YOU COULD LOSE YOUR INTERNET CONNECTION ON 08 MARCH.

Some time ago, a specific Trojan infection called DNSServer was found on many computers. This malware redirected Internet connections on infected machines to phony servers where the criminal operators used bogus ads to collect "pay per click" advertising revenues. Estimates are that the criminal ring collected about $14,000,000 by this fraud.

When the ring was broken, operation of the phony servers was taken over by the FBI, under a court order, and since that time the Internet connections from infected machines have been re-redirected to appropriate real servers.

The court order, however, only allowed the FBI to leave the servers online until 08 MARCH 2012. If the servers are shut down, those still infected will lose NEARLY ALL ABILITY TO CONNECT TO THE INTERNET.

The original estimates were that "more than 500,000 computers in the US" were infected. Since there appear to be "about 450,000" infected computers still online, the FBI has asked the court for permission to continue operation of the servers "to allow more time for cleanups."

Most Internet Security advisors are recommending that the shutdown proceed as scheduled.

It appears that most infections were on "mainframe" systems at large corporations and government agencies (apparently including the FBI). Distribution of the Trojan appears to have been "International" in scope (but the FBI doesn't care about those elsewhere?) That makes it somewhat unlikely that individual users are likely to find this Trojan on their computers, unless they access a corporate/government network, or have traded files with someone who does.

The latest update (that I've seen) is at:

Feds ask judge to keep infected computers online
Security experts disagree, argue clean-up deadline of March 8 should be kept
By Matt Liebowitz, Security News, 23 Feb 2012

U.S. government officials have asked a federal judge in New York to extend a looming deadline that could knock as many as half a million computers infected with the 'DNSChanger' Trojan offline on March 8.
The March deadline was set following last November's "Operation Ghost Click, " an FBI bust of an Estonian cybercrime gang responsible for infecting at least 500,000 computers in the U.S. with DNSChanger, a Trojan that netted the crooks $14 million by enabling them to reroute Web traffic to rigged sites and collect the advertising revenue.

Determining whether YOUR COMPUTER might be infected is trivially simple. The above article includes a link to a (US) "test site" that displays a single icon with a RED background for infected machines, or with a different color if you're not infected. (If you're infected you'll be redirected and will go to the phony site that displays the RED background. (Don't worry, since if you're infected you've been going there a lot, and the FBI runs it now and you can trust them(?)). If not, you go to a real/normal site with the GREEN background.)

Indications are that in the (probably rare) case you are infected, removal of this Trojan is NOT SIMPLE, but the article linked above gives some help on things to do.

Additional removal help is also given in the earlier:

FBI May Block Your Internet Access Beginning March 8
17 February 2012
Matt Liebowitz, SecurityNewsDaily Staff Writer
In the last step of an international effort to break up an Estonian cybercrime ring, the FBI is planning to switch off bogus domain-name servers formerly controlled by the criminals on March 8, potentially disabling Web access for hundreds of thousands of users still infected by the criminals' malware.

John