What did this do to my PC?
in [Security]
|
Prev: Why can I map a local drive if I'm connected to the network butcan't if not?
Next: Is AVG anti-virus free edition or Avast Free Edition better?
From: David H. Lipman on 2 Nov 2009 19:21 From: "Gamer101" <Gamer101(a)discussions.microsoft.com> | I installed malwarebytes and found this little gift on my system: | (Trojan.DNSChanger) | It seem to have messed around with the security center, but im not sure what | it did to it. Does anyone know exactly what it did to my security center? NOTE: The DNSChanger trojan may also have an peer RootKit., The pupose of the trojan is to modify the Domain Name System (DNS) resolution that your PC performs. Instead of using choice or ISP DNS servers, it places malicious servers in the DNS server list instead. Thus redirecting you from legitimate web sites to malicious web sites. Additionally this infector tragets both MAC and PC as well as can modify the DNS table of SOHO Routers if they are not secured properly. To make sure you do NOT have the RootKit, scan your PC with Gmer. http://www.gmer.net/#files -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
From: Andy Medina on 3 Nov 2009 00:46 Removal instructions for Trojan.DNSChanger: http://www.malwarebytes.org/forums/index.php?showtopic=5398 Analysis of Trojan.DNSChanger is at: http://www.symantec.com/business/security_response/writeup.jsp?docid=2007-011811-1222-99&tabid=2 The analysis does not mention any changes to the Security Center. "Leonard Agoado" <len(a)mwswire.com> wrote in message news:%23WE1WnAXKHA.4816(a)TK2MSFTNGP06.phx.gbl... > "Gamer101" <Gamer101(a)discussions.microsoft.com> wrote in message > news:3EEA84DD-A907-412D-ADF8-705318FFDA73(a)microsoft.com... > > >>I installed malwarebytes and found this little gift on my system: >> >> (Trojan.DNSChanger) >> >> It seem to have messed around with the security center, but im not sure >> what >> it did to it. Does anyone know exactly what it did to my security center? > > > Gamer101, > > Sounds like you installed some rogue knockoff instead of the real thing. > > Where did you download this version of "malwarebytes" from? I'm willing > to bet it wasn't from http://malwarebytes.org/ > > xposted to microsoft.public.security.virus for added input. > > > Regards, > > Len Agoado > agoado(a)msn.com
From: Derek Knight on 3 Nov 2009 03:00 "Leonard Agoado" <len(a)mwswire.com> wrote in message news:#WE1WnAXKHA.4816(a)TK2MSFTNGP06.phx.gbl... > "Gamer101" <Gamer101(a)discussions.microsoft.com> wrote in message > news:3EEA84DD-A907-412D-ADF8-705318FFDA73(a)microsoft.com... > > >>I installed malwarebytes and found this little gift on my system: >> >> (Trojan.DNSChanger) >> >> It seem to have messed around with the security center, but im not >> sure what >> it did to it. Does anyone know exactly what it did to my security >> center? > > > Gamer101, > > Sounds like you installed some rogue knockoff instead of the real thing. > > Where did you download this version of "malwarebytes" from? I'm willing > to bet it wasn't from http://malwarebytes.org/ > > xposted to microsoft.public.security.virus for added input. > > > Regards, > > Len Agoado > agoado(a)msn.com > > > Post the report from the MBAM so we can see exactly what it found and where sometimes this is a false positive IF you are on a network or change DNS settings yourself
From: Leonard Agoado on 3 Nov 2009 14:49 "FromTheRafters" <erratic @nomail.afraid.org> wrote in message news:evHvZ2AXKHA.844(a)TK2MSFTNGP05.phx.gbl... > Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he > or she wants to know the consequences of having had that malware. FTR, Upon rereading the OP, I think you're right. Also, David Lipman later responded to the original post in m.p.w.security_admin by suggesting a scan with Gmer. Regards, Len Agoado agoado(a)msn.com
From: "FromTheRafters" erratic on 3 Nov 2009 20:53
"Leonard Agoado" <len(a)mwswire.com> wrote in message news:uplQ86LXKHA.3428(a)TK2MSFTNGP06.phx.gbl... > > "FromTheRafters" <erratic @nomail.afraid.org> wrote in message > news:evHvZ2AXKHA.844(a)TK2MSFTNGP05.phx.gbl... > >> Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he >> or she wants to know the consequences of having had that malware. > > > FTR, > > Upon rereading the OP, I think you're right. > > Also, David Lipman later responded to the original post in > m.p.w.security_admin by suggesting a scan with Gmer. That is quickly becoming a standard practice - "rootkits" must be addressed before anything else in your toolbox can be trusted to work as designed. The term "rootkit" is in the popular lexicon just as "virus" was - its meaning is being shifted and soon we'll be hearing about the "trojan rootkit virus" that caused my brother's laptop to spew black smoke. :o) |