How to Remove The Trojan.DNSChanger Virus?
- 3
- Add a Comment
You sitting in front of your computer and all of a sudden, you cannot connect to the Internet.
You know your Internet connection is good, but none of the URLs you place in your browser go anywhere. What’s happened?
There is a good chance that you have been infected with the Trojan.DNSChanger trojan. What is this?
Trojan.DNSChanger is a trojan that makes your web browser open slowly and either redirects you to malicious or adverstisment links, or you cannot connect to any website.
This trojan actually modifies your network DNS setting. It does this in the  Control Panel and in your computer registry.
If you attempt to go in and manually change it (in the Control Panel or registry), it will re-insert itself.
What is a DNS?
DNS stands for Domain Name System (or Service or Server), an Internet service that translates domain names) such as digitaldrake.com) into IP addresses (such as 64.49.61.187). Why?
Because we (people) understand and, more importantly, remember digitaldrake.com;Â but computers, which are machines, understand numbers such as 64.49.61.187. Either way, if you typed in 64.49.61.187 in your web browser, you will see that it will take you to digitaldrake.com.Â
I am sure you have many favorite websites that you visit and bookmark. Imagine, though, if you had to memorize all of the IP Addresses for them! DNS translates the domain names (URLs) you type into your web browser into IP addresses. OK, back to the Trojan.DNSChanger virus and removing it.
The DNS setting in your computer (if there is one) is the address of a computer on the Internet (or on your network) that translates (resolves) a domain name into an IP address. Now, suppose somehow the DNS IP Address in your PC setting gets changed by the Trojan.DNSChanger virus. Well, what happens is that the bogus IP Address that it inserts might point to a computer that does not exist. In other words, it does not point to a real DNS server; and since it doesn’t, your PC will not be able to translate that domain name you typed into your browser into an IP Address. Thus, you go no where.
Note: If there is no DNS IP Address setting in your PC, this is OK. Your ISP is handling this for you. In other words, they will handle the domain name to IP Address  translation.Â
So, how do you get rid of it?
The easist and fastest way is to use a freeware tool called Malwarebytes Anti-Malware which may be downloaded here, for free.
In a previous article and accompanying video, I showed PC users how to remove the XP Anti-Virus Rogue with this same tool.
Check out the video below to learn how to get rid of the Trojan.DNSChanger trojan.
Removing The Trojan.DNSChanger Virus
Â
3 Comments
Alex
October 31st, 2008
at 2:20am
I think this Malwarebites anti malware is not a free ware as I am not able to download the link
Can you give a new link where I can download it freely as I am using windows xp and i am getting bogus IP and DNS
Kindly help
John Willumsen
December 7th, 2008
at 8:13am
Having been hit with this DNS Changer problem, I have tried Malwarebytes Anti Malware program along with Spyware Doctor, Pest Control, Spybot Search & Destroy, Reg Cure and some others. They all find the infection, up to 18 on one run, and remove them, but on rebooting the computor, they’re back with a vegence. I realy don’t know what else I can do. Please can you help or advise me.
Jeffrey McNabb
December 18th, 2008
at 11:07am
12/18/08: used updated malwarebytes, ran it in safe mode, finds the trojan dnschanger stuff; i choose remove
it comes back
HELP!!!