If you are on the Internet, I am sure you have heard about the DNS Changer malware that will cause millions to go offline on Monday (July 9). This is because of the FBI’s short term servers set up to help prevent the spread of the virus. Now that they are about to shut them down, leaving the consumers who used them to scramble to fix their own hard drives of any trace left of the malware before they can access the Internet once again. If you have not checked yet, you can and should check your own system at the DNS-OK.com. If the background is green, your system is safe. If it is red, you will then need to clean out your system. Since the virus and related malware that it helps spread is hard to remove, a clean installation of your current OS is your best bet or you can read down below the manual removal of the virus.
As for how the DNS Changer works, here is a break down.
- DNS is a handy tool that takes the URL you look up and translate it into a IP address, which the browser can read and find.
- DNS Change places a “proxy” of sort, which in turns changes your IP address to connect to a rogue DNS server (one the is not ran by your ISP), which in turn dictates what websites you go on or steal data.
- Rogue DNS servers can steal personal data, send more malware to your or your contacts, make money by sending you to their affiliates or other actions that you did give permission for.
Now one thing does need to be known, the virus is mainly on servers. Hence why the FBI released temporary serves for those who used infected ones to access the Internet. Their main worry is now for those who had to use the temporary servers is that their own hard drives could put the servers in the same risk or offer them a new one. So that is why they want the end user to remove any trace of the virus or other forms of malware that you could have from the DNS Changer hijacking your computer. So what can you do? Here is a list of what you can do to order to protect and prevent yourself from being damaged (even if you are in the safe zone).
1. Check for Proxy servers. This is usually under tools/options/settings in most common browsers. Some will have it under advance or network settings. Most ISP do no require a set IP address, so if you have one and did not require one when you first set up, be sure to uncheck the proxy box.
2. Scan with your anti-virus software and another type of anti-malware. Always update the software first!
3. Run scans again in safe mode, this will allow a more thorough scan to take place in case that you did not do a full sweep.
4. If either scans find malware, follow their advice on how to remove the infections.
5. Once your system is clean (via a clean installation or using anti-virus scans), you will need to put up a firewall and check your proxy settings on a regular basis. Scans should also be performed on a regular basis.
Those 5 simple tips can save you a lot of grief and might just help prevent this virus or similar ones from making a comeback.
If you have any questions, concerns or tips on how to protect or remove this virus, please leave it in the comments below.