Results 1 to 3 of 3
2012-04-23, 11:15 #1
- Join Date
- Apr 2012
- Thanked 0 Times in 0 Posts
Hundreds of thousands may lose Internet in July
As of 04/22 & 23/2012, have been seeing notices regarding "Unknown to most, problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down. The FBI is encouraging users to visit a website run by its security partner, www.dcwg.org, that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet." Is it safe to go to www.dcwg.org and check computers for infections?
2012-04-23, 12:01 #2
- Join Date
- Dec 2009
- Cardiff, UK
- Thanked 599 Times in 498 Posts
Welcome to the Lounge
The site looks very busy now but it's safe to visit, I'll copy most of the data here in case their congestion continues.
DNS test page for US-based internet users = http://www.dns-ok.us/
Local servers to non-US countries = http://www.dcwg.org/detect/The following table is a list of all easy “are you infected” sites. It includes the links to the security organizations who are maintaining the sites. Each site has instructions in their local languages on the next steps to clean up possible infections.
URL Language Maintainer
www.dns-ok.us English DNS Changer Working Group (DCWG)
www.dns-ok.de German Bundeskriminalamt (BKA) & Bundesamt für Sicherheit in der Informationstechnik (BSI)
www.dns-ok.fi Finnish, Swedish, English CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system.
www.dns-ok.ax Swedish, Finnish, English CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system.
www.dns-ok.be Dutch/French CERT-BE is the primary Belgian contact point for dealing with Internet security threats and vulnerabilities affecting Belgian interests.
www.dns-ok.fr French Le CERT-LEXSI est la division de veille et d'enquête sur Internet, dédiée à la protection du patrimoine en ligne des organisations.
www.dns-ok.ca English/French Canadian Internet Registration Authority (CIRA) and Canadian Cyber Incident Response Centre (CCIRC)
www.dns-ok.lu English CIRCL (Computer Incident Response Center Luxembourg) is the national Computer Security Incident Response Team (CSIRT - CERT) coordination center for the Grand-Duchy of Luxembourg
www.dns-ok.nl Dutch SIDN (the Foundation for Internet Domain Registration in the Netherlands)
dns-ok.gov.au English CERT Australia, Stay Smart Online, and Australian Communications and Media Authority joint page on DNSChanger Information
dns-changer.eu German, Spanish, English ECO (Association of the German Internet Industry)
If you are not affected by DNS Changer then do nothing.
If the Check-Up Site indicates that you are affected then either follow the instructions on that site or go to the “FIX” page.
Manually Checking if your DNS server have been Changed
The following pages would help check to manually see if you have DNS Changer DNS servers configured on your computer. Use of the “check up” pages are more effective, but some would want to check manually.
Checking for DNS Changer on Windows XP
Checking for DNS Changer on Windows Vista (pending)
Checking Windows 7 for Infections
Checking OSX for Infections
Would my Service Provider Help Me?
Many service providers are notifying their customers. They are creating help pages that will help you detect and clean up DNS Changer from your system. Here is a partial list. Please contact your SP if you do not see them on the list.
AT&T 8 Suggestions for Mitigating and Preventing DNSChanger Malware in your Enterprise - What Can Help You Avoid Being a Victim
Bell Canada Important information about DNS Changer malware
CenturyLink CenturyLink DNSChanger Customer Notice
Comcast DNS Changer Bot FAQ
COX COX DnsChanger Malware Information
Verizon Verizon's Virus Help Website for DNS Changer MalwareHow can you fix, remove, and recover from a DNS Changer Violation?
Please take immediate steps to safe guard your computer and data if any of the test indicate that you might be violated with DNS Changer. If the Check-Up Site indicates that you are affected then either follow the instructions on that site or run one of the following free tools listed below to remove DNSChanger and related threats:
Name of the Tool URL
Hitman Pro (32bit and 64bit versions) http://www.surfright.nl/en/products/
Kaspersky Labs TDSSKiller http://support.kaspersky.com/faq/?qid=208283363
McAfee Stinger http://www.mcafee.com/us/downloads/f...s/stinger.aspx
Microsoft Windows Defender Offline http://windows.microsoft.com/en-US/w...fender-offline
Microsoft Safety Scanner http://www.microsoft.com/security/sc...s/default.aspx
Norton Power Eraser http://security.symantec.com/nbrt/npe.aspx
Trend Micro Housecall http://housecall.trendmicro.com
Avira http://www.avira.com/en/support-for-...tail/kbid/1199 Avira’s DNS Repair-Tool
How can I use these tools to clean my computer?
Each of these tools has instructions for their use. BUT, the best recommendation is to use one of the proven “self help” malware clean up guides – using several tools to insure you clean all the infections from your computer. Most malware will disable your software and anti-virus updates. The procedures below address that problem, using several tools to remove the blocks, remove the malware, and then update your computer.
Guide How to Use Language
Microsoft's Safety and Security Center Microsoft's authoritative portal for all their security guidance, tools, and capabilities. English
DSL Report’s Security Cleanup FAQ A community driven self help guide to fix malware problems on your systems. English
Andrew K’s Malware Removal Guide Andrew K is an individual who share's his experience on-line. This guide is an often referenced guide to remediate malware problems on a computer. English
Public Safety Canada’a Malware Infection Recovery Guide The Canadian Public Safety office (publicsafety.gc.ca) has a malware removal guide updated and focused to help the general population. English
Australia’s Stay Smart Online Factsheet to help Remove Malware Stay Smart Online Factsheet 11, Part 1 - You suspect your computer is infected with malicious software - what should I do? English
References to Sites on DNSChanger
The following are validated site with accurate information about DNSChanger and what you can do to check to see if you are violated with the malware and what you can do to remediate the problem.
INTECO-CERT’s DNSChanger Information page. (Spanish) CERT Australia, Stay Smart Online, and Australian Communications and Media Authority joint page on DNSChanger Information
Last edited by satrow; 2012-04-23 at 12:04.
2012-04-23, 12:01 #3
- Join Date
- Jun 2011
- New England
- Thanked 689 Times in 606 Posts