For a Linksys/Cisco router:

Click on “Applications and Gaming” tab
Select “Port Range Forward”
Enter 3689 in Start and End (External -Internal) also try instead UDP port 5353
Protocol should be both
IP Address should be AppTV
Enable
Save Settings and reboot

Dim objWSHShell As IWshRuntimeLibrary.IWshShell
Dim objOL As Outlook.Application
Dim colInsp As Outlook.Inspectors
Dim strVCName As String
Dim fso As Scripting.FileSystemObject
Dim fsDir As Scripting.Folder
Dim fsFile As Scripting.File
Dim vCounter As Integer

Set fso = New Scripting.FileSystemObject
Set fsDir = fso.GetFolder(“C:\VCARDS”)

For Each fsFile In fsDir.Files

strVCName = “C:\VCARDS\” & fsFile.Name
Set objOL = CreateObject(“Outlook.Application”)
Set colInsp = objOL.Inspectors
If colInsp.Count = 0 Then
Set objWSHShell = CreateObject(“WScript.Shell”)
objWSHShell.Run strVCName
Set colInsp = objOL.Inspectors
If Err = 0 Then
Do Until colInsp.Count = 1
DoEvents
Loop
colInsp.Item(1).CurrentItem.Save
colInsp.Item(1).Close olDiscard
Set colInsp = Nothing
Set objOL = Nothing
Set objWSHShell = Nothing
End If
End If

Next

End Sub

Step 1: Open Chrome, click on the Settings icon, and navigate to Tools -> Extensions.

Step 2: Select the DropinSavings plugin from the list of extensions, and click Uninstall.

** That’s it, DropinSavings plug-in is now uninstalled!

If you installed the Firefox Addon (XPI):

Step 1: Open Firefox, and navigate to Tools -> Add-ons.

Step 2: Select the DropinSavings plugin from the list of add-ons, and click Uninstall.

** That’s it, DropinSavings plug-in is now uninstalled!

If you installed the plugin for other browsers:

Step 1: Click Start, and navigate to: Control Panel.

Step 2: Select “Add/Remove Programs” from the Control Panel. For Windows Vista/7 users, this will be called “Programs/Features”.

Step 3: Select the DropinSavings plugin from the list of software, and click Uninstall/Remove.

** That’s it, DropinSavings plug-in is now uninstalled!

Uninstall from Internet Explorer, Firefox or Google Chrome (PC): Go to the Windows Start Menu and then to Control Panel > Add/Remove(“Programs & Features” in Vista/Windows 7) and click “Remove” next to ‘Yontoo Layers’.

Uninstall from Firefox or Google Chrome (Mac): In the top menu, go to Tools > Add-ons. Select the Yontoo Layers logo and then click Uninstall. Note: You cannot uninstall from PC with these steps, see instructions above for PC.

attrib -h -r -s /s /d c:\*.*

The best way to determine if your computer or SOHO router has been affected by DNSChanger is to have them evaluated by the Boot Networks computer professionals.  

To determine if a computer is using rogue DNS servers, it is necessary to check the DNS server settings on the computer. If the computer is connected to a wireless access point or router, the settings on those devices should be checked as well.

Checking the Computer:

If you are using a Windows computer:

Open a command prompt.

This can be done by selecting Run from the Start Menu and entering cmd.exe or starting the command prompt application, typically located in the Accessories folder within Programs on your Start Menu.

At the command prompt, enter:

ipconfig /all

Look for the entry that reads “DNS Servers……….”

The numbers on this line and the line(s) below it are the IP addresses for your DNS servers. These numbers are in the format of nnn.nnn.nnn.nnn, where nnn is a number in the range of 0 to 255. Make note of the IP addresses for the DNS servers and compare them to the table of known rogue DNS servers listed later in this document. If the IP addresses of your DNS server appear in the table below, then the computer is using rogue DNS.

You can also look for your DNS servers without using the command prompt.

For windows XP machines, click on Start and select My Network Places. Then select Network Connections. In this example, the wireless connection is used.

Click on the connection that is active. This will bring up the Network Connection Status screen. Click on Support and then Details. Check for the values that correspond to the DNS servers.

If you are using an Apple computer, click on the Apple in the top left corner and choose System Preferences. Then, from the Apple System Preferences window, choose Network.

The Apple Network pane will show a number of possible connections on the left side. Choose the one that is active for you and click on the advanced button in the right lower corner. Then choose DNS from the options to show the DNS servers you are using.

Compare whether your computer has DNS servers listed in the number ranges listed below.

Rogue DNS Servers

85.255.112.0 through 85.255.127.255

To make the comparison between the computer’s DNS servers and this table easier, start by comparing the first number before the first dot. For example, if your DNS servers do not start with 85, 67, 93, 77, 213, or 64, you can move on to the next step. If your servers start with any of those numbers, continue the comparison.

67.210.0.0 through 67.210.15.255

93.188.160.0 through 93.188.167.255

77.67.83.0 through 77.67.83.255

213.109.64.0 through 213.109.79.255

64.28.176.0 through 64.28.191.255

If your computer is configured to use one or more of the rogue DNS servers, it may be infected with DNSChanger malware.

Home computers with high-speed Internet connections and office computers typically obtain their IP settings via DHCP from a device on the network. In these cases, the computers are provided with an IP address, default gateway, and DNS server settings. The IP addresses usually fall into one of three ranges of private addresses—192.168.0.0 to 192.168.255.255; 172.16.0.0 to 172.31.255.255; and 10.0.0.0 to 10.255.255.255. In most homes, computers are assigned an IP address in the range 192.168.1.2 to 192.168.1.254, and the default gateway and DNS servers are set to 192.168.1.1. To determine if your computer is utilizing the rogue DNS servers, read the next section, Checking the Router.

If you are unable to locate your DNS server settings, obtain assistance from Boot Networks or a trusted professional.

Checking the Router

Small office/home office routers connect your network of computers and devices to your Internet service provider. The SOHO router may have been purchased and installed by you or installed by your ISP. Linksys, D-Link, Netgear, and Cisco are common SOHO router brands, but there are many others.

The DNSChanger malware is capable of changing the DNS server settings within SOHO routers that have the default username and password provided by the manufacturer. If you did not change the default password at the time the SOHO router was installed, you must check the SOHO router settings.

The procedure to access your SOHO router setting varies by manufacturer, so consult your product documentation. Once you have access to the SOHO router configuration, compare the DNS servers listed to those in the rogue DNS servers table above. If your SOHO router is configured to use one or more of the rogue DNS servers, a computer on your network may be infected with DNSChanger malware.

What Should I Do?

In addition to directing your computer to utilize rogue DNS servers, the DNSChanger malware may have prevented your computer from obtaining operating system and anti-malware updates, both critical to protecting your computer from online threats. This behavior increases the likelihood of your computer being infected by additional malware. The criminals who conspired to infect computers with this malware utilized various methods to spread the infections.

Individuals who do not have a recent back-up of their important documents, photos, music, and other files should complete a back-up before attempting to clean the malware or utilize the restore procedures that may have been packaged with your computer.

The cisco n900 router default username and password to log in to the Web interface is “admin” for both username and password.

Password protect Internet Explorer

Open up Internet Explorer

Click Tools

Click Internet Options

Click on the tab Content

Underneath ‘Content Advisor’, Click Enable

Then click on the tab General

Under ‘Supervisor Password click Create

Make you password then click Ok.

Then Apply and finally Ok