Jump to content

whats with this DNS changer malware on monday 7/9/12?

Recommended Posts

hey all,

perhaps this has been previously covered on this forum..........

there is supposed to be a DNS changer malware that the FBI has been involved in

and I'm told that if this malware is on my pc then I will lose internet connection next monday

is this for real????

Link to post
Share on other sites

I have also seen several media outlets reporting on this. My question is, Does MalwareBytes effectively search for and elliminate this virus/malware? I have also seen a link to a website that is supposed to be an agency working with the FBI to help people search their system for the malware...

Link to post
Share on other sites

  • Root Admin

Hello and welcome to Malwarebytes

Yes the information is correct. They have supplied you with methods to test your system for this as well.

You can also have someone assist you here to check your system for rootkits or other potentially hidden malware.

If you think you are infected, here are the steps needed to get your computer cleaned....

Please read the following so that you can begin the cleaning process:

Don't use any temporary file cleaners unless requested - this can cause data loss and make recovery difficult

You have 3 Options that you can choose from as listed below:

  • Option 1 —— Free Expert advice in the Malware Removal Forum
  • Option 2 —— Paying customer -- Contact Support via email
  • Option 3 —— Premium, Fee-Based Support


As we don't deal with malware removal in the
General Malwarebytes' Anti-Malware Forum
, you need to start a topic in the

Malware Removal forum

so a qualified helper can help you fix any malware related problems or infections you may have.
  • Please read and follow the directions here, skipping any steps you are unable to complete.
  • After posting your new post, make sure under options, you select Follow this topic and choose Instantly,
    so that you're alerted when someone has replied to your post.

NOTE: Please do not post back to (bump) your topic within the first 48 hours.

Replying to your own posts changes the post count and helpers are looking for topics with zero replies.

If you reply to your own post helpers may think that you're already being helped and thus overlook your post.

    • If there is no reply from any experts after 48 hours, you can reply to the topic, asking for help again.
    • You may send a Private Message to a Moderator asking for assistance.


Alternatively, as a paying customer, you can contact the help desk


If you would like to use our
Malwarebytes Premium Consumer Services
partner, Comprehensive solutions to all your computer support needs—from installation and set-up to troubleshooting and tune-ups go to our
Malwarebytes Premium Services
support site.

Please be patient, someone will assist you as soon as possible.

Link to post
Share on other sites

Sorry to sound dense about this, but I'm still not sure whether Malwarebytes (the FREE version) checks for this DNS changer malware. I've checked my PC at more than one "checker" site (all found on the FBI's official web site), and I always get a green background/banner/border/whatever that says it APPEARS I do not have the malware on my computer. But it ALSO says that if my "ISP is redirecting DNS traffic for its customers", my PC may STILL be infected.

One reply in this string just gives complicated instructions about how to remove the malware (I thought that Malwarebytes automatically removed malware when it found it in a scan). The last post says Malwarebytes DOES remove the DNS changer "on the computer end". I thought to myself, "what other end IS there?" It also says that it is a good idea to "scan your setup" at the dcwg.org site, "as this can also change settings in a router if you use one". Why would I want the dcwg to change my router settings?!

I have been running Malwarebytes free version for about 18 months now. It has never, EVER said that it found a single instance of malware. That's either very good (very lucky)...or the free program, which I DO update regularly, isn't really able to detect current malware programs.

Link to post
Share on other sites

Hi, sharonsss:

AFAIK, yes, even MBAM Free will pick this up (it's the same program with the same database as MBAM PRO -- it just doesn't offer real-time protection, scheduled scans/updates or incremental database updates).

If you've scanned your system with MBAM and at the recommended sites and you come up clean, you are likely just fine for this particular problem.

(There's a lot of FUD out on the internet about this... :angry: )

Additional information about the DNS changer can be found here:


No security program can possibly detect or remove 100% of the ever-changing malware that are out there.

However, in combination with a robust, up-to-date, real-time anti-virus (free or paid) and a good firewall (software and/or hardware), MBAM offers excellent layered, complementary protection.

So -- generally speaking -- it is a good thing that MBAM has never detected anything on your system.

If you are maintaining good, safe computer security practices, it is possible you've never been infected.

Speaking only as a home user with NO financial interest whatsoever, I can attest to the value of the nominal cost of a lifetime license for MBAM PRO precisely b/c of the advantages (ESPECIALLY real-time protection) that it offers.

PREVENTING a malware infection is far better, easier and ultimately cheaper than trying to remove one and/or recover one's lost data.

Strictly JMHO.



Link to post
Share on other sites

  • Staff

What symptoms of malware are you experiencing on your computer??

"as this can also change settings in a router if you use one". Why would I want the dcwg to change my router settings?!
You're not reading it correctly. The implication is that malware can also do that.

Scan at the dcwg site.. your router may be infected, which MBAM does not scan for, to the best of my knowledge.

Link to post
Share on other sites

  • Staff

Screen317 is correct. Malwarebytes can not fix a router if it is infected. If you have never detected this on your computer system then you are safe. It has to be installed on a computer first and your router has to be using default passwords for this to happen. Even then its incredibly rare.

Dcwg.org site will not change settings. Its just a tool to see if your dns is redirected. That's all it does.

What you saw is about your provider possibly having its dns corrupted on the servers. This simply would be incredibly rare and there is absolutely nothing you can do on your end about it.

Link to post
Share on other sites

Thank you, to everyone, for helping to clarify what Malwarebytes does and doesn't do. I have not had any kind of errors or corruption on my PC...I was just reacting to all the news reports on TV today. I could not find a "scan" to run on the dcwg site, but I did find an explanation of how to manually check my PC. I got into CMD mode and checked the ipconfig /all information, comparing the addresses listed under DNS on my PC with a list of "bad" address ranges. I remember doing that about a year ago, after a newspaper article suggested it. So I think I can ignore all the disaster warnings on network news. Thanks for all you help.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.