I am running into an odd issue that I believe to be virus related.  Some of our Windows 7 machines are redirecting all of their non-FQDN requests to  If you use the FQDN everything works perfectly. 

I have checked the hosts and lmhosts files and there are no entries in their other than the Windows Default entries. \

I have run Malware Bytes, Microsoft Security Essentials, Microsoft Malicious Software Removal tool, TDSSKiller, and Symantec Endpoint Protection 11 on two of the machines.  Malwarebytes detected the pup.funwebproducts virus on one of the PCs.  It found Malware.Trace and PUM.Hijack.DisplayProperties registry entries.  They were all cleaned successfully according to MalwareBytes.

The odd thing is that the behavior hasn't redirected web traffic on the PCs.  It just seems to be affecting the NETBIOS resolution. 

Has anyone else ran into an issue like this and if so how did you fix it?

0 Comments   [ - ] Hide Comments


Please log in to comment

Answer this question or Comment on this question for clarity



The IP is listed all over on various malware lists -


Have you scanned the registry for that IP? Also, have you cleared the NETBIOS cache?

Answered 11/02/2012 by: matthall
Purple Belt

Please log in to comment