On Friday, we reported that on Monday more than 2,45,000 computers throughout the world could face an Internet blackout if the Alureon Malware had infected them and the PCs were not patched. The problem arose because the virus was designed to redirect Internet traffic through rogue DNS servers controlled by criminals and since the DNS servers act like the gateway to the Internet and now that the servers of the criminals are about to get permanently terminated, the computers will not connect to the Internet. If you haven’t already, you should check whether your computer is infected with the virus and fix it. Read on to find out.
Of course, to know if your computer is infected it will be prudent to check the FBI website where details have been given on the Alureon malware and how to check if your computer has been infested. As the malicious software infecting the computer is of the vicious nature, it has been noted that a format is quick safe option, but because the malware can hide in the boot blocks, even a format is not a sure shot solution. Below are some steps to follows:
- The first thing you want to do is make a backup of all of your important files. For this, it is advisable to use a new hard drive on which you should back up all the data rather than on the infected hard drive.
- You should remove the malware and recover your PC from the control of the criminals that distributed it by using all the malware removal tools. (List provided below)
- Once the PC is clean, follow instructions for ensuring that your DNS settings are correct. If you are not using a new PC, you will want to check that your computer’s DNS settings are not still using the DNS Changer DNS servers. Until then, the instructions and screen shots found in step 2 at http://opendns.com/dns-changer are quite good if you want to manually set your DNS settings. You will also have the option to return to using your ISP-provided automatic settings by choosing the “automatically” option (Windows) or deleting any DNS servers listed (MacOS).
- After you have fixed your computer, you will want to look at any home router and make sure it is automatically using DNS settings provided by the Internet Service Provider.
- The DNS Malware does not only target or change the DNS settings, it can also capture keystrokes, and so it will be prudent to check all the bank statements and credit card info, so that everything is safe.
Tools for repairing DNS Violations are as follows:
- Hitman Pro (32bit and 64bit versions) –http://www.surfright.nl/en/products/
- Kaspersky Labs TDSSKiller –http://support.kaspersky.com/faq/?qid=208283363
- McAfee Stinger – http://www.mcafee.com/us/downloads/free-tools/stinger.aspx
- Microsoft Windows Defender Offline – http://windows.microsoft.com/en-US/windows/what-is-windows-defender-offline
- Microsoft Safety Scanner –http://www.microsoft.com/security/scanner/en-us/default.aspx
- Norton Power Eraser – http://security.symantec.com/nbrt/npe.aspx
- Trend Micro Housecall – http://housecall.trendmicro.com
- MacScan – http://macscan.securemac.com/
- Avira – http://www.avira.com/en/support-for-home-knowledgebase-detail/kbid/1199 Avira’s DNS Repair-Tool
Tools for removing Alureon Malware:
- Microsoft’s Safety and Security Center – Microsoft’s authoritative portal for all their security guidance, tools, and capabilities.
- Apple’s Security Page with pointers to keep your MAC safe - Scroll down to the section on “Checking Security in your System.” This has the pointers to insure your MAC is as secure as possible.
- DSL Report’s Security Cleanup FAQ – A community driven self help guide to fix malware problems on your systems.
- Andrew K’s Malware Removal Guide – Andrew K is an individual who share’s his experience on-line. This guide is an often-referenced guide to remediate malware problems on a computer
- Public Safety Canada’a Malware Infection Recovery Guide -The Canadian Public Safety office (publicsafety.gc.ca) has a malware removal guide updated and focused to help the general population
- Australia’s Stay Smart Online Factsheet to help Remove Malware – Stay Smart Online Factsheet 11, Part 1 – You suspect your computer is infected with malicious software – what should I do.
The nature of the malware does not guarantee any fixes. It is dependent on the level of infiltration.