US-CERT encourages users and administrators to ensure their systems are not infected with the DNSChanger malware by utilizing tools and resources available at the DNS Changer Working Group (DCWG) website.
Computers testing positive for infection of DNSChanger malware will need to be cleaned of the malware in order to maintain continued internet connectivity beyond July 9, 2012.
On November 8, 2011, the FBI, NASA-OIG, and Estonian police arrested several cyber criminals in “Operation Ghost Click.” The criminals operated under the company name “Rove Digital,” and distributed DNS changing viruses, variously known as TDSS, Alureon, TidServ, and TDL4 viruses.
Additional information about Operation Ghost Click and the DNSChanger malware is available at the FBI website.
This document can also be found at