09 July 2012

5 free tools to remove Alureon DNSChanger malware

About a quarter-million computer users around the world are at risk of losing Internet access on Monday because of malicious software at the heart of a hacking scam that U.S. authorities shut down last November.

Some blogs and news reports hyped the risk of an outage, warning of a potential "blackout" and describing the Alureon malware as the "Internet Doomsday" virus.

Yet experts said only a tiny fraction of computer users were at risk, and Internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.

But no threat is small if your PC in the one affected. If you are mysteriously unable to login to the Internet this morning, your computer may be one of the quarter-million odd affected by this malware. Here's what you can do to remove this program from your computer.

First, go to this page to check if your PC is infected. With the FBI's temporary servers now offline, you'll have to open the web page from another computer and follow the manual instructions for your operating system. (See: Internet blackout Monday: Check if your PC is infected)

If it turns out the reason you are offline is indeed the Alureon malware and not a faulty Internet connection, here are 5 free tools that will remove the DNSChanger malware from your system. Download them on another PC and copy them to the infected PC using a USB drive or a CD.

1) McAfee Stringer
Remove Alureon/ DNSChanger: Yes
Platform: Windows
Price: Free
Download

2) Kaspersky Labs TDSSKiller
Remove Alureon/ DNSChanger: Yes
Platform: Windows
Price: Free
Download

3) Norton Power Eraser
Remove Alureon/ DNSChanger: Yes
Platform: Windows
Price: Free
Download

4) Trend Micro  House Call
Remove Alureon/ DNSChanger: Yes
Platform: Windows
Price: Free
Download

5) MacScan
Remove Alureon/ DNSChanger: Yes
Platform: Mac OS X
Price: Free for 30-days
Download

Virus could black out nearly 250,000 PCs on Monday


About a quarter-million computer users around the world are at risk of losing Internet access on Monday because of malicious software at the heart of a hacking scam that US authorities shut down last November.
Some blogs and news reports hyped the risk of an outage, warning of a potential "blackout" and describing the Alureon malware as the "Internet Doomsday" virus.
Yet experts said only a tiny fraction of computer users were at risk, and Internet providers would be on call to quickly restore service. They said they considered the threat to be small compared with more-prevalent viruses such as Zeus and SpyEye, which infect millions of PCs and are used to commit financial fraud.
As of this week, about 245,000 computers worldwide were still infected by Alureon and its brethren, according to security firm Deteque. That included 45,355 computers in the United States.
The viruses were designed to redirect Internet traffic through rogue DNS servers controlled by criminals, according to the FBI. DNS servers are computer switchboards that direct Web traffic.
When authorities took down the rogue servers, a federal judge in New York ordered that temporary servers be kept in place while the victims' machines were repaired. The temporary servers will shut down at 12:01 a.m. EDT (0401 GMT) on Monday, which means the infected PCs that have not been fixed will no longer be able to connect to the Internet.
Some US Internet providers, including AT&T Inc and Time Warner Cable , have made temporary arrangements so that their customers will be able to access the Internet using the address of the rogue DNS servers.
Information on how to identify and clean up infections can be found on a website that a group of security firms and other experts set up: http://www.dcwg.org.
"It's a very easy one to fix," said Gunter Ollmann, vice president of research for security company Damballa. "There are plenty of tools available."
Many of the machines that remain infected are probably not in active use since most victims were notified of the problem, said security expert Johannes Ullrich, who runs the Internet Storm Center, which monitors Web threats.
The United States has charged seven people for orchestrating the worldwide Internet fraud. Six were arrested in Estonia, while the seventh, who was living in Russia, is still at large. Tallinn has so far extradited two of the men to New York where they appeared in Manhattan federal court.
The case is USA v. Tsastsin et al, U.S. District Court for the Southern District of New York, No. 11-cr-878.

