How to Remove DNS Hijack 85.255

Written by dustin thornton
  • Share
  • Tweet
  • Share
  • Pin
  • Email
How to Remove DNS Hijack 85.255
(Thinkstock Images/Comstock/Getty Images)

DNS Hijack 85.255 is a particular instance of the Trojan DNSChanger family, a dangerous family of hijack Trojans. These Trojan viruses hijack your network connections and change your DNS so that your browser automatically redirects you to dangerous websites. Symptoms of the DNS Hijack 85.255 include constant redirects to MSN or other unrelated websites and blocked access to the msconfig or system restore utilities. Getting rid of a Trojan DNSChanger requires that you delete certain files, remove associated malware and reset your DNS settings.

Skill level:

Other People Are Reading

Things you need

  • Avenger removal script
  • Malware removal tool
  • Spyware removal tool

Show MoreHide


  1. 1

    Click "Start" and input "Device Manager" into the search bar. Click on "Device Manager" to open Windows device manager.

  2. 2

    Click "View" and select "Show hidden devices."

  3. 3

    Scroll to the "Non-Plug and Play Drivers" and expand the selection using the "Plus" sign. Search through the listing of drivers and look for "TDSSserv.sys," "msqpdxser.sys," "seneka" or "seneka.sys." Right-click the drivers and select "Disable."

  4. 4

    Close the device manager and restart your computer.

  5. 5

    Download and unzip the Avenger removal script on your computer desktop. Start the application and input the following script:

    Drivers to delete: TDSSserv.sys msqpdxserv.sys seneka seneka.sys ndisprot.sys

    Files to delete: C:\Windows\system32\wdmaud.sys C:\resycled\

    Folders to delete: C:\resycled

  6. 6

    Click "Execute" and "Yes" to confirm your selection. Click "Yes" again to run the Avenger tool the next time you start your computer. Click "Yes" once more to restart the computer. Allow the program to run as the computer boots up.

  7. 7

    Download and install a malware removal tool such as Malwarebytes anti-malware. Update the program then run a full anti-malware scan on your hard drive. Remove or quarantine any instances of malware found. Restart your computer.

  8. 8

    Click "Start" and input "ncpa.cpl" into the search bar. Click on "Network Connections" to open Windows network connections.

  9. 9

    Right-click your primary LAN (Local Area Network) connection and select "Properties." Select "Internet Protocol (TCP/IP)" from the list of items and click "Properties." Select "Obtain DNS servers automatically." Click "OK" twice to save your settings and exit the connection properties.

  10. 10

    Click "Start" and input "cmd" into the search bar. Click on "Command Prompt" to open the Windows command prompt.

  11. 11

    Input the following commands, one at a time, and press "Enter" after each:

    cdipconfig /flushdns

  12. 12

    Exit the command prompt and restart your computer.

  13. 13

    Install a spyware removal program, such as Spybot Search and Destroy. Run a full system scan and delete or quarantine any spyware objects found. Restart the computer.

Tips and warnings

  • If using a router, press and hold the reset button on the back for approximately 15 seconds to reset the router DNS. It is possible that the Trojan hijacked the router settings.

Don't Miss

  • All types
  • Articles
  • Slideshows
  • Videos
  • Most relevant
  • Most popular
  • Most recent

No articles available

No slideshows available

No videos available

By using the site, you consent to the use of cookies. For more information, please see our Cookie policy.