Toggle sidebar

Has everyone taken precautions for the DNS changer malware?

  • Some of the links on this forum allow SMF, at no cost to you, to earn a small commission when you click through and make a purchase. Let me know if you have any questions about this.
Remove the Ads for LIFE - 50% Off!
SMF is reader-supported. When you buy through links on our site, we may earn an affiliate commission.
forluvofsmoke

forluvofsmoke

Smoking Guru
Original poster
OTBS Member
Aug 27, 2008
5,170
409
If you haven't yet, you should visit this site: http://www.dcwg.org/

...and run the quick and free check (click language button down below, then, the detect button on the top of the page). I went ahead and downloaded a couple of the free scanning tools available by clicking the "FIX" button to view them (TDSS Killer and Norton Stinger), and found nothing with the 2 separate scans, so I should still be here after the 9th of this month, when the temporary "safe" severs are shut-down.

Just a heads-up if you haven't been watching the news lately. I want you all to still be around so we can share our smokes, tips, methods and get your questions answered...cool?

Eric
 
Last edited:
I don't watch the news and don't read much of it on the internet so this is news to me. I have no idea what you are talking about, what is supposed to happen on the 9th?

Sorry for being so ignorant but SMF has consumed my life,

Dave
 
S2K9K said:
I don't watch the news and don't read much of it on the internet so this is news to me. I have no idea what you are talking about, what is supposed to happen on the 9th?

Sorry for being so ignorant but SMF has consumed my life,

Dave
Click to expand...
x2
 
Well I read about it and still don't really understand it but I ran the scan and it said GREEN
 
Dave, it's described briefly on the site link I posted and there are links to further info on the responsible persons who are in custody as well as how it all came about. Clark Howard's (the money and tech watch-dog dude) appearance on HLN yesterday was a discussion about it...he did a brief tutorial on what's what and how to do the scan, etc...serious crap with internet service. It's on the news again today, as well.

The way I understand it, infected computers will not be able to access internet, or at least, not the web sites they intended to access. The "safe" servers are now operating to allow everyone to do checks. The DNS malware redirects infected computers to malicious servers, if I recall, by changing your computer's DNS settings while hiding in the background, undetected.

This appears to be a serious threat against hundreds of thousands of computer users on a global scale. I would love to hear that this was a made-up scare, but  they're saying they have individuals in custody, and they can't undo what they did because they don't know how to find the computers which are infected, so you have to check it yourself. I'm thinking it's a real threat.

I hear ya about SMF...I don't watch the tube much myself or read the news, either, but if I hear something on the tube when the wife or kids are watching it, I eve's-drop while I'm on the forums and if it's an attention grabber like this was, I try to get the details.

Eric
 
This link is from the original page I posted the link to in the OP, which is a blog, and describes in detail how to find out if your DNS settings on your computer have been changed. If it is not set to detect automatically, but instead has been selected to "Preferred DNS server" and "Alternate DNS server" and lists any of these DNS servers:

EDIT: forgot to post link----  http://blog.eset.com/2012/05/31/dns...rs-going-dark-soon-how-to-check-your-computer
  • 77.67.83.1 – 77.67.83.254
  • 85.255.112.1 – 85.255.127.254
  • 67.210.0.1 – 67.210.15.254
  • 93.188.160.1 – 93.188.167.254
  • 213.109.64.1 – 213.109.79.254
  • 64.28.176.1 – 64.28.191.254
...then, you got the bug. You can switch it back to automatic detection, but the bug is still there if you don't remove it with a tool.

I may be a bit confused about the "safe" temporary servers. I think they (culprits) are routing Internet traffic through these, and then they will shut down. Maybe it's part of their scheme to let everyone think all is well until the servers shut-down automatically and then all the effected computers will go off-line, with no outside support from Internet resources, or, they will be redirected to other fictitious or malicious sites.

Eric
 
Last edited:
What a bunch of A-holes..... some people make me sick! 
 
Yea Eric I read a couple of those articles and kind of understand but the whole internet thing confuses me so I try not to think about it. I can take a car completely apart and put it back together but trying to understand how a computer or the internet work just boggles my mind. I'm a hands on, I gotta see it in action kind of guy!

One thing though, if your computer was infected wouldn't running your recovery disk fix it? I've gotten viruses before and that always did the trick. I don't keep much on here and anything I really want to save I put on an external hard drive.

I will never understand why people put out viruses, do they not have anything better to do with their lives? Maybe they should buy a smoker!
 
S2K9K said:
Yea Eric I read a couple of those articles and kind of understand but the whole internet thing confuses me so I try not to think about it. I can take a car completely apart and put it back together but trying to understand how a computer or the internet work just boggles my mind. I'm a hands on, I gotta see it in action kind of guy!

One thing though, if your computer was infected wouldn't running your recovery disk fix it? I've gotten viruses before and that always did the trick. I don't keep much on here and anything I really want to save I put on an external hard drive.

