Stay in Touch
Get sneak previews of special offers & upcoming events delivered to your inbox.
-
Blogs & Forums
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
There was a discussion of this several months ago, but for those who missed it here's a good article that tells you exactly what to check. ("Despite repeated alerts, tens of thousands of Americans may still lose their Internet service Monday, 7/9/12, unless they do a quick check of their computers for malware that could have taken over their machines more than a year ago. --AP Thursday, 7/5/12" -- link to this article at end of post*):
Exorcise Ghost Click from Your PC
Analysis: The FBI just took down a criminal botnet that hijacked more 4 million PCs worldwide. Is your PC among those haunted by Ghost Click?
By Dan Tynan, ITworld Nov 13, 2011 2:35 pm
http://www.pcworld.com/article/243766/exorcise_ghost_click_from_your_pc.html
"...Earlier this week the FBI and international law authorities took down the biggest criminal botnet yet – some 4 million zombie PCs, all controlled by a band of Estonian cyber thieves doing business as an allegedly legitimate company called Rove Digital (no relation to Karl).
Rove performed all kinds of digital malfeasance -- including the sale of fake antivirus software, distribution of malware, replacing legitimate ads on Web sites with their own, and generating fake clicks to pull in ad revenue – while pretending to be a real IT firm.
They did it by distributing malware that took over the Domain Name System (DNS) settings on PCs and network routers. DNS servers translate URLs (like www.itworld.com) into IP addresses (like 66.77.79.139) that can be read by Internet routers. Change the DNS table to match a legit URL with an illegitimate IP address, and you can do all kinds of nasty things to the computers that visit that Web site.
To maximize their reach, Rove hijacked popular sites like iTunes, Netflix, and IRS.gov. The FBI estimates they made at least $14 million through these deeds. But that’s only the money they could find. The actual proceeds are likely an order of magnitude higher.
The Feds estimate that 500,000 of the zombie PCs were located in the US, affecting everyone from individuals to government agencies like NASA.
(I’m pretty sure that at one time I had a computer that was infected with this particular type of malware, known as DNS-Changer. I used to get some insanely strange redirects – like typing Facebook.com into my browser and getting sent to Yahoo instead. Fortunately, that machine has since passed onto the great digital boneyard in the sky.)
How do you know if your machine is one of them? TrendMicro, which aided the FBI in its investigation and had been tracking the activities of Rove and its assorted subsidiaries for more than five years, offers some tips in its CounterMeasures blog.
First, you’ll need to determine the IP address of your DNS server. And yes, it affects Macs as well as Windows machines, so Apple fanboys should pay heed as well. Per TrendMicro’s Rik Ferguson:
On a PC, open the Start menu by clicking the Start button or the Windows icon in the lower left of your screen, in the Search box type “cmd” and hit return (for Windows 95 users, select “Start“, then “Run“).This should open a black window with white text. In this window type “ipconfig /all” and hit return. Look for the entry that reads “DNS Servers” and note down the numeric addresses that are listed there.
On a Mac …click on the Apple icon in the top left of your screen and select “System Preferences“, from the Preferences panel select the “Network” icon. Once this window opens, select the currently active network connection on the left column and over on the right select the DNS tab. note down the addresses of the DNS servers that your computer is configured to use.
You’ll then need to plug that IP address into the FBI’s online database of compromised DNS settings to find out if yours is among them. If it was (unlucky you) the Feds would like you to fill out a victim’s report. You’ll then need to do a virus scan to find and destroy the malware, then contact your ISP to restore the correct DNS settings..."
(*Today's article:
I hope this is helpful! 
*You're signing up to receive QVC promotional email.
Manage Your Account
Find recent orders, do a return or exchange, create a Wish List & more.
Get More with QCard®
Enjoy Your QCard Easy Pay Perk!
Work with Us
Stay Connected
Download Our QVC Apps
This is Shopping Brought to Life.
Privacy StatementGeneral Terms of Use
QVC is not responsible for the availability, content, security, policies, or practices of the above referenced third-party linked sites nor liable for statements, claims, opinions, or representations contained therein. QVC's Privacy Statement does not apply to these third-party web sites.
© 1995-2024 QVC, Inc. All rights reserved. | QVC, Q and the Q logo are registered service marks of ER Marks, Inc. 888-345-5788