Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
WASHINGTON (AP) — For computer users, a few mouse clicks could mean the difference between staying online and losing Internet connections this summer.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world. In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
Hundreds of thousands may lose Internet in July - Houston Chronicle (http://www.chron.com/news/article/Hundreds-of-thousands-may-lose-Internet-in-July-3497916.php - broken link)
Operation Ghost Click to turn DNS Changer C&Cs to the dark side.
Updated: 27 Feb 2012
In the news….. The FBI will be losing their court granted hold over the DNS servers in March and they are planning to make them “go dark”. Rather than changing their green lights sabers to red, this will cause any machine still looking to them for IPs to lose their internet connectivity.
Our detections for this threat are called Zlob and Tidserv. Tidserv can be very difficult to remove. If you should discover a machine where we detected it but the log says we were not able to completely remove it you should run Norton version of Power Eraser (http://www.symantec.com/norton-support/1.6/jsp/help-solutions.jsp?lg=english&ct=united+states&product= home&version=1&pvid=f-home&docid=kb20100824120155EN_EndUserProfile_en_us - broken link), so you can be sure to check all the accounts.
Symantec Security Response’s current recommendation:
Monitor your network for the bad DNS IPs, using that to identify any infected clients we may have missed with SEP. If you can re-route traffic, you can reroute these machines to a legitimate DNS server. Regardless, we recommend taking our repair tool to each of these machine and using it to clean them.
Operation Ghost Click to turn DNS Changer C&Cs to the dark side.
Updated: 27 Feb 2012
In the news….. The FBI will be losing their court granted hold over the DNS servers in March and they are planning to make them “go dark”. Rather than changing their green lights sabers to red, this will cause any machine still looking to them for IPs to lose their internet connectivity.
Our detections for this threat are called Zlob and Tidserv. Tidserv can be very difficult to remove. If you should discover a machine where we detected it but the log says we were not able to completely remove it you should run Norton version of Power Eraser (http://www.symantec.com/norton-support/1.6/jsp/help-solutions.jsp?lg=english&ct=united+states&product= home&version=1&pvid=f-home&docid=kb20100824120155EN_EndUserProfile_en_us - broken link), so you can be sure to check all the accounts.
Symantec Security Response’s current recommendation:
Monitor your network for the bad DNS IPs, using that to identify any infected clients we may have missed with SEP. If you can re-route traffic, you can reroute these machines to a legitimate DNS server. Regardless, we recommend taking our repair tool to each of these machine and using it to clean them.
I came to this forum to see if anyone had posted about this. The same story just came out in our local paper this morning. I'm sorry for being so dense, but I'm confused about this message. Do we go to the website mentioned in the article and the OP to check our computer or not? Thanks for any clarification.
I came to this forum to see if anyone had posted about this. The same story just came out in our local paper this morning. I'm sorry for being so dense, but I'm confused about this message. Do we go to the website mentioned in the article and the OP to check our computer or not? Thanks for any clarification.
Actually that page will give you a list of sites to go to to check...
I first heard about this yesterday as well. I went to a site that one of these sites posted which was called DNSChange Eye chart and luckily it appears that my computer is okay. At first I thought this all sounded kinda fishy, maybe because I never understood it and still don't really understand it. But like I said, it appears my computer is safe and that's all that I care about it. One question I had though...wouldn't an antivirus software detect this?
Please register to post and access all features of our very popular forum. It is free and quick. Over $68,000 in prizes has already been given out to active posters on our forum. Additional giveaways are planned.
Detailed information about all U.S. cities, counties, and zip codes on our site: City-data.com.
Please register to participate in our discussions with 2 million other members - it's free and quick! Some forums can only be seen by registered members. After you create your account, you'll be able to customize options and access all our 15,000 new posts/day with fewer ads.
