Quoted:
http://www.wired.com/threatlevel/2012/07/dns-changer-going-dark/
So I got an email from ISP saying I had the malware even though I ran pretty much every anti-virus and malware program out there and came back clean. Anyone else going through this BS? I run servers everyday and know my way around networking. This seems like horse shit.
DNS changer can hide behind some pretty nasty rootkits...
Thing is, the way most Information Assurance works, all traffic is shunted through intrusion detection devices that screen each packet against a set of rules.
DNS changer is really, really easy to spot this way, because what of how DNS changer works. There are a few servers that it uses to hijack your stuff, servers that the FBI confiscated and is running to let people disconnect. The IDS looks for DNS traffic going to those servers. There is no legit reason to send DNs traffic to those servers, so the false positive rates on this are reaaaaly low.
You might want to look into doing a scan from CD. Sounds like your machine is compromised pretty bad.