All non Fully Qualified Name requests are redirecting to 220.127.116.11
I am running into an odd issue that I believe to be virus related. Some of our Windows 7 machines are redirecting all of their non-FQDN requests to 18.104.22.168. If you use the FQDN everything works perfectly.
I have checked the hosts and lmhosts files and there are no entries in their other than the Windows Default entries. \
I have run Malware Bytes, Microsoft Security Essentials, Microsoft Malicious Software Removal tool, TDSSKiller, and Symantec Endpoint Protection 11 on two of the machines. Malwarebytes detected the pup.funwebproducts virus on one of the PCs. It found Malware.Trace and PUM.Hijack.DisplayProperties registry entries. They were all cleaned successfully according to MalwareBytes.
The odd thing is that the behavior hasn't redirected web traffic on the PCs. It just seems to be affecting the NETBIOS resolution.
Has anyone else ran into an issue like this and if so how did you fix it?