CIS - Trojan DNSChanger

There is an FBI report out today re: March 8, 2012 “Kill Switch” to eradicate trojan DNSChanger. Is the latest version of CIS 2012 protected from this trojan? I was unable to find any discussion regarding this on the forum. (Not that it isn’t there, or CIS isn’t protected…I just didn’t find any discussion.)

March 8, 2012 ??? :o ;D

That’s when the FBI are apparently considering running the “Kill Switch” to command the DNSChanger network to shutdown. And this action could “break” infected PC’s Internet connection.

Example Article [] WARNING - a Mercury Radio Arts (Glenn Beck) site!

edit: Site Warning added for BoredNow and like minded members. Plus wording changed due to source, the last I heard the FBI were still mulling this over. :)

Thanks, Kail! :-TU

Glenn Becks site??

I don’t know (is it?). I picked it because it was the first one on a search that had the right info.

PS Being a Brit, Glenn Beck doesn’t mean much to me. :slight_smile:

PPS On looking at this little further… yes, it’s a Mercury Radio Arts (Glenn Beck) site. It also seems that most of the other sites carrying this story currently seem to be of a similar… um… persuasion and/or related agenda type. Which may, or may not, indicate something… to someone, somewhere… somehow at some point. :slight_smile:


This was a tweet I got yesterday:

FBI might shutdown the Internet on March 8


Yes, I saw that too. It seems that the over-stated headlines of a few articles spawned their very own articles. Cool huh?

To get back on topic: Does CIS detect/prevent DNSChanger? I’ve not heard about it on the forums, so I suspect it does. Anybody else?

First of all, I really hope Comodo is protected from this new ‘Trojan’ because I have it (Comodo) on my computer and my sandbox is currently set to block anything it doesn’t recognize from executing unless I give it permission to.

Second, not to get off topic too much, but I know a lot of people don’t like Glenn Beck and I can respect that, but most of what he said was right. In fact, he warned us that since the internet is the only thing not controlled by the government, that they would in fact try to control it. First, they launched Sopa and Pipa, now they are talking about letting the fbi and others probe all of our facebook and twitter accounts so that they will see everything we do

actually ive seen this topic already in avira blog

looks like i should haved posted it or shared it here also ;D
when i read it

doesn’t this sound a little odd that they shutdown the internet for users with a virus that just redirects users to fraudulent malicious sites via the dns with ads that if clicked the criminals gets money? shuting them down just stops the spread of the virus but doesn’t prevent the virus being mad so that when everyones internet is back on that was infected can just get a new version of the virus and those who still have internet connection could just make a similar virus or have the virus on a flash drive to put it back on the internet on different servers and start spreading again from scratch. not to mention that has been countless viruses that accomplish the same thing by corrupting the host file to do the same thing and i’m sure this isn’t the first virus to accomplish this by changing the dns servers either. so why is the government getting involved for this wimpy virus when there are much more sophisticated viruses out there used to still government data, why focus on the “protection” of everyday users who can easily get rid of it themselves if they put some security on there computer and do updates like they should and stay away from sketchy sites or just have good security that blocks it to begin with. what i’m saying is it’s the users responsibility to educate and protect there computer from normal everyday viruses like dnschanger not the governments. they need to deal with things that threaten the country like things that try to steal government info and send it to terrorist or other countries. the gov needs to stay out of the everyday user security for computers business. why do they care so much about this little virus or am i missing something that reveals this virus to be more serious then i currently understand?

Half of Fortune 500s, US Govt. Still Infected with DNSChanger Trojan

“Computers still infected with DNSChanger are up against a countdown clock. As part of the DNSChanger botnet takedown, the feds secured a court order to replace the Trojan’s DNS infrastructure with surrogate, legitimate DNS servers. But those servers are only allowed to operate until March 8, 2012. Unless the court extends that order, any computers still infected with DNSChanger may no longer be able to browse the Web.”

A ‘poster’ over at The Blaze has it figured out… ;D

[attachment deleted by admin]

why are gov computers infected with this in the first place, they should have better security than that. also if they replaced the Trojan’s DNS infrastructure with legit DNS then why would they put a deadline on how long they can be used in the first place?

i assume it is for those who are infected

so they would have time to change their dns and repair it (in case they weren’t given the memo)

Here’s some more detailed information behind DNSChanger and the associated “FBI shutting down the Internet” story (which, given the article cited below seems a little bit of a stretch… to put it very mildly).

  [url=]500,000 zombie PCs imperiled as expiration of court order approaches[/url] []