Re: Local machine DNS failure in IE
From: Ace Fekay [MVP] (PleaseSubstituteMyActualFirstName&LastNameHere_at_hotmail.com)
Date: 09/09/04
- Next message: Techpriest: "Use DNS Server to block IPs of bad sites"
- Previous message: Scott Townsend: "Re: Make abc.com and def.com have records automatically? AD Integrated..."
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Messages sorted by: [ date ] [ thread ]
Date: Thu, 9 Sep 2004 11:16:25 -0400
In news:89ae01c49625$14b09650$a301280a@phx.gbl,
anonymous@discussions.microsoft.com <anonymous@discussions.microsoft.com>
made a post then I commented below
> Ace,
>
> Thanks for the response, the issue experienced happened
> all of a sudden and on the one WS since last Thursday.
> The other WS affected either started late yesterday or
> very early this am. On the 1st WS a user was on the net in
> the am then went to go back on after lunch and it wouldn't
> work.
>
> The one thing that is interesting is that the 2 WS this is
> happening on happens to have had the same user surfing on
> them. I suspect the same sites were visited by the user.
> I have cleared out IE but this didn't help.
>
> Two things that I forgot to mention in my origional post
> are IE errors with a "cannot find DNS server" message.
> The other is on boot and intialization of services NAV is
> returning a TCP error code 1003,13 and can't initialize
> email scanning.
>
> It seems to me I am fighting a TCP/IP stack issue that I
> haven't been able to resolve yet that is somehow affecting
> its DNS ability.
>
> I have forced the update of Norton with the latest
> definition tables and ran a virus scan but nothing was
> found.
>
> Does any of this further information trigger any more
> thoughts or suggestions?
>
> Regards
>
> Bill
Yes this does shine some light. I've been dealing with hijacked machines
lately with my clients and this sure sounds like it, especially if the same
user went to the same website. I have one client that goes to orbitz.com
(among many others) that are known spyware and adware sites. Her machine was
completely useless, can't go anywhere, DNS errors in the browser, among many
other things.
If this is as I suspect, the machine needs to be cleaned out using a combo
of Adaware, Spybot, HIjackthis. Check the Run key in the reg to see if
there's anyother stuff than what should be there be default or your current
apps installed on it. If you see oddball stuff and not sure what it is, use
Google to search for it. Hijackthis can create a log that you can upload to
a site that is listed in the help and they can analyze it for you.
You'll have to come up with some sort of policy to stop this in the future.
Adaware Pro is a great tool to lock down machines, in conjunction with AV
software.
-- Regards, Ace Please direct all replies ONLY to the Microsoft public newsgroups so all can benefit. This posting is provided "AS-IS" with no warranties or guarantees and confers no rights. Ace Fekay, MCSE 2003 & 2000, MCSA 2003 & 2000, MCSE+I, MCT, MVP Microsoft Windows MVP - Windows Server - Directory Services Security Is Like An Onion, It Has Layers HAM AND EGGS: A day's work for a chicken; A lifetime commitment for a pig. -- =================================
- Next message: Techpriest: "Use DNS Server to block IPs of bad sites"
- Previous message: Scott Townsend: "Re: Make abc.com and def.com have records automatically? AD Integrated..."
- In reply to: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Next in thread: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Reply: anonymous_at_discussions.microsoft.com: "Re: Local machine DNS failure in IE"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
