but if you are infected it has  RED display

Option 2:
By using ipconfig /all in your command prompt. Windows key + R to display run window and type CMD to open command prompt

Look for the DNS section, Dns ip address ranges that infect your computer.
  • 85.255.112.0 through 85.255.127.255
  • 67.210.0.0 through 67.210.15.255
  • 93.188.160.0 through 93.188.167.255
  • 77.67.83.0 through 77.67.83.255
  • 213.109.64.0 through 213.109.79.255
  • 64.28.176.0 through 64.28.191.255
In facebook, they will display a window that you are infected with the virus.

How to  fix, remove, and recover from a DNS Changer infection?
Update your Antivirus, try to dns flush so that it will get new dns server ip address because it is dynamically obtained.

You can use http://opendns.com/dns-changer to manually change your DNS Settings.
More tips here: http://www.dcwg.org/fix/

Advertisement


Featured Offers:
Advertisement