What did this do to my PC?

"Gamer101" <Gamer101 RemoveThis @discussions.microsoft.com> wrote in message
news:3EEA84DD-A907-412D-ADF8-705318FFDA73@microsoft.com...


>I installed malwarebytes and found this little gift on my system:
>
> (Trojan.DNSChanger)
>
> It seem to have messed around with the security center, but im not
> sure what
> it did to it. Does anyone know exactly what it did to my security
> center?


Gamer101,

Sounds like you installed some rogue knockoff instead of the real thing.

Where did you download this version of "malwarebytes" from? I'm willing
to bet it wasn't from http://malwarebytes.org/

xposted to microsoft.public.security.virus for added input.


Regards,

Len Agoado
agoado RemoveThis @msn.com

If that's all it found consider yourself lucky.

--


--
"Gamer101" <Gamer101 DeleteThis @discussions.microsoft.com> wrote in message
news:3EEA84DD-A907-412D-ADF8-705318FFDA73@microsoft.com...
>I installed malwarebytes and found this little gift on my system:
>
> (Trojan.DNSChanger)
>
> It seem to have messed around with the security center, but im not sure
> what
> it did to it. Does anyone know exactly what it did to my security center?

Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he or
she wants to know the consequences of having had that malware.

Asking a good question would would help here (or maybe using Google).

IIRC this one can affect your router if not locked down.

"Leonard Agoado" <len RemoveThis @mwswire.com> wrote in message
news:%23WE1WnAXKHA.4816@TK2MSFTNGP06.phx.gbl...
> "Gamer101" <Gamer101 RemoveThis @discussions.microsoft.com> wrote in message
> news:3EEA84DD-A907-412D-ADF8-705318FFDA73@microsoft.com...
>
>
>>I installed malwarebytes and found this little gift on my system:
>>
>> (Trojan.DNSChanger)
>>
>> It seem to have messed around with the security center, but im not
>> sure what
>> it did to it. Does anyone know exactly what it did to my security
>> center?
>
>
> Gamer101,
>
> Sounds like you installed some rogue knockoff instead of the real
> thing.
>
> Where did you download this version of "malwarebytes" from? I'm
> willing to bet it wasn't from http://malwarebytes.org/
>
> xposted to microsoft.public.security.virus for added input.
>
>
> Regards,
>
> Len Agoado
> agoado RemoveThis @msn.com
>

From: "Gamer101" <Gamer101.DeleteThis@discussions.microsoft.com>

| I installed malwarebytes and found this little gift on my system:

| (Trojan.DNSChanger)

| It seem to have messed around with the security center, but im not sure what
| it did to it. Does anyone know exactly what it did to my security center?

NOTE: The DNSChanger trojan may also have an peer RootKit.,

The pupose of the trojan is to modify the Domain Name System (DNS) resolution that your PC
performs. Instead of using choice or ISP DNS servers, it places malicious servers in the
DNS server list instead. Thus redirecting you from legitimate web sites to malicious web
sites.

Additionally this infector tragets both MAC and PC as well as can modify the DNS table of
SOHO Routers if they are not secured properly.

To make sure you do NOT have the RootKit, scan your PC with Gmer.
http://www.gmer.net/#files

--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp

Removal instructions for Trojan.DNSChanger:

http://www.malwarebytes.org/forums/index.php?showtopic=5398

Analysis of Trojan.DNSChanger is at:

http://www.symantec.com/business/security_response/writeup.jsp?docid=2...-011811

The analysis does not mention any changes to the Security Center.

