Road Runner Help & Member Services
  • Help
  • Web
Search
Enhanced by Google
  •  
  • FAQs
  • Tutorials
  • Ask TWC
  • Contact Us
  • Mail
  • More on Road Runner Help & Member Services:
  • Mail FAQs
  • Security/Abuse FAQs
  • RR Products/Services FAQs
  • Live Chat Support
  • [Change Location]
  • Your Local Division
  • Customize Help|
  • Personal Home Pages   |
  • Road Runner|

FAQs

spacer

DNSChanger Notification

  • Print
    •

What is DNSChanger?
Time Warner Cable has received notification about industry-wide malicious online traffic, which we have identified as impacting a small fraction of our customers.  If you received a notification from Time Warner Cable advising you that your system has been impacted by this industry-wide attack, your computer or another computer on your network may be infected by malicious software known as "DNSChanger."

DNSChanger redirects your internet traffic to alternative Web sites, most commonly redirecting advertisement traffic to sites controlled by the malicious operator. This means your Internet browser is pulling up different sites than the one originally intended by the Web site operator. DNSChanger does this by sending your computer's Domain Name System (DNS) traffic to servers under their control. Also, this malware allows infected computers to be controlled remotely (i.e., by another computer on the Internet known as a "command and control" server, or a C&C server). Details about this malware attack, and how your system may have been infected, can be found on the following FBI and Department of Justice Web site: www.fbi.gov/news/stories/2011/november/malware_110911/dns-changer-malware.pdf

What is the current risk to my privacy and online security?
Although law enforcement authorities have seized the rogue DNS servers and are temporarily operating the systems, because the malware may still be active on your computer(s), it presents an ongoing threat to your privacy and online security. Malware of this type can be used to steal passwords or personal data or may allow your computer(s) to be used to send spam or launch denial of service attacks.

Why must I take immediate action?
The DNSChanger malware was specifically engineered for the purpose of stealing personal identity information and financial data. Any personal or financial information you may have on the infected PC may be vulnerable. Additionally, computers infected with this type of malware may be used at any time for launching coordinated cyber-attacks or may be used to host illegal content or engage in illegal activities. It is strongly recommended that immediate action is taken to clean and secure your machines in order to reduce the risks associated with this malware.

How do I remove this malware?
It is recommended that you download and run one or more of the following cleaning tools on all computers.

Suggested Tools for Windows Operating Systems:
McAfee Stinger:  www.mcafee.com/us/downloads/free-tools/stinger.aspx
Microsoft MSRT:  www.microsoft.com/security/pc-security/malware-removal.aspx
Norton Power Eraser:  security.symantec.com/nbrt/npe.aspx?lcid=1033

Suggested Tools for Apple Operating Systems:
Sophos AV:  www.sophos.com/en-us/products/free-tools/sophos-antivirus-for-mac-home-edition.aspx
ClamX AV:  www.clamxav.com/


The DNSChanger malware may also modify your operating system's local DNS settings, which will need to be reset manually:

For Windows 7
On your computer:

  1. Click the Windows Start Button
  2. Double Click "Control Panel"
  3. Click the "Network and Internet" link
  4. Click the "Network and Sharing Center" link
  5. Click the "Change adapter settings" link on left

    Note: Your computer may have more than one network connection such as Wireless and Wired, both need to be updated.

  6. Right-click on the adapter type (wired or wireless)
  7. Left-click on "Properties"
  8. Double click on "Internet Protocol Version 4 (TCP/IPv4)
  9. Select "Obtain DNS Server Address Automatically"
  10. Click "OK" button
  11. Double left-click on "Internet Protocol Version 6 (TCP/IPv6)"
  12. Select "Obtain DNS Server Address Automatically"
  13. Click "OK" button
  14. Click "OK" button to close the Properties window
  15. Repeat the steps if you identified multiple network connections on your computer

For Windows Vista
On your computer:

  1. Click the Windows Start Button
  2. Double Click "Control Panel"
  3. Click the "Network and Internet" link
  4. Click the "Network and Sharing Center" link
  5. Click the "Manage network connections" link on left

    Note: Your computer may have more than one network connection such as Wireless and Wired, both need to be updated.

  6. Right-click on the adapter type (wired or wireless)
  7. Click on "Continue button"
  8. Double click on "Internet Protocol Version 4 (TCP/IPv4)
  9. Select "Obtain DNS Server Address Automatically"
  10. Click "OK" button
  11. Double left-click on "Internet Protocol Version 6 (TCP/IPv6)"
  12. Select "Obtain DNS Server Address Automatically"
  13. Click "OK" button
  14. Click "OK" button to close the Properties window
  15. Repeat the steps if you identified multiple network connections on your computer

For Windows XP
On your computer:

  1. Click the Windows Start Button
  2. Double click "Control Panel"
  3. Double click on "Network Connections"
  4. Right-click on "Local Area Connection"
  5. Left-click on "Properties"

    Note: Your computer may have more than one network connection such as Wireless and Wired, both need to be updated.

  6. Left-click on "Internet Protocol (TCP/IP)
  7. Left-click on the "Properties" button
  8. Select "Obtain DNS Server Address Automatically"
  9. Click "OK" button
  10. Click "OK" button to close the Properties window
  11. Repeat the steps if you identified multiple network connections on your computer

For Apple Devices
For instructions for Apple computers, use this link: www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf.

For instructions on how to check iPhones, iPads, & iPod touches, use this link: techinch.com/blog/change-your-dns-settings-on-iphone-ipod-touch-and-ipad.

 

If you are unable to remove the malware, as a precaution to protect your privacy and data, the Department of Justice, with the assistance of the FBI, is recommending that you update your master boot record and reformat your hard drive or take it to a local repair shop to have this done.

Once you have run a cleaning tool and made these changes, it is recommended that you reset the DNS settings on your router to default settings per the vendor’s recommended configuration. Here is a selection of more commonly seen manufacturers:

    • Asus:  service.asus.com/ProductCategory.aspx?pid=8
    • Belkin:  www.belkin.com/networking/wireless-routers/support/
    • Cisco/Linksys:  homesupport.cisco.com
    • D-Link:  www.dlink.com/support/
    • Motorola:  www.motorola.com/support
    • Netgear:  support.netgear.com
    • SMC:  na.smc.com/about/support/
    • Trendnet:  www.trendnet.com/support/



spacer
spacer
How useful was this content?
Average rating:
What would you recommend to improve this content?

Submit
spacer
spacer
T

Related FAQs 

»  View All Related FAQs
spacer
  • Help
  • Web
Search
Enhanced by Google
  • Help - Home
  • Road Runner
  • FAQs
  • Tutorials
  • Mail FAQs
  • Security/Abuse FAQs
  • RR Products/Services
Copyright © 2012 Time Warner Cable Inc. All Rights Reserved.
Web Privacy Policy | Your California Privacy Rights | Network Management Disclosure
Time Warner Cable is a trademark of Time Warner Inc. Used under license. Road Runner is ™ and © Warner Bros. Entertainment Inc.
(s11)
T
Related searches:
malware computer network button internet
gipoco.com is neither affiliated with the authors of this page nor responsible for its contents. This is a safe-cache copy of the original web site.