Wednesday, August 22, 2012

SOLVED - Cannot Browse or Ping to Microsoft.com

A friend's XP laptop has this very strange behavior:

  • all other websites work properly, EXCEPT Microsoft.com and other antivirus vendor sites such as Trend Micro, Symantec, etc. Other websites like yahoo.com works perfectly fine
  • PING Microsoft.com cannot resolve, saying "Ping request could not find host microsoft.com..."; but, NSLOOK Microsoft.com resolves IP address
  • using virus removal tools, virus scan FOUND NOTHING
  • HOSTS file checked ok
  • TCP/IP settings good
  • tried repaired WINSOCK, no help

Of course, just the point #1 above already made me feel for sure this is VIRUS INFECTION. But, it didn't leave any trace of malicious codes or signature. So, an important setting has been modified.

After hours of work, this is what I found, which solved my problem: DNS Client service. Stop it.

  1. Right click on My Computer, select Manage
  2. Under Services and Applications, click on Services
  3. On the list, look for the service DNS Client; right click on it and choose Stop

*You may also find the Automatic Updates service not working properly. Try Restart this service.

Now, you should have your Microsoft.com back, as well as other security websites. Time to do your Windows Update, download an antivirus software, get it updates, etc.

Notes: For security-serious users, there's only one thing they will do for a compromised computer, FORMAT AND REINSTALL.

What is DNS Client - http://technet.microsoft.com/en-us/library/cc735833(v=ws.10).aspx
The DNS Client service is the client component that resolves and caches Domain Name System (DNS) domain names. When the DNS Client service receives a request to resolve a DNS name that it does not contain in its cache, it queries an assigned DNS server for an IP address for the name. If the DNS Client service receives the requested address, it stores the name and address in its cache to resolve future requests without having to query the DNS server. All computers that use DNS to resolve domain names (including DNS servers and domain controllers) use the DNS Client service for this purpose.

No comments:

Post a Comment