• Windows XP
  • Windows 7
  • Mac OSX
  • Home Routers
  • Checking Via Browser

Checking for DNS Changer on Windows XP

To check if your Windows XP machine is infected, frist click the "Start" button.

Clicking the start button opens the Windows menu. Locate the "Run" option in the menu and select it.

In the dialog, type in "cmd", as the name of the program to run. (This opens a DOS shell. This is also available under other parts of the Windows Menu.)

In DOS shell, type in the command:

ipconfig /all

and hit enter.

The command you entered displays information about your computer's network settings. Read the line starting with "DNS Settings". There might be two or more IP addresses listed there. These are the DNS servers your computer uses. Write down these numbers

Are Your DNS Settings OK?

The malicious Rove viruses changed some peoples DNS settings to use computers they operated. Click Here to compare your DNS settings with the known malicious Rove DNS settings.

Checking Windows 7 for Infections

To check if your Windows 7 machine is infected, frist click the "Start" icon.

This opens the Windows Menu. Click on the "Search" field at the bottom.

Type in cmd, and hit enter.

This opens a DOS shell. In the DOS shell, type in the command:

ipconfig /allcompartments /all

and hit enter. (Windows users might be used to just typing "ipconfig /all". This also works, but might not list all the routing compartments if you have a VPN setup in Windows7.)

The output will be very long, since Windows7 by default has support for IPv6. Most likely, you want to look for the IPv4 information under the section entitled "Ethernet adapter...". Look for the "DNS Servers" line, and write down these numbers. There may be two IP addresses listed there.

Are Your DNS Settings OK?

The malicious Rove viruses changed some peoples DNS settings to use computers they operated. Click Here to compare your DNS settings with the known malicious Rove DNS settings.

Checking OSX for Infections

To check if your OSX computer is infected, frist click the Apple icon in the top left.

Then, select "System Preferences..."

This opens the System Preferences dialog box. Locate the "network" icon. HINT: Type "network" in the top right corner search field.

This opens the Network settings dialog box. Read the "DNS Server" line. Write down these IP addresses.

Are Your DNS Settings Ok?

The malicious Rove viruses changed some peoples DNS settings to use computers they operated. Click Here to compare your DNS settings with the known malicious Rove DNS settings.

Checking Home Routers for Infections

Coming soon

Checking Using A Browser

It is also possible to use a browser to check whether you're using the Rove Digital DNS servers.

Using a browser, open up one of these pages:

dns-ok.us

dns-ok.de

dns-ok.fi

dns-ok.ax

These web sites provide information, and generally display either a warning (often a red color theme) if you're using Rove Digital DNS resolvers, or an "ok" sign (often with a green color theme) if you're not infected.

Note: Using a browser is the least accurate way to check. It may not give accurate results, if your ISP is directirecting your DNS traffic. In such a case, you could see a 'green' page, even though you have an infection. In any event, a 'red' page is always an accurate sign of an infection.