The malware family of the DNS-changer manipulates the Windows network settings.
The DNS server entries are changed on the respective network adapter to achieve this. In the event of an infection, this will divert requests from web sites to malicious sites that are maintained by criminals.
The operators of those DNS servers have been arrested in November 2011 by the FBI and European law enforcement authorities. Additionally, the servers have been replaced with correctly working DNS-servers.
However, those servers will be shut down as of March 8th, 2012.
Computers that have been affected and did not apply the recommended changes within the settings, will not able to use the internet anymore, since the users are unable to dissolve domain names now without having access to the DNS.
Avira provides a tool for this purpose that will reset the entries to Windows standard.
Note:
The tool doesn"t send any data through the internet. An installation of the tool is not required.
However, a restart of Windows will be necessary after the execution of the tool and a successful repair.
