# Lifestyles & Discussion > Science & Technology >  A Reminder About the "DNS Changer" Trojan

## Natural Citizen

The DNS Changer Check-Up site will give a quick "green" or "red" status on your system, though it is not guaranteed to be 100% accurate since ISP-based actions to deal with this situation may fool this test.  

From Lauren Weinstein over at his main web site - http://www.vortex.com/

Here's a short description of the issue. http://lauren.vortex.com/archive/000950.html

You'll find no better source for such information. Lauren has been around since long before The Internet was...well...The Internet.

Be sure to check out the rest of his work. He's very good at explaining many aspects of the legislation we see blind siding us these days as far as computing goes. Thorough at the very least as well as fair in assessment of what surmises hearsay.

----------


## V3n

Bump - the only other way I've heard to determine if your PC is 'infected' or not is to go to an official site the FBI set up.

I'm much more concerned with the infection they would leave.

----------


## Lishy

Format yer' comp. Use a WEP key on your router, and reset the router's settings if you worry about infection (Hold the reset button for 30 seconds to perform a factory reset!!!)

*Don't use keygens or cracks.* If you MUST use a keygen (I do NOT condone it), then do it from a *separate* computer disconnected from the internet which you could format. *Keygens are nothing more than calculators with malware attached, and needn't be used on your main computer!* Make sure you prepare a Live CD to format the comp BEFORE using the keygen/_infection_! (I stress I do NOT condone it because keygens have 99% of the time malware on them, and cracks are even worse!!!)

*Keep personal data on an external HDD* you know is *clean*! And *only use Linux to transfer files*! Make sure not to transfer .zip, .ini, .exe, and .dll on a compromised machine, as they are prone to being infected. In fact, if your machine is infected, just don't even risk your external HDD! Use a CD!

Also, use Linux as much as you can, because they are much less prone to infection than Windows OR MAC!

Oh, and *stop downloading Keygens and Cracks.* Seriously!

For internet browsing, use NoScript, and Adblock+. Make sure to keep your firewall on high too! You should never lower your firewall, even if at home! The only time you should lower it is when you netplay with a friend!

And don't use public wifi on a Windows or MAC computer without a VPN!

Problem solved! No FBI needed!

But I'm pretty sure going to their site and checking for infection will install some kinda fedware and malicious tracking cookie.

----------


## alucard13mmfmj

lol... i think ive used my share of cracks. 

not quite sure i got a problem, that i know of. i use malwarebyte, spybot search and destroy, AVG, and adaware.

----------


## Lishy

> lol... i think ive used my share of cracks. 
> 
> not quite sure i got a problem, that i know of. i use malwarebyte, spybot search and destroy, AVG, and adaware.


The problem with cracks is that even if you use your Antivirus, they still stay in your system, and they go undetected. With cracks in particular, they reside in your registry, and probably disguise as something non-malicious. 

An anti-virus is not some magical tool. It's merely a dictionary of "bad" software. But if you consent to using a crack, very often it will dodge your AV. Maybe the EXE itself will be caught, but what malicious things it does to your system will be ignored.

I cannot stress this enough that if you absolutely _have_ to crack your software, the safest way method is to do so is with a keygen and *from a SEPARATE computer without internet connection*! I cannot stress this enough! If you let it connect to your router, you risk the malware screwing around with it!

But at least on the bright side, you are able to use a keygen without malware even touching your computer, since keygens are usually just calculators (with malware attached.), and there for, you could use them from a separate computer while legitimately downloading a trial from your own computer and entering a "legitimate" serial key.

Of course, since you actually used a crack on your own computer, I would be worried. The reason cracks are so much more malicious than keygens are that, besides messing with the registry, they must be activated from your own computer.

If I were you, I would consider formatting your PC completely from a Recovery CD, then do the Keygen method from a separate computer. If you must back up files, do so from a Linux Live CD because it will prevent 95% of malware from running on that OS and infecting your external HDD or whatever. 

Beware that malware tries to infect the following formats: .Ini, .Zip, .Rar, .EXE, .DLL, .MSI, or any other automatically executing files. If you must backup an archive, make sure you decompress it and carefully check the file format of each file you backup from it!

Again, I stress that if you must crack your software, do so with a keygen from a _separate_ computer!

*I DO NOT CONDONE CRACKS/KEYGENS/SOFTWARE PIRACY! THIS ADVICE IS MERELY FOR THE SAKE OF CYBER-SECURITY!*

----------


## libertyjam

> Format yer' comp.


$#@! You. I am not reformatting for some threat not known to exist on my system just because some internet youth says to.  $#@!ing Hell.

----------


## Lishy

> $#@! You. I am not reformatting for some threat not known to exist on my system just because some internet youth says to.  $#@!ing Hell.


Well that's a very nice thank you to someone giving cyber-security advice to people who are infected or wish to pirate the "safe" way!

----------


## DamianTV

Theres nothing special about defeating this particular bit of Malware.  Seriously, just update your Anti Virus and Anti Malware and scan.  That will most likely be enough to get rid of it.

As far as what the bit of malware would have changed on your computer, should you happen to have it, you'll need to adjust your Network Connection Settings.  The bit of Malware would have changed your DNS servers from Automatic to Static, and the IP points to the old comprimised DNS Servers, which now redirect to OpenDNS.  You can fix that by changing it back to Automatic, or if you have any particular DNS Server that you'd rather use, take a look at the following:

OpenDNS:

Primary 208.67.220.220
Seconary 208.67.222.222

---

Ad Barricade DNS

Primary 74.53.155.162
No Secondary.  Sorry.

These changes hardly need anyone to Format their computer, and for the record, a Virus can not live in your Registry.  It can hide elsewhere in your computer, the Registry just points to where the virus lives.  That even goes for Rootkits.

----------


## azxd

Burn it ... Set loose the ravages of hell upon that evil digital menace

----------


## Lishy

> Theres nothing special about defeating this particular bit of Malware.  Seriously, just update your Anti Virus and Anti Malware and scan.  That will most likely be enough to get rid of it.
> 
> As far as what the bit of malware would have changed on your computer, should you happen to have it, you'll need to adjust your Network Connection Settings.  The bit of Malware would have changed your DNS servers from Automatic to Static, and the IP points to the old comprimised DNS Servers, which now redirect to OpenDNS.  You can fix that by changing it back to Automatic, or if you have any particular DNS Server that you'd rather use, take a look at the following:
> 
> OpenDNS:
> 
> Primary 208.67.220.220
> Seconary 208.67.222.222
> 
> ...


Good post. +Rep.

----------


## DamianTV

If anyone needs more specific help, feel free to post, or pm me, and I'll try to be specific as to how to fix what ails your computer.

----------


## Sematary

I recently ran across the NGINX trojan, which is a particularly nasty piece of work which not only changes your dns settings and leaves you incapable of using the internet but also deletes your restore points and does other nasty stuff to prevent you from eradicating it. Fortunately, I use Acronis and had a sector by sector backup of my computer on another drive and was up and running in a couple of hours with a guaranteed trojan free machine. I can never stress enough how important it is to keep backups of data and, if you can, to use a program like Acronis to do make a clone or do a sector by sector backup that you know is clean and working the way you want. That way, if disaster strikes, you won't be down for long.

----------

