The FBI has said more than 277,000 computers may be infected worldwide, with at least 64,000 in the United States.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their online surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
The malware has been around since 2007, according to Brian Rivers, an information security officer for the University of Georgia. However, it started making the news last November when the FBI raided several cyber criminal operations and shut down their servers.
Agents realized if they turned off all the malicious servers, many victims would suddenly lose Internet service. So the FBI hired a private company to install clean Internet servers to take over the servers to prevent the shutdown. But this temporary system will be shut down around 12:01 a.m. EDT on Monday.
Michael Bentley, owner of Bentley PC, a mobile computer shop that serves Carroll County and several other west Georgia and metro counties, said many computer owners have had the virus on their machines for a long time.
“The first thing they may notice Monday is that they can’t get on the Internet anymore,” Bentley said. “They may get something like an Error 404 message on their screen, a tell-tale sign they’ve lost Internet connection.”
He said that a DNS server is like an Internet post office, where all the letter addresses, such as www.google.com, are translated into the numeric addresses to go out on the Web and connect with the proper websites.
“The malware infection is like a terrorist who went into the post office, took it over and started intercepting all the mail,” he said. “It still looks like the post office to your computer and you trust it. You think you’re on the website you’re seeking, but it’s really a rogue website. The criminals use it to intercept personal information about yourself.”
Rivers suggests first running an FBI program which can detect if the malware is on your computer. The FBI program can be accessed at www.dns-ok.us. If it gives you an OK, your machine is not infected.
If you do find an infection, the next step is to call your Internet service provider (ISP) who can offer advice on steps to clean up the malware and the false information it has put on your computer.
“Then use a free malware removal tool, such as Microsoft’s Security Scanner of MalwareBytes’ Anti-Malware, to clean up your computer,” Rivers said.
People continuing to have problems may want to contact a computer repair shop that has anti-virus services.
“I recommend that everyone scan their computers at least once a year,” Bentley said. “There’s so much new stuff created every day. You should have your computer checked by an expert at least once a year.”
He also suggests installing a good anti-virus software that can keep a regular watch on the computer.
To check and clean computers, go to http://www.dcwg.org
Rivers recommends the following websites for checking out your computer and removing malware:
• Check for the DNS Changer at http://www.dns-ok.us
Recommendations for Malware Removal Tools:
• Microsoft’s Security Scanner, http://www.microsoft.com/security/scanner/en-us/default.aspx
• MalwareBytes’ Anti-Malware, http://www.malwarebytes.org
The FBI’s document that explains how to detect and fix the DNS Changer issues: