Comments on: Rogue DNS Servers on the Move

By: KevHog

KevHog — Wed, 22 Jul 2009 12:58:05 +0000

dirt bags got me too. 1. on another machine download Microsoft Windows Defender and the ‘malicious Software removal tool’ to a USB / Pen drive. 2. on the infected machine change your DNS and install the two apps. Run them and you should be right.
There are other articles on the net for Malware Bytes but I could not get these running with the infection. Windows defender picks up this one but misses plenty more. Tool of choice for this mission

By: Prabu

Prabu — Fri, 12 Dec 2008 13:23:08 +0000

Hi Guys.. I got this trojan too.. please let us know if there is any cure to this.. My system is running very slow becoz of this…cant reinstall computer as this is running very important programs

By: ckhown

ckhown — Thu, 11 Dec 2008 03:10:00 +0000

Me, also have same problem DNS 85.255.112.61. i have try to set back my original local DNS, but after restart pc, it’s will be automatic set back to 85.255.112.61… anyone know how to kill this thing >

By: bayden

bayden — Wed, 10 Dec 2008 20:40:24 +0000

This is malware but removing it as of today is a problem. I have now seen this on 4 PC’s in one office of about 40. My question is, can the internal DNS server be some how populating clients (even if static as I have tested) populating DNS Servers as such – 85.255.113.112.91 and 85.255.113.91. The static setting does have the local DNS server which is 192.168.0.10 and it does not use this address dynamically or statically.

Is this a global threat or vulneralbility with Misrosoft DNS servers?? Is there a way to block any inbound queries?

I’m experiencing same issues as listed above.

Regards,

By: Sascha

Sascha — Tue, 09 Dec 2008 18:48:32 +0000

Hey I have the same shit Problem!!!
The DNS is always on manual….no change to auto possible!
need help

By: Devidas Khurd

Devidas Khurd — Sun, 07 Dec 2008 21:00:43 +0000

Currently I am facing the same problem with my internet connectivity. I checked my IP config,the DNS server is presetting to 85 . 255 . 112 . 205.I have changed but no use.Still its pre-setting to 85 . 255 . 112 . 205.

Can anyone suggest how to resolve the same problem.

By: Lyrix

Lyrix — Tue, 25 Nov 2008 22:31:24 +0000

It took me forever to work this out. I’m not particularily an expert on computers, but I had a problem that all searches I made on google redirected me to a phishing website when I clicked a link. Basically, it brought up the right searches, but every link was a phishing link. Eventually I had a problem with my internet and checked my IP Config, and I saw my DNS server was pre-set to “85 . 255 . 112 . 123″. After changing it back to automatic, this no longer happened. It also prevented any Microsoft applications downloading, and also AVG from updating. Nothing malicious, but I wanted to share my personal experience with you about it, because it was annoying.

By: Liquidmatrix Security Digest » Security Briefing: November 21st

Liquidmatrix Security Digest » Security Briefing: November 21st — Fri, 21 Nov 2008 14:06:20 +0000

[...] Rogue DNS Servers on the Move | Security to the Core [...]