NEWS ANALYSIS: While the chances of any of your computers having an active DNS Changer malware infection are remote, you should still check to make sure your system is clean and confirm that somewhere along the line your DNS settings didn’t get changed.
The DNS Changer malware has been all over the
news during the last couple of days, and with good reason. If you havent
checked that your computers are malware-free and fixed an apparent DNS Changer
infection, you wont be able to use the Internet very easily come Monday, July
Monday is the day that the FBI pulls the plug
on the Domain Name System (DNS) servers that have been kept running as a safety
net for people who were infected by the malware, and as a result were being
directed to bogus DNS servers.
When the servers are taken offline July 9,
the only way youll be able to access the Internet if youre affected is to
type in the actual IP address because your computer wont be able to resolve
addresses. Fortunately, its easy to tell if youre affected, and the problem
is easy to fix. Heres what you need to do.
First, visit the Website of the DNS Changer Working Group
where youll see a
description of the DNS Changer and what it does. Youll also see a green button
that is labeled Detect. On that page, youll see a chart listing sites around
the world that will tell you whether your computer is resolving DNS addresses
properly. The site for the United States is www.dns-ok.us
and it has a simple interface that presents a green square if your computer is
resolving IP addresses properly.
You should note that when I tried the U.S.
site only two of the four browsers on the test computer would actually load it.
Firefox and Internet Explorer worked fine, Google Chrome and Apple Safari did
not. Neither would load the address at all. Note that this test was done on a
machine running a 64-bit version of Windows 7. Other computers have delivered
results with various browsers.
If for some reason youre not able to get the
site to load, try the European site at http://dns-changer.eu
which I found works more reliably. Note that the European site will record the
operating system and browser that youre using.
If you get the all-clear, youre probably
done. While its possible that your ISP is redirecting the bogus DNS requests
for you, youll still get to the Internet. If you want to be totally certain,
either check your computers DNS settings manually or have your IT department
check them. Note that in addition to the sites listed by the DCWG, other sites
including Google and Facebook will alert you if you appear to be having DNS
problems related to malware.