December 27th, 2012, 03:47 PM
Hi, everyone. I've begun having this odd problem with the DNS server on my network. When I NSLookup from the server, it appends my domain name to the ends and resolves every address to 18.104.22.168, which is a malware hosting server.
I've ran multiple scans and removed everything. All the computers on my network also resolve to this, but all http:// traffic gets through fine.
For example, this is how the NSlookup reads:
Thanks in advance.
December 27th, 2012, 10:49 PM
Can you post your zone file for us to look at.
"I don't need to get a life. I'm a gamer. I have lots of lives!"
December 28th, 2012, 11:25 AM
You may have a poisoned cache. Can you clear the cache on the server.
December 28th, 2012, 11:32 AM
Or possibly you're infected with dnschanger virus
Bartender to Rene Descartes "have another beer?" Descartes: "I think not" and he vanished.
December 28th, 2012, 04:18 PM
I've ran every virus scan you can think of, from Sophos to AVG. Even rootkit cleaners. How would I go about clearing the cache? I tried ipconfig /flushdns.
Originally Posted by Doug G
December 28th, 2012, 07:46 PM
On the DNS Server! That will vary with the software used. Since it is a 10.x.x.x number, I presume that it is an internal server that you have access to.
Originally Posted by AbsoZed