Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: dns poisoning?


28 Mar 2014   #1

windows7 home premium
 
 
dns poisoning?

I've two pc's on the network; 1 is windows7, the other XP. The network aslo has a couple of wifi clients (phones and laptops)
Anyways; I've had it a couple times now, where the home page (google.ca) loads to an adobe update page that insists on having me download an exe for update. This page url is showing Google
I've scoured the pc and could not find anything; same with results with pcs2(xp).
I did solve this by ipconfig /flushdns on both pc's and rebooting the router.
Everything works again?
Then a couple of days later, this problem returns.
Is my dns being poisioned, and how? Any Idea's. I'm pretty certain there are no viruses on both of the systems I'm using, and the router is locked down with passwords.

My System SpecsSystem Spec
.

28 Mar 2014   #2

Windows 7 Pro. 64/SP-1
 
 

It may not be a virus.
If it was my computer I would use these two programs.

http://www.bleepingcomputer.com/download/adwcleaner/

Malwarebytes : Malwarebytes Anti-Malware FREE

Let us know if anything was found.
My System SpecsSystem Spec
28 Mar 2014   #3

windows7 home premium
 
 
already ran malwarebytes

No findings; I'm usually pretty good with indentifying crap and removal. I've rest browsers to default; cleared caches, and ran virsu scans via safe mode.
Out of options
My System SpecsSystem Spec
.


28 Mar 2014   #4

Windows 7 Pro. 64/SP-1
 
 

Did you try adwcleaner from Bleeping Computer?
My System SpecsSystem Spec
28 Mar 2014   #5

windows7 home premium
 
 
tried adware now

It found some things and removed them...stuff like search conduit, which I think were old entries from a long time ago.
After reboot; adware scan says clean.
Funny thing I've noticed; even though my hompegae comes up fine for now; If I type in the web address bar http://yahoo.com, I recieve that annoying adobe update page....so the problem still exists.

I'm not sure if this is external dns (a router problem) or internally manipulated dns (my system infected)
My System SpecsSystem Spec
28 Mar 2014   #6

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by raylward102 View Post
~~~
...the home page (google.ca) loads to an adobe update page that insists on having me download an exe for update.
~~~
I did solve this by ipconfig /flushdns on both pc's and rebooting the router.
~~~
I would be tempted to go ahead with the download and then upload it to virustotal... but that is just me. You might not feel comfortable doing that.

You can disable the service named DNS Client on XP and Windows 7. You will never miss it. Then there will be no DNS cache to be poisoned or flushed. It is not the kindest thing to do to your DNS provider, but it should not cause any problems while you are troubleshooting this issue. You might also consider pointing your DNS to OpenDNS.

If the redirects still happen while the DNS Client is disabled, then you might want to consider scanning the computers while the operating system is not running (offline) What is Windows Defender Offline?

Sometimes these offline scanners take a while - so plan to run them overnight.


I don't pretend to understand the output of the command...
nslookup -d google.ca
...but you might want to compare that info when the redirect is and is not happening.
My System SpecsSystem Spec
28 Mar 2014   #7

W7 Pro SP1 64bit
 
 

Quote   Quote: Originally Posted by raylward102 View Post
~~~
I'm not sure if this is external dns (a router problem) or internally manipulated dns (my system infected)
Can you test without the router turned on?
e.g. plug one computer directly into whatever jack the router normally connects to.
My System SpecsSystem Spec
28 Mar 2014   #8

Windows 7 Pro. 64/SP-1
 
 

Another suggestion.
Go to Adobe's website and check and see if you need Adobe updated.
If you need a update take it.
You will notice that during updating Adobe give you a choice whether you want further updates auto, remind me of updates ect. Select which one.

If you select remind me you will keep getting the reminder until you update.

Another place to look is msconfig Startup and Services and see if you have Adobe Updater checked marked.
My System SpecsSystem Spec
28 Mar 2014   #9

windows7 home premium
 
 
I'm an IT specialist fyi

Adobe updates prompt for update by application windows only!; not web pages.
Msconfig has been explored; no changes.
I'm stumped. System seems to function correctly on all levels except for the stated issue
My System SpecsSystem Spec
28 Mar 2014   #10

Windows 7 Pro. 64/SP-1
 
 

Did you check with Adobe site and see if you need the Adobe update??
I'm not a IT specialist may I still make suggestions.
My System SpecsSystem Spec
Reply

 dns poisoning?




Thread Tools



Similar help and support threads for2: dns poisoning?
Thread Forum
DNS cache poisoning attack shutting down my internet and keep on comin System Security
bitmap poisoning+ idk Network & Sharing
Solved Detected DNS cache poisoning attack. System Security
Searching for images on Bing? Beware malicious search engine poisoning Security News
ARP cache poisoning attack System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:25 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33