Results 1 to 3 of 3
  1. #1
    New Lounger
    Join Date
    Apr 2012
    Posts
    1
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Post Hundreds of thousands may lose Internet in July

    As of 04/22 & 23/2012, have been seeing notices regarding "Unknown to most, problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down. The FBI is encouraging users to visit a website run by its security partner, www.dcwg.org, that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet." Is it safe to go to www.dcwg.org and check computers for infections?

  2. #2
    Super Moderator satrow's Avatar
    Join Date
    Dec 2009
    Location
    Cardiff, UK
    Posts
    4,492
    Thanks
    284
    Thanked 577 Times in 480 Posts
    Welcome to the Lounge

    The site looks very busy now but it's safe to visit, I'll copy most of the data here in case their congestion continues.

    DNS test page for US-based internet users = http://www.dns-ok.us/

    Local servers to non-US countries = http://www.dcwg.org/detect/
    The following table is a list of all easy “are you infected” sites. It includes the links to the security organizations who are maintaining the sites. Each site has instructions in their local languages on the next steps to clean up possible infections.
    URL Language Maintainer
    www.dns-ok.us English DNS Changer Working Group (DCWG)
    www.dns-ok.de German Bundeskriminalamt (BKA) & Bundesamt für Sicherheit in der Informationstechnik (BSI)
    www.dns-ok.fi Finnish, Swedish, English CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system.
    www.dns-ok.ax Swedish, Finnish, English CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system.
    www.dns-ok.be Dutch/French CERT-BE is the primary Belgian contact point for dealing with Internet security threats and vulnerabilities affecting Belgian interests.
    www.dns-ok.fr French Le CERT-LEXSI est la division de veille et d'enquête sur Internet, dédiée à la protection du patrimoine en ligne des organisations.
    www.dns-ok.ca English/French Canadian Internet Registration Authority (CIRA) and Canadian Cyber Incident Response Centre (CCIRC)
    www.dns-ok.lu English CIRCL (Computer Incident Response Center Luxembourg) is the national Computer Security Incident Response Team (CSIRT - CERT) coordination center for the Grand-Duchy of Luxembourg
    www.dns-ok.nl Dutch SIDN (the Foundation for Internet Domain Registration in the Netherlands)
    dns-ok.gov.au English CERT Australia, Stay Smart Online, and Australian Communications and Media Authority joint page on DNSChanger Information
    dns-changer.eu German, Spanish, English ECO (Association of the German Internet Industry)



    If you are not affected by DNS Changer then do nothing.

    If the Check-Up Site indicates that you are affected then either follow the instructions on that site or go to the “FIX” page.
    Manually Checking if your DNS server have been Changed

    The following pages would help check to manually see if you have DNS Changer DNS servers configured on your computer. Use of the “check up” pages are more effective, but some would want to check manually.

    Checking for DNS Changer on Windows XP
    Checking for DNS Changer on Windows Vista (pending)
    Checking Windows 7 for Infections
    Checking OSX for Infections

    Would my Service Provider Help Me?

    Many service providers are notifying their customers. They are creating help pages that will help you detect and clean up DNS Changer from your system. Here is a partial list. Please contact your SP if you do not see them on the list.
    ISP Page
    AT&T 8 Suggestions for Mitigating and Preventing DNSChanger Malware in your Enterprise - What Can Help You Avoid Being a Victim
    Bell Canada Important information about DNS Changer malware
    CenturyLink CenturyLink DNSChanger Customer Notice
    Comcast DNS Changer Bot FAQ
    COX COX DnsChanger Malware Information
    Verizon Verizon's Virus Help Website for DNS Changer Malware
    The fixes:
    How can you fix, remove, and recover from a DNS Changer Violation?

    Please take immediate steps to safe guard your computer and data if any of the test indicate that you might be violated with DNS Changer. If the Check-Up Site indicates that you are affected then either follow the instructions on that site or run one of the following free tools listed below to remove DNSChanger and related threats:
    Name of the Tool URL
    Hitman Pro (32bit and 64bit versions) http://www.surfright.nl/en/products/
    Kaspersky Labs TDSSKiller http://support.kaspersky.com/faq/?qid=208283363
    McAfee Stinger http://www.mcafee.com/us/downloads/f...s/stinger.aspx
    Microsoft Windows Defender Offline http://windows.microsoft.com/en-US/w...fender-offline
    Microsoft Safety Scanner http://www.microsoft.com/security/sc...s/default.aspx
    Norton Power Eraser http://security.symantec.com/nbrt/npe.aspx
    Trend Micro Housecall http://housecall.trendmicro.com
    MacScan http://macscan.securemac.com/
    Avira http://www.avira.com/en/support-for-...tail/kbid/1199 Avira’s DNS Repair-Tool


    How can I use these tools to clean my computer?

    Each of these tools has instructions for their use. BUT, the best recommendation is to use one of the proven “self help” malware clean up guides – using several tools to insure you clean all the infections from your computer. Most malware will disable your software and anti-virus updates. The procedures below address that problem, using several tools to remove the blocks, remove the malware, and then update your computer.
    Guide How to Use Language
    Microsoft's Safety and Security Center Microsoft's authoritative portal for all their security guidance, tools, and capabilities. English
    DSL Report’s Security Cleanup FAQ A community driven self help guide to fix malware problems on your systems. English
    Andrew K’s Malware Removal Guide Andrew K is an individual who share's his experience on-line. This guide is an often referenced guide to remediate malware problems on a computer. English
    Public Safety Canada’a Malware Infection Recovery Guide The Canadian Public Safety office (publicsafety.gc.ca) has a malware removal guide updated and focused to help the general population. English
    Australia’s Stay Smart Online Factsheet to help Remove Malware Stay Smart Online Factsheet 11, Part 1 - You suspect your computer is infected with malicious software - what should I do? English


    References to Sites on DNSChanger

    The following are validated site with accurate information about DNSChanger and what you can do to check to see if you are violated with the malware and what you can do to remediate the problem.

    INTECO-CERT’s DNSChanger Information page. (Spanish) CERT Australia, Stay Smart Online, and Australian Communications and Media Authority joint page on DNSChanger Information
    Last edited by satrow; 2012-04-23 at 12:04.

  3. #3
    Super Moderator
    Join Date
    Jun 2011
    Location
    New England
    Posts
    4,753
    Thanks
    171
    Thanked 651 Times in 574 Posts
    Quote Originally Posted by TLGFWTX View Post
    Is it safe to go to www.dcwg.org and check computers for infections?
    Yes, it's safe. But that site seems to be experiencing problems today, probably overloaded by users trying to check for infections.

    Bruce

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •