Troj/DNSChan-A
Posted: April 26, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 440 |
| First Seen: | April 26, 2012 |
|---|---|
| Last Seen: | August 12, 2024 |
| OS(es) Affected: | Windows |
Troj/DNSChan-A (AKA Trojan.Win32/DNSChanger, AKA DNS Changer Malware, AKA Trojan.Win32.DNSChanger.ah) is a Trojan and browser hijacker that alters your Domain Name Server settings to redirect you to malicious websites. These attacks can be used to steal personal information by various means, most prominently including redirecting you to phishing sites. Although many of the servers that Troj/DNSChan-A uses for its redirect attacks have been shut down, some still remain active, and SpywareRemove.com malware researchers recommend that you treat Troj/DNSChan-A as an ongoing threat to be protected against by suitable anti-malware programs. The remainder of Troj/DNSChan-A’s servers is reported to be shut down in early July of 2012, and any Troj/DNSChan-A-infected PC may experience loss of Internet connectivity at that point until Troj/DNSChan-A's DNS alterations are removed along with the rest of Troj/DNSChan-A's components and system changes.
Troj/DNSChan-A – a Wildly Exaggerated Prophecy of Doom to the Internet
Troj/DNSChan-A is a common form of browser hijacker that's achieved some widespread attention in news media to its broad propagation (over three hundred thousand computers are still estimated to be infected with Troj/DNSChan-A) and the hype surrounding its seizures and corresponding shutdowns of its servers. Like other browser hijackers, Troj/DNSChan-A redirects your browser to malicious websites, although this may not be immediately obvious since many of these sites can be phishing domains that are designed to mimic the original site you were attempting to load. Since Troj/DNSChan-A has especially been noted to help coordinate phishing and spyware-related attacks, SpywareRemove.com malware experts suggest that you take precautions to change your passwords and other security information immediately after you've disinfected Troj/DNSChan-A from your PC with suitable anti-malware software.
Troj/DNSChan-A's primary claim to infamy is in the news frenzy around the next anticipated shutdown of its malicious servers, which is designated as July 9th. Because Troj/DNSChan-A redirects all of your traffic through these servers according to the changes that Troj/DNSChan-A makes to your DNS settings, this final shutdown will also block any remaining Troj/DNSChan-A-infected PCs from accessing the Internet, a scenario that can't be resolved until Troj/DNSChan-A and its settings changes are removed.
How to Spot the Ticking Clock of Troj/DNSChan-A and What to Do About It
Troj/DNSChan-A launches itself with Windows but doesn't display obvious symptoms, although SpywareRemove.com malware analysts note that you may be able to notice minor network activity issues (due to Troj/DNSChan-A contacting a remote server to download or upload files). Troj/DNSChan-A is restricted to attacking only Windows operating systems, but once Troj/DNSChan-A is installed on an appropriate OS, Troj/DNSChan-A should always be assumed to be engaged in ongoing attacks against your PC unless you've taken specific steps to disable Troj/DNSChan-A from being launched. Some of the most direct methods of shutting Troj/DNSChan-A down before Troj/DNSChan-A even gets started include booting Windows from a network-shared drive or a portable drive device.
Once you've done all that you can to insure that Troj/DNSChan-A isn't open, anti-malware software should be used to scan your PC and remove both Troj/DNSChan-A and any other PC threats that may be linked to your Troj/DNSChan-A infection. Lastly, as noted above, SpywareRemove.com malware analysts also suggest that you treat all your browser-transmitted security information as potentially compromised and take suitable precautions to prevent account hijacks and other attacks from Troj/DNSChan-A's criminal propagators.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.