Skip to comments.Hundreds of thousands must check, fix computers or lose Internet in July due to hacker case
Posted on 04/24/2012 7:08:28 PM PDT by 2ndDivisionVet
For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
The FBI is encouraging users to visit a website run by its security partner, http://www.dcwg.org, that will inform them whether they're infected and explain how to fix the problem. After July 9, infected users won't be able to connect to the Internet...
(Excerpt) Read more at startribune.com ...
It seems like another Y2K scenario..
There is some truth to it.
Go to: http://www.dns-ok.ca/results-en.html and check.
All you have to do is let an FBI affiliate company scan your computer.
What could go wrong with this? After all, it’s the FBI and we can trust them. Like Lon Horiuchi.
I’d be leary of clicking on that sight.
If it’s legit - the info and fix could be shared with our virus/malware protectors.
I’d be suspicious that it’s a link for collecting and connecting us to a gov’t ‘collecting/spying’ set up.
The major antivirus companies say they can handle it.
(assuming this is a real alert)
I ran it from a non-descript work PC and is about 500ms long. It looks for an intentional IP misdirect. Harmless I believe.
You do not need to run any software, used the following command at the CMD:
“ipconfig /allcompartments /all” and
check the ip address
If you any of these addresses you are infected.
check your connection... http://dns-ok.us/
Seems real its a real website with lots of outside links
What is the DNS Changer Malware?
On November 8, the FBI, the NASA-OIG and Estonian police arrested several cyber criminals in Operation Ghost Click. The criminals operated under the company name Rove Digital, and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ and TDL4 viruses. You can read more about the arrest of the Rove Digital principals here, and in the FBI Press Release.
What does the DNS Changer Malware do?
The botnet operated by Rove Digital altered user DNS settings, pointing victims to malicious DNS in data centers in Estonia, New York, and Chicago. The malicious DNS servers would give fake, malicious answers, altering user searches, and promoting fake and dangerous products. Because every web search starts with DNS, the malware showed users an altered version of the Internet.
Under a court order, expiring July 9, the Internet Systems Consortium is operating replacement DNS servers for the Rove Digital network. This will allow affected networks time to identify infected hosts, and avoid sudden disruption of services to victim machines.
How Can I Protect Myself?
This page describes how you can determine if you are infected, and how you can clean infected machines. To check if youre infected, Click Here. If you believe you are infected, here are instructions on how to clean your computer.
A few threads on the subject from the past 3 or 4 days can be found here if anyone is interested in the info thereon.
Norton picks it up as zlop or Tidserv and I'm sure the other AV companies are able to detect it also..
So I'd stay far away from that site..
DNS is how computers find place on the internet by name. It allows you to get to Freerepulic.com with out know it’s IP address all you need to is type in the name. The malware allows the bad guys to redirect you other sites other than what you asked for. They could send to DU instead of here. So when you try to get to your bank you get their site where they try to get your login info. The government has servers that are blocking happening now. They are going away so every ones need to fix their computer first.
“Internet Systems Consortium”??? Who is that?
Bookmarking just in case.
Its close but no cigar..
It does not scan your computer. It just checks the name of the Domain from whence your Ping originated.
If the Domain is from on of those affected then the background of the page you see is red. If the Domain is not affected then the background is green.
Your computer is never touched or scanned.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.