Thousands of PC users worldwide may find themselves without an Internet connection on Monday after the FBI nixes any PC with latent malware still on it.
The malware, known as DNSChanger, was a Trojan spread by Estonian cyber-criminals that redirected users' Internet navigation to hacker-created sites that generated $14 million in advertisements.
The FBI took down the six Estonian nationals in "Operation Ghost Click" last November. The agency set up temporary surrogate servers that were eventually manned by the Internet Systems Consortium. But the FBI is pulling the plug on the temporary servers on July 9, and any remaining infected computers will be left stranded without email, Facebook, Twitter, YouTube -- we could go on, but you'd have a heart attack.
The DNSChanger Working Group believes at least 350,000 computers are still infected. While it may be worth delving into the intricacies of how the DNSChanger misidentifies servers and redirects your computer, what you really want to know is if your computer is infected.
Here are two ways to check:
1) Log into Google or Facebook. Both sites have been taking the lead in notifying users of computers infected with DNSChanger. If you've seen this on Facebook, or this on Google, you're infected.
2) Check out the DNSChanger Working Group's online tool, which scrubs up your IP address to see if you're infected. You can visit the site here.
What if you're infected? There are three routes you can take:
1) If you were in the market for a new PC anyway, back up your vital files and junk the sick one sitting on your desk. It's as good an excuse as any to drop a few hundred bucks on a new machine.
2) Back up your files, reformat your hard drive and reinstall Windows. Check out the company's instructions here.
3) The DNSChanger Working Group compiled a list of free removal tools you can download and run. Again, make sure you back up.
Best of luck.
To contact the editor, e-mail: