Kill The DNS Changer Malware

July 9th is coming in just a couple of days. If you, like 227,000 other computer users, are infected with the DNS Changer infection, midnight Sunday night can mean you won’t be able to browse the Internet.
This infection can affect both Windows and Apple computers.
This is bad enough that you should test to make sure that your computer is NOT infected. Your computer may be running just fine. This malware does not effect the speed of your computer or steal information.
Why? Because the the DNS servers that were once distributing malware were found and taken over by the FBI a year or so ago. They left them running so the thousands of computers infected would be able to browse the Internet without sending out infections.
Late last year the FBI announced that on July 9th they were pulling the plug on the DNS servers because they cost to much to run. That means if you ARE infected you won’t be able to browse to your favorite sites.
A little background. A DNS server (Domain Name Server) is kind of like the white pages phone book. All computers connected to the Internet have a IP address, like the one for Google I used above. Can you imagine having to remember numerical addresses like that for the hundreds of sites you visit?
When you connect to the Internet via your provider, Comcast, ATT, or who ever you use, you computer obtains it’s own IP address and the IP address for the DNS server they maintain.
When you type http://google.com in the address bar of any browser, you computer goes to the DNS server your provider gave you, looks up the name, gets their IP address and send you on your way to the Google website. The DNS Changer infection changes the default DNS server settings your provider gave you to the the DNS settings of the DNS server the bad guys operate. So, when you type in http://google.com instead of going to, say Comcast’s, DNS server to look up the Google name, your computer, instead, goes to the DNS Charger servers to look up the Google name. They let you continue to Google, but now they know your IP address and were able to plant other forms of malware on your computer without your knowledge. This would be completely transparent to you. Until, the bad guys started sending malware, which the FBI stopped.
So, how do you know if you have the DNS Charger infection? Go toMcAfee SiteAdvisor Software. That is the McAfee Site Advisor site. Click the “Check Now” button.
If you don’t have it, it will congratulate you for not having the infection. You don’t need to download anything from McAfee if you do have the infection.
Here are the instructions to remove the DNS Charger infection if you do.
1) Make sure you have all of the latest updates for your version of Windows or Mac OSX.
2) Make sure you have the latest version of an anti-virus installed and updated. On Windows I recommendMicrosoft Security Essentials orAvast. On Apple OSX I recommendEset Cyber Security.
3) If you are a Windows user follow these instructions,Microsoft Host File Cleaner. Click the Fix It button and run it.
4) If you are a Windows user do all of the things listed in Savemybutt Utilities Instructions on the Downloads page in the link above.
5) Do one or more of the following. I personally like the Kaspersky Labs solution. Do the rest, too, if you feel you need to.

Kaspersky Labs TDSSKiller
Microsoft Windows Defender Offline
Trend Micro Housecall


6) If you are using Apple OSX download the free trial of Eset Cyber Security if you don’t already have it. Install and update it. Then do a full scan.
With the above instructions your computer should be cleaned up if it is infected. If you still can’t browse the internet, use another computer, or have someone do it for you, to make an appointment with me to remove it for you by clicking the Remote Computer Help in the right column.