DNSChanger – How not to lose your internet connection on July 9

Scan your computer for the DNSChanger malware as the coming Monday, July 9, 2012 might turn out to be your worst nightmare if your computer has been infected by this malware. According to the latest reports the DNSChanger malware is expected to put more than two million users all around the world offline.

The main purpose of DNS is to convert human readable URL (uniform Resource Locator) like www.thegeeksclub.com into corresponding IP (Internet Protocol) addresses that allow computers to communicate with each other.

The DNSChanger malware first became widespread in the year 2007. The DNSChanger malware basically changes the DNS Settings of the infected computer and/or network device (e.g. router) to an illegal DNS Server without the user’s consent. The cyber criminals who developed the DNSChanger malware also set up a number of DNS servers which would process DNS requests from infected computers. By late 2011 nearly forty million computers were affected worldwide.

Luckily the FBI (Federal Bureau of Investigation) stepped in and arrested these cyber criminals. Following a court order the FBI took over the IP addresses used by the illegal DNS Servers and ran legitimate servers using those IP addresses. However this court order expires on Monday July 9, 2012 resulting in FBI pulling the plug on these servers causing DNS Server blackout for infected computers. DNSChanger malware infected computers will be unable to resolve DNS requests thereby inhibiting their connectivity to the internet.

How to detect if your computer has been infected?

There are two basic ways of detecting if your computer has been infected.

One of the ways is by manually scanning the DNS requests made by your computer. You will observe every now and then your computer silently redirects itself to an imposter site.

Another way of detecting this malware is by running a thorough scan using a reputed Anti Malware and Anti-virus software like McAffe, Microsoft Security Essentials, etc.

How to fix this problem?

Firstly run a thorough system scan looking for DNSChanger. If the DNSChanger malware is detected on your computer then follow the appropriate malware removal steps as recommended by your Anti-malware and Anti-virus software.

Once the DNSChanger malware has been removed check your DNS Server settings and if they aren’t the same as provided by your ISP (Internet Service Provider) then change them. This can be done by following the steps given below for a normal computer running Microsoft Windows 7 operating system.

  1. Goto Control Panel.
  2. Select Network and Internet
  3. Click Network and Sharing Centre
  4. Click Local Area Connection
  5. Click Properties button.
  6. Double Click Internet Protocol Version 4 (TCP/IPv4)
  7. Cross check and change if necessary, the DNS settings/addresses entered in the Preferred DNS Server and Alternate DNS Server with the ones provided by your ISP (Internet Service Provider).

If you are using a router then you should also check the DNS settings for the router. You can find a list of DNS Servers that would blackout on July 9, 2012 by visiting the following website.

Check out this video for more details