What’s the DNSChanger malware and how to clean it?
PLDT and Smart are asking their subscribers to check if their respective computers are infected by a malware called DNSChanger before July 9, 2012 as it may have long-term effects that may render your computer useless for browsing the web.
The DNSChanger belongs to the Zlob Trojan virus family which caused quite a stir in the US last year. The FBI has taken actions against it announced that theyâ€™ve found the source of the virus and shut down the operation November of last year.
Another DNS server were then setup to replace the malicious server for a certain period of time to give enough leeway for users to clean up their infected computer/s. But by July 9, the authorities will be pulling the cord on the temp servers and users with computers which are still infected will not be able to surf the net.
To check if your computer is infected follow these simple steps courtesy of PLDT-Smart:
1. Open the Command Window
2. (For Windows 7) Type cmd at the search bar
3. (For Windows XP) Click Run, then type cmd at the bar
4. Type ipconfig /all
5. Search for the DNS Servers section
Mac OS X
1. Click the Apple icon an the top left of the screen
2. Select System Preferences
3. Locate the â€œNetworkâ€ icon
4. Read the â€œDNS Serverâ€ line
Alternatively, subscribers may also visit the following sites to their system checked automatically.
Ensure that the DNS Servers are not within the following range of Internet Protocols (IPs):
* 126.96.36.199 through 188.8.131.52
* 184.108.40.206 through 220.127.116.11
* 18.104.22.168 through 22.214.171.124
* 126.96.36.199 through 188.8.131.52
* 184.108.40.206 through 220.127.116.11
* 18.104.22.168 through 22.214.171.124
If the DNSChanger is detected, users may then use any of the following software to clean the infection:
â€¢ Hitman Pro (32bit and 64bit versions)
â€¢ Kaspersky Labs TDSSKiller
â€¢ McAfee Stinger
â€¢ Microsoft Windows Defender Offline
â€¢ Microsoft Safety Scanner
â€¢ Norton Power Eraser
â€¢ Trend Micro Housecall
â€¢ Avira’s DNS Repair-Tool
Even though Iâ€™m pretty sure that my PC is not infected, I still tried to do the manual detection as well as the automatic one (http://www.dns-ok.us/) just to be safe. We suggest you do it as well. Be sure to check your PC before the said date to avoid future inconvenience. It pays to be safe.