Stockbroker Ketan Parekh in major stock market scam


A major stock market scam involving big players such as tainted stockbroker Ketan Parekh (KP), apparently banned from trading on the bourses till 2017 by securities market regulator SEBI, has been exposed by the Intelligence Bureau (IB), according to a report by India Today.  
It further says the damaging IB report, submitted to the top officials of the government, suggests that KP and his associates are driving up share prices through the creation of false volumes.
The IB report names companies like Dewan Housing, Goenka Diamond, Orchid Chemical, IVRCL, Pantaloon, TBZ IPO and GMR Infra as targeted by the KP and associates.
Goenka Diamond and Jewels touched an intraday high of Rs 191.35 and an intraday low of Rs 161.65. At 09:20 hrs the share was quoting at Rs 161.65, down Rs 40.40, or 20%. There were pending sell orders of 42,758 shares, with no buyers available. It was trading with volumes of 4,015 shares.
Dewan Housing Finance Corporation touched an intraday high of Rs 177.40 and an intraday low of Rs 169.20. At 09:21 hrs the share was quoting at Rs 173.00, down Rs 9.90, or 5.41%. It was trading with volumes of 12,683 shares.
GMR Infrastructure touched an intraday high of Rs 26.00 and an intraday low of Rs 25.10. At 09:21 hrs the share was quoting at Rs 25.20, down Re 1, or 3.82%. It was trading with volumes of 63,382 shares.
Tribhovandas Bhimji Zaveri touched an intraday high of Rs 118.00 and an intraday low of Rs 112.75. At 09:21 hrs the share was quoting at Rs 113.00, down Rs 6.10, or 5.12%. It was trading with volumes of 22,918 shares.
Pantaloon Retail touched an intraday high of Rs 192.10 and an intraday low of Rs 182.95. At 09:21 hrs the share was quoting at Rs 185.85, down Rs 6.15, or 3.20%. It was trading with volumes of 75,725 shares.
IVRCL touched an intraday high of Rs 52.50 and an intraday low of Rs 51.10. At 09:21 hrs the share was quoting at Rs 51.15, down Rs 1.85, or 3.49%. It was trading with volumes of 77,532 shares.
Orchid Chemicals and Pharmaceuticals touched an intraday high of Rs 124.10 and an intraday low of Rs 118. At 09:21 hrs the share was quoting at Rs 121.00, down Rs 4.35, or 3.47%. It was trading with volumes of 82,453 shares.

Vedanta eyes minor stake in a new India refinery


London-based Vedanta Resources is keen on buying a minority stake in an oil refinery planned in Rajasthan, the Hindustan Times reported on Sunday citing a government statement.
The refinery coming up at Barmer will have an annual capacity of 9 million tonnes and is expected to cost about 200 billion rupees, the report said.
Vedanta founder Anil Agarwal met Ashok Gehlot, the chief minister of Rajasthan state, in New Delhi on Friday, it said.
"Vedanta will support the refinery by having a small stake in the project," the paper quoted a state government statement.
State-run Hindustan Petroleum Corp and Oil and Natural Gas Corp are expected to hold 51% and 26% stake respectively, the report said.
Last year, Vedanta paid USD 8.7 billion deal to acquire a controlling stake in Cairn Energy's India unit , which operates oil fields in Rajasthan state.

06 July 2012

Internet blackout Monday

Internet users across the world have been warned that if they have the "Alureon/ DNS Changer bot" virus on their computers, they will lose their Internet connections July 9.

The virus "spoofs" popular websites in an attempt to steal personal information.

The software found its way into thousands of computers worldwide last year. It redirect users away from trusted websites, towards spoof websites in a bid to steal financial and personal information.

When the attack was noticed, the FBI routed infected machines through its server to stop the attacks. But the servers will be taken down July 9. When this happens, computers still infected are likely to lose their internet connection without warning.

Multiple websites have been setup to check if your computer is infected. One of them is DNS Changer Check-Up (for list of other websites click here). Simply visit the website and if you see green colour, your computer is clean.
Custom Search
Get