I will never understand why people put out viruses, do they not have anything better to do with their lives? Maybe they should buy a smoker!
Click to expand...
Yeah, you can wipe your hard disc as a last resort and reload the operating system software and applications if you have them on CD-Rom (purchased separately). Any files you had will be gone forever if you don't back them up. You have to go through all the hoops on-line to download tons of other applications and updates for them as well. Been there, done that, on more than one machine...what a PITA!
DiggingDogFarm said:
The FBI is running the safe temporary servers that'll be shut down on the 9th.

There are several news articles with more detail.


~Martin
Click to expand...
Hey, there ya go! I was researching and checking computer DNS settings on our desktops and lap tops here, and through the whole mess got confused about what the intentions of the individuals who responsible for the malware really are/were, and what protective measures were in place for the Internet. Something about a fictitious string of advertisements or advertising sites...can't remember.

Anyway, confusing as hell, but hopefully, since they got caught, any others might think twice about attempting the same or similar things in the future. I hope they get strung-up by the short and curlys over this mess...no prison sentence would match this crime, IMO.

Eric
 
Thanks Eric - I had used a couple of other sites from a Google search and got the green light from them and this one too - I agree with you on the jail sentence not being good enough for them 
 
DiggingDogFarm said:
Linux here, so it's not a potential problem, thank God!



~Martin
Click to expand...
Martin,  Linux really.... what the hey are you doing with Linux as your software..... I ran a multitasking 'puter in my lab that used Linux  years ago.... some powerful stuff there.... 
S2K9K said:
I don't watch the news and don't read much of it on the internet so this is news to me. I have no idea what you are talking about, what is supposed to happen on the 9th?

Sorry for being so ignorant but SMF has consumed my life,

Dave
Click to expand...
Where else would you rather be ????  Thailand with Phil maybe ??? 
 
"Had your computer been infected with DNS changer malware you would have seen a red background.  Please note, however, that if your ISP is redirecting DNS traffic for its customers you would have reached this site even though you are infected."

hmmm.... now I need to find out if I was redirected by my ISP? How can one find that out?
 
JP61 said:
"Had your computer been infected with DNS changer malware you would have seen a red background.  Please note, however, that if your ISP is redirecting DNS traffic for its customers you would have reached this site even though you are infected."

hmmm.... now I need to find out if I was redirected by my ISP? How can one find that out?
Click to expand...
Go to the link on post #7...OK, here: http://blog.eset.com/2012/05/31/dns...rs-going-dark-soon-how-to-check-your-computer

...and follow the instructions on how to check your DNS settings (it's for Windows O/S). I did on all of ours just as a precaution.

Your ISP should already have gone through the motions to take corrective measures on their end by now. If they have not, then they don't give spit about customers and they're not an ISP I would want to continue using...that would be time for me to find another place to spend my Internet dollars. This particular malware isn't a new threat, from what I gathered. It's probably been kept fairly quite until yesterday, but authorities seem to have had knowledge for quite some time, otherwise the FBI wouldn't have had the safe servers running this long. That said, ISPs should have done something by now...if not, dump 'em.

Eric
 
In this article http://blog.eset.com/2012/05/31/dns...rs-going-dark-soon-how-to-check-your-computer  it says that routers can be compromised as well. That has me thinking because our wireless network at work has been doing weird things lately. Everyone's company laptop used to work fine but lately will connect to the network but not to the internet at work but works fine on any other network, there is a lot of security software on these laptops. Also some peoples personal computers have been being redirected to a website (and now I can't think what it is) that I have never seen and is just basically a white page with the name at the top. This has happened to mine and only at work never at home. This got me thinking that our router might have been compromised, guess I'll find out Monday.
 
You must log in or register to reply here.
SmokingMeatForums.com is reader supported and as an Amazon Associate, we may earn commissions from qualifying purchases.

Similar threads

GaryHibbert
For the Seniors among us
Replies
6
Views
2K
Jokes
Brokenhandle
Brokenhandle
kilohertz
Where's the love for Brinkmann SnP?
Replies
0
Views
837
Charcoal Smokers
kilohertz
kilohertz
Smoking Allowed
A couple of gems from the past
Replies
4
Views
1K
General Discussion
chilerelleno
chilerelleno
6GRILLZNTN
Pulled Pork for Dad
Replies
14
Views
2K
Pork
Fueling Around
Fueling Around
Meniscus
Masterbuilt Portable Charcoal Grill - New Owner w/accessory recommendations for owners (no mods)
Replies
2
Views
6K
Charcoal Smokers
Meniscus
Meniscus
S
80 gallon horizontal offset reverse flow build
Replies
9
Views
5K
Reverse Flow
seenred
seenred
Gonna Smoke
Be Careful What You Ask For...
Replies
17
Views
4K
Woods for Smoking
JWFokker
J
CSR
Long Joke If You Have Time, I Apologize In Advance
Replies
8
Views
6K
Jokes
forktender
forktender

Latest posts

Hot Threads

Top Bottom
Back
Clicky