Severity scale:  

Remove (Virus Removal Instructions) - updated Jan 2021

removal by Gabriel E. Hall - - | Type: Malware is the DNS hijacker that redirects to malicious websites and compromises Windows system settings DNS hijacker is a DNS hijacker[1] that is similar to DNS Unlocker and overrides targeted machine's TCP/IP protocols in order to change the behavior of a trustworthy DNS server. Affected users report that they are unable to access certain sites, as well as some applications, such as Steam,[2] are unable to start. This is a malware that changes router or modem settings and can reset other preferences on the system, so uninstallation and removal become difficult.

Questions about

Websites that users can connect to are filled with advertisements and are loading very slowly. Most victims think that their modems or other hardware is at fault, and do not suspect any type of cyber infection. However, users should be aware that malware needs to be eliminated to regain normal operation of the device. According to reports, this issue affects only Comcast (the largest internet provider in the United States) users.

Type DNS hijacker
Category Malware
OS affected Windows, Mac
Infiltration Malicious links, spam email attachments, malware-ridden websites, etc.
Elimination Use reputable security software
Optimization To retrieve default system settings, use ReimageIntego

Users do not often understand how malware gets injected into their machines. Bad actors are well aware of that, that is why they are using phishing to gain monetary benefit from innocent users.

If you are wondering how virus entered your machine, it is most likely that this happened due to your cybersecurity negligence. Please read our tips below to find out how to eliminate DNS hijack, fix these settings and prevent attacks in the future.

DNS hijack issue is something users are not that familiar with, and they are often left baffled why aren't their Google Chrome, Internet Explorer, Mozilla Firefox or Safari browsers are still redirecting them to questionable sites and slow down the machine. Additionally, removal proved to be a tough nut to crack for most users.

Utopia virus creates frustration and becomes a nightmare for people that encounter this threat on their machines. You need to alter various settings including registry entries and browser preferences to end all the malicious and unwanted processes. This is not an easy virus to fight, so rely on professional tools to get back to the virus-free machine. is malware that changes DNS settings and prevents users from visiting certain web pages and considerably slows down the machine

Those who have become victims of DNS hijack report the following:

  • Inability to access certain websites;
  • Inability to go back to default hardware/software settings;
  • Major slowdown in the operation of the machine;
  • Rerouting to suspicious websites;
  • Inability to open several applications installed on the device;
  • Altered error message display.

Furthermore, users who are affected by virus are most likely excessively tracked by bad actors. This might include not only non-personally identifiable information but also sensitive data like credentials. Thus, security experts[3] highly recommend not to enter any personal details while the DNS settings are hijacked.

Utopia nacks modems wi-fi networks and even servers to hijack the system and configure the settings. When the access is changed devices cannot connect to the Internet properly. Malware infects modems, in most cases, but all these changes can lead to more severe damage to the infected computer or further malware infiltrations.

When virus gets on the system it can spread trojans, malware, or even crypto-extortion based viruses, so make sure to get rid of this hijacking tool as soon as possible to avoid these additional changes and danger. Users complain about the difficult removal process, so we have a few tips below the article.

Because the DNS hijacking could be related to malware, we highly advise users scanning their machines using anti-malware software. If anything is found, make sure you remove and other hack-related entries. Then, you can restore your device's settings and repair system damage with the help of ReimageIntego. is the site that exposes the user to malicious pages and can lead to severe malware infections if left untreated.

To avoid malware you should practice safe web surfing

As we already mentioned, the computers' operator is almost always at fault when it comes to malware infections. Reasons can vary from pure laziness to lack of knowledge. Thus, if your machine got infected, you should first eliminate the threat and then make sure stay extra careful when browsing the internet.

To avoid malware infections, please follow these security tips:

  • Employ security software – this is a must to any computer user;
  • Do not get tricked by phishing emails – malicious actors often use social engineering to enable malware;
  • Stop visiting suspicious sites, including porn, file-sharing, torrent, and similar;
  • Update your software on a regular basis, as security patches fix vulnerabilities that can be abused by malware;
  • Use strong passwords for each of your accounts.

Eliminate malware and go back to normal browsing

If your browser has been slowing down, your programs crashing, and you have been dealing with similar issues, you might address them to failing hardware. However, if you have noticed these or any other changes on your PC, it is time to scan it using anti-malware software like ReimageIntego, SpyHunter 5Combo Cleaner, or Malwarebytes and perform removal.

Viruses can do a wide array of damage and can act differently, depending on what it is programmed to do. Therefore, you will most likely won't be able to remove virus without professional help.

Retrieve your DNS settings after the hack

As soon as removal is performed, you should fix DNS hack by restoring DNS settings on your computer. Please follow these steps explaining how to fix DNS settings on Windows:

  • Open Control Panel and go to Network and Internet > Network and Sharing Center > Change Adapter Settings
  • Right-click on your internet connection and pick Properties
  • Locate Internet Protocol Version 4 (TCP/IPv4) and click on Properties
  • Tick the Obtain an IP address automatically and Obtain DNS server address automatically

Alternatively, you can use Google's DNS service[4] that does not show spoofed results, which are and For IPv6, users can use 2001:4860:4860::8888 and 2001:4860:4860::8844.

