Time to scan your computer just in case

If you haven’t taken the time to scan your computer for malicious software infections, you may want to do so before Monday.

At 12:01 a.m. EDT, computers infected with the “DNS Changer Trojan” malware will all lose Internet service when the safety net system the FBI has been using to keep them connected to the Internet since last year are shut down.

In the Grand Forks region, though, Internet service providers say they don’t foresee issues with the shutdown.

“I don’t think we’ll be seeing a big problem with our customers,” said Kevin Kargel, a system administrator for Polar Communications, which covers 11 counties in northeast North Dakota. “We’re hoping it will be a nonevent.”

Tom Simmons, senior vice president of Midcontinent Communications, said the company has been taking a proactive approach to the malware issue. The company covers areas of North and South Dakota, including much of the Red River Valley, Minnesota and Wisconsin.

“We’ve indentified 25 business customers and 125 residential customers with the problem,” he said. “We’ll be working through the weekend to contact all of them.”

At its peak, DNS Changer infected an estimated 4 million computers around the world, earning the criminals who developed it some $14 million. The number of infections has since receded.

According to the FBI, there are about 277,000 around the world, down from about 360,000 in April. There are an estimated 64,000 infected computers in the United States.

Fighting infection

Kargel said Polar customers with infected computers will be given instructions on how to correct the problem by changing the Domain Name System settings on their computers.

The DNS is responsible for converting website names into the Internet protocol addresses that computers use to communicate with one another.

DNS Changer changes the DNS settings on infected computers and reroutes Internet traffic to fraudulent servers. The computers then receive ads sold by developers of DNS Changer or are directed to websites of advertisers.

When the FBI arrested the malware’s developers in Estonia and seized the fraudulent servers in November, the agency substituted clean servers so that infected computers would not suddenly lose Internet access.

To find out if your computer is infected, use free online tests offered by the DNS Changer Work Group, the group at the forefront of the malware battle, and other groups. The DCWG’s test is at www.DCWG.org.

If your computer is infected, the DCWG recommends you backup your files first and then use a malware removal tool, such as McAfee Stinger, Norton Power Eraser, Microsoft Windows Defender Offline, MacScan, Kaspersky Lab TDSSKill and Trend Micro Housecall. All are free to download. See links at DCWG’s website.

The DCWG also recommends that you apply more than one removal tool, to ensure that you have completely erased the threat.

Brandi Jewett is a reporter

at the Grand Forks Herald, which is owned by Forum Communications Co.

Tags: news, computers, technology