Yes, known variants will be detected by the DATs. Here's a (slightly paraphrased) comment from the McAfee Labs Product Manager:
"Detection for known DNS changer variants have been in thedats for months. The special Stinger is needed in cases where the malware has been removed but the rogue DNS entries remain on the system. One can use the special Stinger, or go to www.mcafee.com/dnscheck - a site that was setup to scan and repair machines with rogue DNS entries."
Looks like the signature has been in the DAT (since (6170) for a while now
I would have thought a full system scan would pick it up.
Thank you for that information...at least I have something that will detect this.....