Can SEP client detect "DNSChanger" virus ?
| Article:TECH182966 | | | Created: 2012-03-05 | | | Updated: 2012-07-28 | | | Article URL http://www.symantec.com/docs/TECH182966 |
Problem
Can Symantec Endpoint Protection detect the virus "DNSChanger"?
Solution
SEP can detect the DNS Changer which Symantec named as Trojan.Flush.K.
The latest detections of Trojan.Flush.K is added in the definition February 17, 2012 revision 004.
The Symantec Endpoint Protection and AntiVirus are not able the restore the DNS configuration.
More detail info about this virus, please refer the below link.
http://www.symantec.com/security_response/writeup.jsp?docid=2007-011811-1222-99
http://www.symantec.com/security_response/writeup.jsp?docid=2007-011811-1222-99&tabid=2
Further information can be found on the Security Response Blog.
DNSChanger Fraud Ring Busted
http://www.symantec.com/connect/blogs/dnschanger-fraud-ring-busted
Check to See if Your Computer is Using Rogue DNS
https://forms.fbi.gov/check-to-see-if-your-computer-is-using-rogue-DNS
Information about the DNS-Changer (Federal Bureau of Investigation)
http://www.fbi.gov/news/stories/2011/november/malware_110911/DNS-changer-malware.pdf
To test your system(s) whether they affected by DNS Changer, you can test the DNS configuration for example on the following websites:
Anti-Botnet
http://dns-changer.eu/
Deutsche Telekom / Bundesamt fuer Sicherheit in der Informationstechnik (Federal Office for Security in Information Technology)
http://www.dns-ok.de/
|
|
Article URL http://www.symantec.com/docs/TECH182966
Terms of use for this information are found in Legal Notices
Thank you.