• United States



by John E Dunn

DNSChanger Victims Get Extension Until 8 July

Mar 07, 20122 mins
Consumer ElectronicsData and Information SecuritySecurity

Another 120 days for victims to clean PCs

Companies and individuals infected with the DNSChanger malware have been given a further 120 days to clean their PCs before they are disconnected from the Internet, it has been announced.

An original deadline had been due to expire this Thursday, 8 March, after the FBI took over running of DNS servers involved in the botnet previously operated by Estonian company Rove Digital last November.

Unfortunately, the scale of the bot infections uncovered both of consumers and in large companies forced the FBI to ask for an extension which has now been granted by The US District Court, Southern District of New York.

Infected users – at one point estimated to run to millions including many Fortune 500 companies and parts of the US Government itself – now have until 9 July to clean their computers.

Part of the problem is the challenge of removing DNSChanger, which blocks updates and disables security programs on an infected system.

The recommended option is to reinstall the operating system from scratch, not exactly a helpful piece of advice for non-technical users or anyone that has lost the original system discs.

For larger organisations, this is not a major problem but does mean identifying affected systems and taking the necessary action in time.

The best place for consumers to start is with the website of the DNSchanger Working Group which offers advice on how to check for infection. Information about infections on large IP address ranges can be found from volunteer organisations.

At least one security company has released a downloadable cleanup tool though the safest option is remains a reformat and reinstallation of the system.