To fix DNS settings on Mac, follow these tips:

  • Go to System Preferences on your Mac computer and select Network option;
  • Choose Wi-Fi, Ethernet or other Network preference and click the Advanced button;
  • Click on the DNS tab and then click twice on the DNS address you need to change;
  • Make sure that the results added to the DNS service are and;
  • Click OK and Apply to finish the procedure.

do it now!
Reimage Happiness
Intego Happiness
Compatible with Microsoft Windows Supported versions Compatible with OS X Supported versions
What to do if failed?
If you failed to remove virus damage using Reimage Intego, submit a question to our support team and provide as much details as possible.
Reimage Intego has a free limited scanner. Reimage Intego offers more through scan when you purchase its full version. When free scanner detects issues, you can fix them using free manual repairs or you can decide to purchase the full version in order to fix them automatically.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Reimage, try running SpyHunter 5.
Alternative Software
Different software has a different purpose. If you didn’t succeed in fixing corrupted files with Intego, try running Combo Cleaner.

To remove, follow these steps:

Remove using Safe Mode with Networking

Enter Safe Mode with networking to remove malware:

  • Step 1: Reboot your computer to Safe Mode with Networking

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Safe Mode with Networking from the list Select 'Safe Mode with Networking'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Networking in Startup Settings window. Select 'Enable Safe Mode with Networking'
  • Step 2: Remove

    Log in to your infected account and start the browser. Download ReimageIntego or other legitimate anti-spyware program. Update it before a full system scan and remove malicious files that belong to your ransomware and complete removal.

If your ransomware is blocking Safe Mode with Networking, try further method.

Remove using System Restore

You can disable the virus by using System Restore:

  • Step 1: Reboot your computer to Safe Mode with Command Prompt

    Windows 7 / Vista / XP
    1. Click Start Shutdown Restart OK.
    2. When your computer becomes active, start pressing F8 multiple times until you see the Advanced Boot Options window.
    3. Select Command Prompt from the list Select 'Safe Mode with Command Prompt'

    Windows 10 / Windows 8
    1. Press the Power button at the Windows login screen. Now press and hold Shift, which is on your keyboard, and click Restart..
    2. Now select Troubleshoot Advanced options Startup Settings and finally press Restart.
    3. Once your computer becomes active, select Enable Safe Mode with Command Prompt in Startup Settings window. Select 'Enable Safe Mode with Command Prompt'
  • Step 2: Restore your system files and settings
    1. Once the Command Prompt window shows up, enter cd restore and click Enter. Enter 'cd restore' without quotes and press 'Enter'
    2. Now type rstrui.exe and press Enter again.. Enter 'rstrui.exe' without quotes and press 'Enter'
    3. When a new window shows up, click Next and select your restore point that is prior the infiltration of After doing that, click Next. When 'System Restore' window shows up, select 'Next' Select your restore point and click 'Next'
    4. Now click Yes to start system restore. Click 'Yes' and start system restore
    Once you restore your system to a previous date, download and scan your computer with ReimageIntego and make sure that removal is performed successfully.

Finally, you should always think about the protection of crypto-ransomwares. In order to protect your computer from and other ransomwares, use a reputable anti-spyware, such as ReimageIntego, SpyHunter 5Combo Cleaner or Malwarebytes

Do not let government spy on you

The government has many issues in regards to tracking users' data and spying on citizens, so you should take this into consideration and learn more about shady information gathering practices. Avoid any unwanted government tracking or spying by going totally anonymous on the internet. 

You can choose a different location when you go online and access any material you want without particular content restrictions. You can easily enjoy internet connection without any risks of being hacked by using Private Internet Access VPN.

Control the information that can be accessed by government any other unwanted party and surf online without being spied on. Even if you are not involved in illegal activities or trust your selection of services, platforms, be suspicious for your own security and take precautionary measures by using the VPN service.

Backup files for the later use, in case of the malware attack

Computer users can suffer from data losses due to cyber infections or their own faulty doings. Ransomware can encrypt and hold files hostage, while unforeseen power cuts might cause a loss of important documents. If you have proper up-to-date backups, you can easily recover after such an incident and get back to work. It is also equally important to update backups on a regular basis so that the newest information remains intact – you can set this process to be performed automatically.

When you have the previous version of every important document or project you can avoid frustration and breakdowns. It comes in handy when malware strikes out of nowhere. Use Data Recovery Pro for the data restoration process.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

If this free removal guide helped you and you are satisfied with our service, please consider making a donation to keep this service alive. Even a smallest amount will be appreciated.

Contact Gabriel E. Hall
About the company Esolutions

Removal guides in other languages

Your opinion regarding