Worldwide DNS malware? DCWG detection website?
 

I recently came across an article in my local paper about this website that checks if ones DNS settings have been changed by malware. There was a big cyber criminal ring that was messing with DNS settings on computers all over the world.

this is the site; http://www.dcwg.org/detect/

I went through the test on my windows xp home service pack 2 pc, & it shows as green for ok. But the website says it could still be infected.

It says one needs good anti virus software on their pc. Right now I have avast running. I use superanti spy ware to run spyware scans.

Is there any other programs or things that I should do? The website says if your computer is infected, you will not be able to get internet access after 7-9-2012.

It also sounds like you've been "Fox Newsed" in a way. Maybe not by Fox directly, but with their tactics. You take a humdrum topic, or even something that people need only be aware of, and then spin it in Chicken Little (THE SKY IS FALLING!!!) style. The result is panic, outrage, confusion, etc -- exactly where these people want you. Don't fall for it.

DNS exploits have been around for at least a decade now. Most target the HOSTS file on a computer, while others go after network card settings. One of the more annoying malwares in recent years has been the "Google redirect" problem, where browser profiles have been exploited. Firefox was the one most commonly targeted.

At the server level, DNS poisoning was a big issue back in 2007-2008.

DNS is still a very vulnerable system, due to the non-implementation of DNSSEC (secure DNS). If you read any of the details on why developers disliked SOPA (and all the other various BS House/Senate bills aimed at so-called "anti-piracy"), one of the biggest problems was that it made DNS more vulnerable in the process, and would have prevented DNSSEC in the future.

This DCWG.org site is owned by an individual, and not a security company. As such, take its advice as the advice of a single person, and not as that of an authoritative body. Furthermore, several of the sites appear to be owned by a non-entity named "Vixie Freehold". It may just be a group of self-proclaimed internet police/experts, as opposed to a verifiable qualified organization.

A malware from 2010 (Alureon) -- long ago accounted for by 2012 anti-malware protection software -- is claimed to be responsible.

As far as I'm concerned, the website is nothing more than a farce.

In terms of actual security...

SuperAntiSpyware is okay, Avast is okay. Note that I've written "okay" -- not excellent.

If you want current excellent software, there's three that I would suggest for Windows home/office computers:

• Kaspersky Internet Security ($80/year) or Anti-Virus ($60/year) --- remember to look for coupons on our site as sometimes it's on sale!
• MalwareBytes Pro ($25/one-time)
• Symantec Endpoint Protection (Small Business Edition two-license basic $70/year) for small networks or servers

My personal laptop uses MalwareBytes Pro ($25) with Comodo Personal Firewall (freeware).

And I've been using Endpoint Protection on the local network workstations and the localnet server, which helps prevent malware from "system hopping", should one of them become infected.

For Mac, look at Kaspersky or Sophos. (Note that Sophos has a basic free edition, too!)

Do you think I need to buy one of those softwares listed?

& if I get one, you say current excellent, will it be any good in a few years?

& if I get one, will I have to/should I disable/uninstall avast that I have running now?

isn't it best to have just one malware protection software running at a time?

what do you think to the July 9th 2012 date that site gave? it said that if your computer is infected, you will not be able to access the internet after this date, & they have a list of program or downloads that one can get for their computer if the sites tests confirm an infection.

the site also said that even if your PC comes up uninfected, it still could be because the government had given out temporary safe DNS addresses & they will stop giving clean DNS addresses after July 9th.

this did have me concerned, as I may take an online class this summer, so internet access is a must for me, that is how I have been able to go back to school.

The lifespan of most anti-malware software is about one to two years.
- Some companies put out a great product, but then neglect it.
- Some companies put out a great product, but then the next version is horrible (resource hog, ineffective, etc).
- Some companies put out a great product, and then stay that way -- but this is rare.

If you're not extremely tech-savvy, and this is a computer that's used online frequently, I'd pay for the known-best software.
$50 now (give or take) is a better deal than a hosed-over computer that needs professional service to even function again.

You're essentially paying $2 to $4 monthly for "computer insurance" by buying security programs.

The whole 2012 deadline thing sounds ridiculous. From what I read, authorities confiscated the computers used by the malware writers, and then proceeded to let the servers run in a "clean mode" for the benefit of infected users. When those servers get cut off, infected users will go offline. That's nothing to worry about. If you're infected -- which is sounds like you're NOT -- then you just buy something to clean it. (I'd wager that Windows update has already solved this long ago, with the Malicious Software Removal Tool that MS pushes out monthly to desktop and server users. I run it monthly here.)

Kaspersky (Windows) and Sophos (Mac) are excellent. :thumb:

Ok, thanks for the info, I do not have windows update turned on because it kept trying to update the PC while I was in the middle of something, it would start a countdown of the computer needing to be restarted to take affect.

It also kept bugging me for windows service pack 3, of which caused a meltdown of the PC before, & had to have the hard drive replaced.

right now, I just have the free edition of avast running. If I buy something like Malware bytes pro, do I need to disable avast? or would I have to uninstall avast? I was told having more than one malware program at a time running can cause problems on a PC.

Run Windows update manually -- turn off the annoying auto-update feature.
Don't install SP3. You can choose updates manually as well, and you can skip updates you don't want.

Running more than one anti-virus/anti-malware program can cause issues. But that's not always true. For example, you can probably run MalwareBytes alongside Avast, along with Comodo Personall Firewall. Each of them has a different primary task. If you do run into issues, then I'd uninstall Avast at that time. But not before.

Under-protected is bad.
Overprotected is bad.
But there's a middle area of slightly over/under protected, or even "just right", that you want to aim for.
A little overlap is fine -- it's when you have aggressive software and lots of overlap that you run into major performance/stability issues.

As an update -- since July 2012 has now passed -- this "issue" came and went with little more than a whimper.

Moving forward, just keep yourself secured.
If you're using Windows Vista or Windows 7, Microsoft Security Essentials is another excellent anti-malware freeware from MS.
I'm running that on Windows 7 and Windows Vista computers here.