Trojan.DNSChanger.ACMB2 is Malwarebytes’ generic detection name for changes made by a type of Trojan on users’ DNS settings on affected Windows systems.
The changes made by the DNS-changing malware can be found in the registry values called NameServer under the keys:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{GUID of the interface}
and
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
Malwarebytes protects users from Trojan.DNSChanger.ACMB2 by using real-time protection to block the Trojans that make these changes.
Malwarebytes blocks Trojan.DNSChanger
Malwarebytes can detect and remove Trojan.DNSChanger.ACMB2 without further user interaction. The removal also takes care of some required actions to undo other changes:
Procedure:
You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.
Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.
On the Quarantine page you can see which threats were quarantined and restore them if necessary.
Select your language