Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can a virus keep you from finding DNS server?


  • Please log in to reply
5 replies to this topic

#1 ldc

ldc

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 08 August 2004 - 03:36 PM

I am trying to fix a Windows 2000 computer that has been infected with multiple Trojans and Viruses.

I think some of the viruses that have infected this computer include
W32/plexus.b@mm, W32/Dumaru-AK, miscellaneous trojans related to these viruses and/or some variant.

These viruses changed the Hosts file on the computer that I'm trying to fix. I can only access websites by using IP addresses.

Through the use of a second computer, I was able to finally download a new dat for McAfee plus I also used their Stinger program. I think all of the recognizable viruses and trojans have been found and removed, but the browser still can't access the web through standard domain names.

I read the tutorial on DNS at this website and tried playing around with the Hosts file and priorities in the registry. I've even tried specifying the DNS server in the ISP settings, but none of this works. Note that adding IPs to the Hosts file does work. Also note that the bad entries have been removed and that 127.0.0.1 localhost has been added to the first line.

Could a virus do some other damage that would prevent me from accessing a DNS server? What can be done to diagnose this problem and to fix it?

Thanks.

BC AdBot (Login to Remove)

 


m

#2 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:33 PM

Posted 08 August 2004 - 11:09 PM

Please run two online virus scans:

http://housecall.antivirus.com/
http://www.pandasoftware.com/activescan/

Then let us know if its working better and what the scans found.

#3 ldc

ldc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:02:33 PM

Posted 09 August 2004 - 03:42 AM

Since this computer cannot access a DNS server, it has very limited Internet access. I essentially have to find the IP address using my other computer (the one I'm using to write this; I use telnet and the host command at a shell prompt) and then enter it into the Hosts file on the damaged computer. I tried, but I couldn't find all the needed IPs.

The down load version is 32M and I only have a dialup. Plus my guess is that the download may require Internet access to get the latest signatures - once again I'd need to know the IP address.

I'm tempted to just reformat this computer's harddrive. Unfortunately, it's not mine and I don't know what needs backing up. So what do I try next?

#4 Guest_brunt_*

Guest_brunt_*

  • Guests
  • OFFLINE
  •  

Posted 09 August 2004 - 09:59 AM

did you try flushing the dns?

#5 ldc

ldc
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  

Posted 11 August 2004 - 02:35 AM

I tried the DNS flush and it didn't help. Thanks for the suggestion any way.

I just put in an order for the Win 2000 sp4 CD (it would have taken forever to download with dialup service). Hopefully this will fix things.

If anyone else has any ideas, please pass them along. Thanks.

#6 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,394 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:02:33 PM

Posted 11 August 2004 - 10:45 AM

If you want to post a hijackthis log in the hijackthis forums we can scan through it and make sure there is nothing there.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users