"Leonard Agoado" <len.RemoveThis@mwswire.com> wrote in message
news:%23WE1WnAXKHA.4816@TK2MSFTNGP06.phx.gbl...
> "Gamer101" <Gamer101.RemoveThis@discussions.microsoft.com> wrote in message
> news:3EEA84DD-A907-412D-ADF8-705318FFDA73@microsoft.com...
>
>
>>I installed malwarebytes and found this little gift on my system:
>>
>> (Trojan.DNSChanger)
>>
>> It seem to have messed around with the security center, but im not sure
>> what
>> it did to it. Does anyone know exactly what it did to my security center?
>
>
> Gamer101,
>
> Sounds like you installed some rogue knockoff instead of the real thing.
>
> Where did you download this version of "malwarebytes" from? I'm willing
> to bet it wasn't from http://malwarebytes.org/
>
> xposted to microsoft.public.security.virus for added input.
>
>
> Regards,
>
> Len Agoado
> agoado.RemoveThis@msn.com

"Leonard Agoado" <len.DeleteThis@mwswire.com> wrote in message news:#WE1WnAXKHA.4816@TK2MSFTNGP06.phx.gbl...
> "Gamer101" <Gamer101.DeleteThis@discussions.microsoft.com> wrote in message
> news:3EEA84DD-A907-412D-ADF8-705318FFDA73@microsoft.com...
>
>
>>I installed malwarebytes and found this little gift on my system:
>>
>> (Trojan.DNSChanger)
>>
>> It seem to have messed around with the security center, but im not
>> sure what
>> it did to it. Does anyone know exactly what it did to my security
>> center?
>
>
> Gamer101,
>
> Sounds like you installed some rogue knockoff instead of the real thing.
>
> Where did you download this version of "malwarebytes" from? I'm willing
> to bet it wasn't from http://malwarebytes.org/
>
> xposted to microsoft.public.security.virus for added input.
>
>
> Regards,
>
> Len Agoado
> agoado.DeleteThis@msn.com
>
>
>

Post the report from the MBAM so we can see exactly what it found and where

sometimes this is a false positive IF you are on a network or change DNS settings yourself

"FromTheRafters" <erratic @nomail.afraid.org> wrote in message
news:evHvZ2AXKHA.844@TK2MSFTNGP05.phx.gbl...

> Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he
> or she wants to know the consequences of having had that malware.


FTR,

Upon rereading the OP, I think you're right.

Also, David Lipman later responded to the original post in
m.p.w.security_admin by suggesting a scan with Gmer.

Regards,

Len Agoado
agoado.TakeThisOut@msn.com

"Leonard Agoado" <len.RemoveThis@mwswire.com> wrote in message
news:uplQ86LXKHA.3428@TK2MSFTNGP06.phx.gbl...
>
> "FromTheRafters" <erratic @nomail.afraid.org> wrote in message
> news:evHvZ2AXKHA.844@TK2MSFTNGP05.phx.gbl...
>
>> Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he
>> or she wants to know the consequences of having had that malware.
>
>
> FTR,
>
> Upon rereading the OP, I think you're right.
>
> Also, David Lipman later responded to the original post in
> m.p.w.security_admin by suggesting a scan with Gmer.

That is quickly becoming a standard practice - "rootkits" must be
addressed before anything else in your toolbox can be trusted to work as
designed. The term "rootkit" is in the popular lexicon just as "virus"
was - its meaning is being shifted and soon we'll be hearing about the
"trojan rootkit virus" that caused my brother's laptop to spew black
smoke. )

From: "FromTheRafters" <erratic @nomail.afraid.org>


| "Leonard Agoado" <len.TakeThisOut@mwswire.com> wrote in message
| news:uplQ86LXKHA.3428@TK2MSFTNGP06.phx.gbl...

>> "FromTheRafters" <erratic @nomail.afraid.org> wrote in message
>> news:evHvZ2AXKHA.844@TK2MSFTNGP05.phx.gbl...

>>> Sounds to me like Gamer101 is saying MBAM *found* the trojan, and he
>>> or she wants to know the consequences of having had that malware.


>> FTR,

>> Upon rereading the OP, I think you're right.

>> Also, David Lipman later responded to the original post in
>> m.p.w.security_admin by suggesting a scan with Gmer.

| That is quickly becoming a standard practice - "rootkits" must be
| addressed before anything else in your toolbox can be trusted to work as
| designed. The term "rootkit" is in the popular lexicon just as "virus"
| was - its meaning is being shifted and soon we'll be hearing about the
| "trojan rootkit virus" that caused my brother's laptop to spew black
| smoke. )

LOL "trojan rootkit virus" LOL



--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp