But as the date to finally come off, it's time once again, show how you can verify that they are infected and how to eliminate them if they are to be affected by this problem.
Tomorrow, July 9, 2012, the FBI will shut down the DNS servers that supported this virus and those infected with DNSChanger will be without Internet access.
The problem is that the DNSChanger only now will make you feel more definitively why the FBI decided that the day would be July 9 deadline for the operation of servers that supported this malicious network.
It is estimated that there are still about 330,000 computers infected with this trojan and starting tomorrow will be unable to access Internet sites and services it offers to use.
The scheme set up by the network that created the DNSCharger managed to hijack the DNS service in more than 350 000 computers, and thus serve the pages to understand, with the frequency they wanted.
Google and Facebook have been alerting users that detect DNSCharger be with their machines in order to draw attention to this problem and to solve the users as soon as possible, avoiding that tomorrow may be left without Internet access.
After this scheme discovered and arrested the perpetrators, the FBI found itself with the responsibility to maintain these functional systems to prevent all those infected with DNSCharger stay a moment's notice without Internet access. The deadline came and this time the DNS servers that supported the DNSCharger will even be turned off.
What is the DNSChanger?
The DNSChanger is a trojan can redirect user requests to illegal sites. In practice, this malware has the ability to change the DNS settings of our machine by redirecting users to sites with malicious purposes. Imagine for example that your system is infected by this malware, what can happen is that the user to access a particular site (eg facebook.com) may be forwarded to a site unsolicited and potentially illegal.
How do I know if I'm infected by DNSChanger?
The magnitude of this problem is such that many services were created to give advice to users and it was possible to detect in a simple and fast that the computers were infected.
The detection service easier to use is provided by various entities with a reliable and allows simple access to the computer show in question you are infected by DNSChanger.
Then access to the site-www.dns ok.us and see the result of carrying out the test. Should see a picture with green background if they are not infected. If perhaps the bottom is made red, then the computer has changed and DNS should seek a solution to this problem.
There are other services that can be used to check the DNSChanger in your machines. These are maintained by the working group created to solve the problem created by the DNSChanger, called DNSChanger Working Group. See the list below and choose what they want to use:
| URL | Idioma | Mantido por |
| www.dns-ok.us | English | DNS Changer Working Group (DCWG) |
| www.dns-ok.de | German | Bundeskriminalamt (BKA) & Bundesamt für Sicherheit in der Informationstechnik (BSI) |
| www.dns-ok.fi | Finnish, Swedish, English | CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system. |
| www.dns-ok.ax | Swedish, Finnish, English | CERT-FI is the Finnish national reporting point for computer security incidents and information security threats. CERT-FI is also responsible of maintaining the national information security situation awareness system. |
| www.dns-ok.be | Dutch/French | CERT-BE is the primary Belgian contact point for dealing with Internet security threats and vulnerabilities affecting Belgian interests. |
| www.dns-ok.fr | French | Le CERT-LEXSI est la division de veille et d’enquête sur Internet, dédiée à la protection du patrimoine en ligne des organisations. |
| www.dns-ok.ca | English/French | Canadian Internet Registration Authority (CIRA) and Canadian Cyber Incident Response Centre (CCIRC) |
| www.dns-ok.lu | English | CIRCL (Computer Incident Response Center Luxembourg) is the national Computer Security Incident Response Team (CSIRT – CERT) coordination center for the Grand-Duchy of Luxembourg |
| www.dns-ok.nl | Dutch | SIDN (the Foundation for Internet Domain Registration in the Netherlands) |
| dns-ok.gov.au | English | CERT Australia, Stay Smart Online, and Australian Communications and Media Authority joint page on DNSChanger Information |
| dns-changer.eu | German, Spanish, English | ECO (Association of the German Internet Industry) |
| dnschanger.detect.my | Malaysian, English | Hosted by CyberSecurity Malaysia and MYCERT |
| dns-ok.jpcert.or.jp | Japanese | JPCERT/CC - Japan Computer Emergency Response Team Coordination Center |
| www.dns-ok.it | Italiano | Telecom Italia Security Operation Center – IT.TS.SOC |
Hurry up to test and remove the DNSChanger if infected before the servers are turned off and that they are without Internet access.
I am infected with the DNSChanger, how can I eliminate?
The DNSChanger is a trojan like any other and can be eliminated with any proper tool for this purpose. There are several recommended by the working group DNSChanger.
Are the same tools as in most cases they can find to solve similar problems and situations from viruses or other trojans.
Here is the list that the Working Group DNSChanger presentou as possible to be used to remove the DNSChanger:
| Nome da ferramenta | URL |
| Hitman Pro (32bit and 64bit versions) | http://www.surfright.nl/en/products/ |
| Kaspersky Labs TDSSKiller | http://support.kaspersky.com/faq/?qid=208283363 |
| McAfee Stinger | http://www.mcafee.com/us/downloads/free-tools/stinger.aspx |
| Microsoft Windows Defender Offline | http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline |
| Microsoft Safety Scanner | http://www.microsoft.com/security/scanner/en-us/default.aspx |
| Norton Power Eraser | http://security.symantec.com/nbrt/npe.aspx |
| Trend Micro Housecall | http://housecall.trendmicro.com |
| MacScan | http://macscan.securemac.com/ |
| Avira | http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1199 (Avira’s DNS Repair-Tool) |
Choose the tool that gives you most trust and apply it to remove the DNSChanger time of your machines.
If you prefer to manually delete the DNSCharger there are also information provided by the working group DNSChanger. These instructions are recommended only for experienced users and requires some experience.
Here is the list of sites recommended by the DNSChanger Working Group:
| Guia | Como usar | Idioma |
| Microsoft’s Safety and Security Center | Portal da Microsoft para todos os guias de segurança, ferramentas e assistência. | English |
| Apple’s Security Page with pointers to keep your MAC safe | Navegar para a secção “Checking Security in your System.” Tem links para garantir que mantêm o vosso Mac o mais seguro possível. | English |
| DSL Report’s Security Cleanup FAQ | A community driven self help guide to fix malware problems on your systems. | English |
| Andrew K’s Malware Removal Guide | Andrew K is an individual who share’s his experience on-line. This guide is an often referenced guide to remediate malware problems on a computer. | English |
| Public Safety Canada’a Malware Infection Recovery Guide | O Canadian Public Safety office (publicsafety.gc.ca) tem um guia, actualizado, para a remoção de malware e é focado no apoio aos utilizadores gerais. | English |
| Australia’s Stay Smart Online Factsheet to help Remove Malware | Stay Smart Online Factsheet 11, Part 1 – Se suspeita que o seu computador está infectado com software malicioso, o que deve fazer? | English |
They must not forget to safeguard your most important data and make backups of your system before using any of the tools presented.
If you have not found the presence of the DNSChanger in your systems is extremely important that your check. Tomorrow, July 9, 2012, the FBI will shut down the servers that fed the DNSChanger and your care.
After that turn off many thousands of users will be prevented from using the Internet for not having DNS servers that translate into ip's addresses that are placed in the browser or other services.
Available are simple ways to solve this problem. Use them not to have any hitch in your machine. It is expected that by early afternoon tomorrow to begin to experience these problems.
Published By: Pplware
No comments:
Post a Comment