The following are the original manual checks to see if you computer is infected with any of the DNS Changer malware.
To check if your Windows 7 machine is infected, first click the “Start” icon.
This opens the Windows Menu. Click on the “Search” field at the bottom.
Type in cmd, and hit enter.
This opens a DOS shell. In the DOS shell, type in the command:ipconfig /allcompartments /all
and hit enter. (Windows users might be used to just typing “ipconfig /all“. This also works, but might not list all the routing compartments if you have a VPN setup in Windows7.)
The
output will be very long, since Windows7 by default has support for
IPv6. Most likely, you want to look for the IPv4 information under the
section entitled “Ethernet adapter…”. Look for the “DNS Servers” line,
and write down these numbers. There may be two IP addresses listed
there.Are Your DNS Settings OK?
The malicious Rove viruses changed some peoples DNS settings to use computers they operated. Compare your DNS settings with the known malicious Rove DNS settings listed below:| Starting IP | Ending IP | CIDR |
| 85.255.112.0 | 85.255.127.255 | 85.255.112.0/20 |
| 67.210.0.0 | 67.210.15.255 | 67.210.0.0/20 |
| 93.188.160.0 | 93.188.167.255 | 93.188.160.0/21 |
| 77.67.83.0 | 77.67.83.255 | 77.67.83.0/24 |
| 213.109.64.0 | 213.109.79.255 | 213.109.64.0/20 |
| 64.28.176.0 | 64.28.191.255 | 64.28.176.0/20 |
What if I’m infected?
If you computer is infected, please refer to our page that list tools to clean DNS Changer and other self help guides to clean your computer – http://www.dcwg.org/fix/resources: http://www.dcwg.org
Tidak ada komentar:
Posting Komentar