dnschanger
no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | dnschanger [2013/01/28 04:29] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== DNSChanger ====== | ||
+ | |||
+ | |||
+ | ===== Behavior ===== | ||
+ | * Can compromise Windows, Mac, and some routers and modems. | ||
+ | * Modifies the DNS server entries to point to IP's in the Ukraine. | ||
+ | * Redirects certain lookups. This prevents updating of anti-malware. | ||
+ | |||
+ | |||
+ | ===== Removal and Recommendations ===== | ||
+ | From everything I've gathered, most up-to-date anti-virus and anti-spyware should detect this. The problem is that the DNSChanger redirects away from anti-malware update sites. I personally recommend either scanning from a bootable CD/DVD (BartPE, UBCD4Windows, | ||
+ | |||
+ | Apple has an antivirus tool out that is supposed to remove it from their OS. | ||
+ | http:// | ||
+ | |||
+ | Block and/or monitor all traffic to and from 85.255.112.0 – 85.255.127.255 (85.255.112.0/ | ||
+ | |||
+ | ===== References ===== | ||
+ | http:// | ||
+ | http:// | ||
+ | http:// | ||
+ | |||
+ | |||
+ | |||
+ | -- Main.FredPettis - 03 Apr 2009 | ||
dnschanger.txt · Last modified: 2013/01/28 04:29 by 127.0.0.1