A new worm named Worm.Rorpian.E is noticed to be spreading all over the Internet and actively infecting PC users on the network. This threat acts as a DHCP server, application which manages the connectivity of the network computers, and forges the local DNS servers to resolve all the requests to a malicious IP in Romania. It is known to use network shares, a couple of old, critical vulnerabilities for its distribution.
The way you can get infected with Worm.Rorpian.E and make your machine act as a rogue DHCP server is through malicious link offering to “update your browser’(see the picture below). This “browser update’ leads computer to malware: a php script fetches virus from the server and names it as updbrowser[date].exe. Infamous TDSS rootkit and other is installed because of this worm additionally, so PC starts redirecting its victims and makes victim’s browsing complicated.
Never click on the “Update your browser’ button! If you have noticed search engine’s redirect virus, follow this redirect virus removal guide. Additionally, check the source of the rogue DHCP server and isolate the PCs that are affected. After you have used redirect virus removal guide, install reputable anti-spyware (Spyware Doctor recommended) and run a full system scan to prevent infiltration of other pieces of malware.