Final Day to Remove Malware Virus for Thousands of Internet Users Before Losing Connection in FBI Shutdown on Monday

Tomorrow, Monday the 9th of July, the FBI will be shutting down some domain name servers (DNS) which had served as a safety net for some 277,000 internet users infected with a Malware virus. As a result any computers still infected with the “DNS Changer” malware virus will be unable to connect to the internet. To help, the FBI has provided a link to an approved web site which can identify an infected computer and show you how to remove the virus.

While over on half of the nearly 600,000 computers originally infected by the malware virus have been cleaned, the remaining users, most of who have been send emails and letters from their internet service providers, are still infected. Those users have only one day left to remove the virus before losing their ability to connect to the internet.

What is the DNS Changer Malware Virus and how does it work?

To understand how the virus works, you must first understand how a computer connects to the internet. Every web site on the internet resides on another computer, referred to as a web server. Each web server has a unique numerical address, called an IP address, on the internet that looks something like this 198.255.255.0. Instead of having to type a number like that into your web browser every time to wanted to go to a web site, there is an intermediate step.

Around the world there are a number of computers called DNS (domain name servers). Each server has a master list of domain names (like Amazon.com for example), and the corresponding IP address. All of the DNS machines talk to each other to keep the list updated. When someone types a web address into their web browser, that request is sent to a nearby DNS server which then matches the request to the appropriate IP address and forwards the user to the correct web site.

The DNS Changer Malware sent every internet request from the infected computers through the DNS server of the malicious criminal hackers, who were arrested by a joint international team including the FBI last November. The DNS server of the hackers routed computers through a number of fraudulent pay-per-click advertising schemes defrauding advertisers out of millions of dollars.

If the FBI had shut down the servers over half a million infected internet users would have lost connection. Instead the agency continued to manage the servers, now routing traffic correctly, as a temporary safety net until the infected computer owners could be notified and the virus removed. On Monday however the FBI is shutting down the servers. Infected computers will still try to connect through these servers and therefore will not be able to connect to the internet.

How to check your computer and remove the DNS changer malware virus

To find out if your computer is infected by the malware virus, the FBI recommends a free web site which checks your computer by seeing if your connection currently goes through the DNS servers used by the hackers. If not, it will tell you that your computer is OK. If instead your connection is going through one of the servers now controlled by the FBI, it means that you have the malware on your computer, and the site tells you how to remove the malware from your computer as well. The web site for the malware check and removal is: http://www.dcwg.org/.

About D Robert Curry

D Robert Curry - with over 2 decades of experience in the IT sector and an avid aviator, Mr. Curry covers all Science & Technology and Aviation realted news stories. drcurry@newstaar.com