this is a synopsis of  an article I just read, I ccant find the link but I know wizard posted something about this scam a while back wiz some help

              DNS Trojan the FBI and you

The rogue DNS servers replaced by the FBI were seized this past November in Estonia following a two-year operation called “Ghost Click” where six Estonians working for Rove Digital were taken into custody by Estonian authorities in what is called the biggest cyber criminal takedown in history and the US is now hoping to extradite them; a Russian suspect said remains at large.

Those captured by the FBI and Estonian authorities used DNS Changer malware to redirect unsuspecting users to rogue servers that allowed them to manipulate users’ web activity. When users clicked on the link for the official iTunes website, for example, they were instead taken to a completely different website that purported to sell Apple software. These criminals, reports the FBI, are believed to have made at least $14 million from the scam

Upon forwarding their information to FBI and Estonian authorities about Rove Digital’s rogue servers, the FSB says in this report, Russian computer security experts sought to reverse the damage done to millions of computers around the world by manipulating the malware used which would have, in essence, neutralized the threat, but were overruled by the Americans who, instead, seized the servers a few days later and appropriated the malware for their “own uses.”

To why the US would not apply a rapid fix to the millions of computers affected by this malware as suggested by Russian experts, and, instead, replace the rogue servers with their own, and then turn around on 8 March and disconnect them all has left many in the Kremlin puzzled and concerned.

The greatest concern, this report says, is the “high potential” for the US to further infect computers without anyone realizing what they are doing so that on 8 March millions of Americans would discover they no longer had access to the Internet, and would not know why.

To effectively engineer an Internet blackout, while at the same time holding themselves blameless, the Ministry says, could be linked to any number of dissident suppression moves known to be being planned by the US which as of 9 February had already jailed at least 6,509 people protesting against the Obama regime

this is a synopsis of  an article I just read, I ccant find the link but I know wizard posted something about this scam a while back wiz some help

Quote

              DNS Trojan the FBI and you

The rogue DNS servers replaced by the FBI were seized this past November in Estonia following a two-year operation called “Ghost Click” where six Estonians working for Rove Digital were taken into custody by Estonian authorities in what is called the biggest cyber criminal takedown in history and the US is now hoping to extradite them; a Russian suspect said remains at large.

Those captured by the FBI and Estonian authorities used DNS Changer malware to redirect unsuspecting users to rogue servers that allowed them to manipulate users’ web activity. When users clicked on the link for the official iTunes website, for example, they were instead taken to a completely different website that purported to sell Apple software. These criminals, reports the FBI, are believed to have made at least $14 million from the scam

Upon forwarding their information to FBI and Estonian authorities about Rove Digital’s rogue servers, the FSB says in this report, Russian computer security experts sought to reverse the damage done to millions of computers around the world by manipulating the malware used which would have, in essence, neutralized the threat, but were overruled by the Americans who, instead, seized the servers a few days later and appropriated the malware for their “own uses.”

To why the US would not apply a rapid fix to the millions of computers affected by this malware as suggested by Russian experts, and, instead, replace the rogue servers with their own, and then turn around on 8 March and disconnect them all has left many in the Kremlin puzzled and concerned.

The greatest concern, this report says, is the “high potential” for the US to further infect computers without anyone realising what they are doing so that on 8 March millions of Americans would discover they no longer had access to the Internet, and would not know why.

To effectively engineer an Internet blackout, while at the same time holding themselves blameless, the Ministry says, could be linked to any number of dissident suppression moves known to be being planned by the US which as of 9 February had already jailed at least 6,509 people protesting against the Obama regime

Info of DNS Changer.

Half of Fortune 500 firms infected with DNS Changer. http://www.computerworld.com/s/article/9223941/Half_of_Fortune_500_firms_infected_with_DNS_Changer?taxonomyId=17
DNS Changer also blocks software updates -- the patches vendors like Microsoft issue to fix flaws -- and disables installed security software.

---

Check your DNS settings. http://127.0.0.1/talk/index.php/topic,2042.msg29265.html#msg29265

Checking for DNS Changer http://www.dcwg.org/checkup.html
DNS Changer viruses DNS Server IPs. http://www.dcwg.org/checkup2.html

Detecting the DNS Changer Malware. http://laws.qualys.com/2012/01/detecting-the-dns-changer-malw.html

NOTE: If you are using a home wifi network, it might be that your computer is ok, but your home router is infected, and has passed on the bad DNS settings to your desktop or laptop. Be sure to check the "Home Routers" instructions link to see if that's the case.

Your router will assign 192.168.X.X or 10.0.X.X as the DNS server to your PC. This means the PC will use the router's DNS to lookup WWW.

So, while you'll NOT see the DNS Changer viruses DNS Server IPs on your PC, it may be the case on your router. SO CHECK IT!!!

---

To save the output of 'ipconfig', to a text file in the root of C drive, use the command as shown in the "Run" dialogue window. Login as Admin first.

ipconfig /all > c:\ipconfig.txt

Some other ipconfig commands to ensure DNS integrity.

ipconfig /displaydns

ipconfig /flushdns

The "/flushdns" will flush the DNS Resolver Cache.