{"id":690,"date":"2012-05-04T17:41:22","date_gmt":"2012-05-04T17:41:22","guid":{"rendered":"http:\/\/microsoftgeek.com\/?p=690"},"modified":"2012-05-04T17:41:22","modified_gmt":"2012-05-04T17:41:22","slug":"dealing-with-the-dnschanger-worm","status":"publish","type":"post","link":"https:\/\/microsoftgeek.com\/?p=690","title":{"rendered":"Dealing with the DNSChanger Worm"},"content":{"rendered":"<p>You&#8217;re here because your computer is infected with the DNSChanger worm. Back in late 2011, the FBI took                 over operation of malicious servers used by DNSChanger that are providing you with a critical Internet                 service called DNS. The FBI will be shutting down these servers on <em>July 9, 2012<\/em>, at which point your Internet                 will no longer work. To ensure uninterrupted Internet access, simply follow these three steps:<\/p>\n<h3>1. Clean and repair your machine<\/h3>\n<p>First you need to remove the DNSChanger infection from your computer.                 <a href=\"http:\/\/www.dcwg.org\/fix\/\">The DNS Changer Working Group<\/a> has <a href=\"http:\/\/www.dcwg.org\/fix\/\">some                 recommendations on how to fix your computer<\/a> if you are infected. Do this before you take step 2 and switch to OpenDNS.<\/p>\n<h3>2. Update your DNS settings<\/h3>\n<p>Now that you&#8217;ve removed the DNSChanger malware, it&#8217;s time to set your DNS properly.  Generally, you have two \t\t\t\tchoices \u2014 you can use the DNS servers provided by your ISP (usually these DNS servers are assigned automatically) or \t\t\t\tuse a third-party DNS service.<\/p>\n<p>We are one such provider of DNS services, focused on security and speed, but there are others such as Google \t\t\t\tDNS and DNS Advantage.<\/p>\n<ul>\n<li>\n<h4><a href=\"https:\/\/store.opendns.com\/setup\" target=\"_blank\">Instructions for OpenDNS \u00bb<\/a><\/h4>\n<\/li>\n<li>\n<h4><a href=\"https:\/\/developers.google.com\/speed\/public-dns\/docs\/using\" target=\"_blank\">Instructions for Google DNS \u00bb<\/a><\/h4>\n<\/li>\n<li>\n<h4><a href=\"http:\/\/www.dnsadvantage.com\/switch\/index.html\" target=\"_blank\">Instructions for DNS Advantage \u00bb<\/a><\/h4>\n<\/li>\n<\/ul>\n<p>If you want to use the DNS servers provided by your ISP you will have to contact them for the specific instructions \t\t\t\ton how to configure them.<\/p>\n<h3>3. Arm yourself with knowledge<\/h3>\n<p>For more information about DNSChanger, please visit the following resources:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.dcwg.org\/\" target=\"_blank\">The DNSChanger Working Group<\/a><\/li>\n<li><a href=\"http:\/\/www.opendns.com\/www.fbi.gov\/DNS-changer-malware.pdf\" target=\"_blank\">Information about DNSChanger from the Federal Bureau of Investigation (FBI)<\/a><\/li>\n<li><a href=\"http:\/\/reviews.cnet.com\/8301-13727_7-57392756-263\/operation-ghost-click-dns-servers-to-remain-online-until-july\/?tag=txt;title\" target=\"_blank\">Background on DNSChanger from CNET<\/a><\/li>\n<\/ul>\n<p>DNSChanger&#8217;s malicious DNS servers were being used to  automatically and involuntarily convert the DNS settings of                 millions of people around the world, then using that  control to redirect valid URLs to malicious sites. Some reports                 even claim that more than half of the Fortune 500  companies showed signs of infection and it&#8217;s said that the crime                 ring operating DNSChanger profited $14 million in stolen  funds.<\/p>\n<p>The FBI took over the servers, but realized fast they couldn&#8217;t simply shut them down. To do that would immediately                 take all infected Internet users offline, as without DNS it&#8217;s as though the Internet doesn&#8217;t work.<\/p>\n<p>Instead the FBI and other invested groups have  campaigned for infected people to switch their DNS proactively                 to a secure service like OpenDNS before they finally  discontinue operation of the servers. The final date for you                 to do this is July 9, 2012, but today is even better.<\/p>\n<h3>Who is OpenDNS?<\/h3>\n<p><a href=\"http:\/\/www.opendns.com\/\" target=\"_blank\">OpenDNS<\/a> is the world&#8217;s largest and most \t\t\t\ttrusted provider of secure DNS.  Tens of millions of people around the world \u2014 in homes, 1 in \t\t\t\t3 U.S. public schools and Fortune 10 enterprises, alike \u2014 rely on OpenDNS every day for safe, \t\t\t\tfast and reliable DNS. When the Conficker virus infected millions, OpenDNS was there to save the day. \t\t\t\tWhen the famed Kaminsky DNS vulnerability was revealed to the world, OpenDNS was the only DNS                 service unaffected. When ISP&#8217;s Internet goes down, people flock to OpenDNS.  And now                 that DNSChanger malware is threatening your Internet security, it&#8217;s a better time                 than ever to make the switch.  You&#8217;ll be glad you did.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>You&#8217;re here because your computer is infected with the DNSChanger worm. Back in late 2011, the FBI took over operation of malicious servers used by DNSChanger that are providing you with a critical Internet service called DNS. The FBI will be shutting down these servers on July 9, 2012, at which point your Internet will [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33,7],"tags":[],"class_list":["post-690","post","type-post","status-publish","format-standard","hentry","category-sec-secops","category-computer-tech-stuff"],"_links":{"self":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/690","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=690"}],"version-history":[{"count":1,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/690\/revisions"}],"predecessor-version":[{"id":691,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=\/wp\/v2\/posts\/690\/revisions\/691"}],"wp:attachment":[{"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=690"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=690"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/microsoftgeek.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=690"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}