Last November the FBI busted a four-year-old Estonia-based conspiracy that had infected 4,000,000 computers with DNSCharger malware (or Alureon) that diverted victims to scam sites.
The rootkit malware, delivered as a fake download for Windows or Mac OS X, altered the Domain Name System setting on computers and even some wireless routers.
The infection has such serious consequences that the FBI ordered Internet Systems Consortium (ISC), a nonprofit Netarchitecture firm, to take over and sanitize infected servers on July 9.
There’s a simple check to determine if your computer is infected. Go to www.dns-ok.us. If you see a green background to the image on that page and “DNS Resolution = GREEN,” you’re clean.
If you see red, you have a few weeks to fix the problem. Because DNSChanger disables security programs, you may not be able to fix your system by clicking a scan button in your anti-virus app.
You can use specialized DNSChanger removal tools from firms such as SecureMac or from general-purpose anti-rootkit software such as MalwareBytes’ Anti-Malware or Kaspersky Labs’ TDSSKiller.
The DNS Changer Working Group set up a page with links to manual malware-cleanup instructions from Microsoft and others.
In the worst case, you may have to reinstall you computer’s operating system and software, using either the disks that came with the computer or the recovery partition on its hard drive.
reported by Discovery News April 27, 2012