Malware locations found in ipconfig/displaydns

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by Amazon13, Jun 24, 2009.

  1. Amazon13

    Amazon13 Private E-2

    I had never heard about the ipconfig/displaydns until I ran into a problem with my TCP/IP being reset by the Vista OS. I would enter the necessary server addresses and when I log off they were being reset to automatic. No one was able to explain to me at tech support for my computer why this was happening, I was told that I most likely had a virus on my computer. I informed the technician that was not possible because I have the best malware programs available to me that I could have in place and I've received no warnings by any of these programs of such.

    Low and behold I went into Windows Help and Support and searched for Advanced IP Settings DNS/WINS and found the answer there under, How can I see the contents of the DNS cache? I went to the Command prompt window and typed "ipconfig /displaydns" without the quotation marks and pulled up this information that was in the cache as follows!

    Record Name . . . . . : get-zune.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    get-zune.com
    ----------------------------------------
    No records of type AAAA


    gazzretta.it
    ----------------------------------------
    Record Name . . . . . : gazzretta.it
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    gazzretta.it
    ----------------------------------------
    No records of type AAAA


    gaxzzetta.it
    ----------------------------------------
    Record Name . . . . . : gaxzzetta.it
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    gaxzzetta.it
    ----------------------------------------
    No records of type AAAA


    extreme-downloads.de
    ----------------------------------------
    Record Name . . . . . : extreme-downloads.de
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    extreme-downloads.de
    ----------------------------------------
    No records of type AAAA


    errorsmart.com
    ----------------------------------------
    Record Name . . . . . : errorsmart.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    errorsmart.com
    ----------------------------------------
    No records of type AAAA


    ebahy.it
    ----------------------------------------
    Record Name . . . . . : ebahy.it
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    ebahy.it
    ----------------------------------------
    No records of type AAAA


    www.downloadsglobe.com
    ----------------------------------------
    Record Name . . . . . : www.downloadsglobe.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.downloadsglobe.com
    ----------------------------------------
    No records of type AAAA


    www.download.antispywarebot.com
    ----------------------------------------
    Record Name . . . . . : www.download.antispywarebot.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.download.antispywarebot.com
    ----------------------------------------
    No records of type AAAA


    couldnotfind.com
    ----------------------------------------
    Record Name . . . . . : couldnotfind.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    couldnotfind.com
    ----------------------------------------
    No records of type AAAA


    cookingluck.com
    ----------------------------------------
    Record Name . . . . . : cookingluck.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    cookingluck.com
    ----------------------------------------
    No records of type AAAA


    citycodec.com
    ----------------------------------------
    Record Name . . . . . : citycodec.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    citycodec.com
    ----------------------------------------
    No records of type AAAA


    apps.deskwizz.com
    ----------------------------------------
    Record Name . . . . . : apps.deskwizz.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    apps.deskwizz.com
    ----------------------------------------
    No records of type AAAA


    adatoms.com
    ----------------------------------------
    Record Name . . . . . : adatoms.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    adatoms.com
    ----------------------------------------
    No records of type AAAA


    acrobat-stop.com
    ----------------------------------------
    Record Name . . . . . : acrobat-stop.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    acrobat-stop.com
    ----------------------------------------
    No records of type AAAA


    www.zjkjw.gov.cn
    ----------------------------------------
    Record Name . . . . . : www.zjkjw.gov.cn
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.zjkjw.gov.cn
    ----------------------------------------
    No records of type AAAA


    zapros.com
    ----------------------------------------
    Record Name . . . . . : zapros.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    zapros.com
    ----------------------------------------
    No records of type AAAA


    yoogle.it
    ----------------------------------------
    Record Name . . . . . : yoogle.it
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    yoogle.it
    ----------------------------------------
    No records of type AAAA


    www.xbxxrvnyes.com
    ----------------------------------------
    Record Name . . . . . : www.xbxxrvnyes.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.xbxxrvnyes.com
    ----------------------------------------
    No records of type AAAA


    www.www-spybot-info.com
    ----------------------------------------
    Record Name . . . . . : www.www-spybot-info.com
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.www-spybot-info.com
    ----------------------------------------
    No records of type AAAA


    www.www-spybot.net
    ----------------------------------------
    Record Name . . . . . : www.www-spybot.net
    Record Type . . . . . : 1
    Time To Live . . . . : 86400
    Data Length . . . . . : 4
    Section . . . . . . . : Answer
    A (Host) Record . . . : 127.0.0.1


    www.www-spybot.net
    ----------------------------------------
    No records of type AAAA



    Some of these show up as malware on some forums including this one. Now I'm not so sure as to how these got into the cache of my DNS cache because I've never visited the questionable sites! I don't know if this will be of any help to anyone but I though that I would post this so that some of the more knowledgeable computer geeks can figure out or comment on it. I checked out most of them on "GOOGLE" to see what would pop-up, and some are listed as questionable.
     
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    These are not problems. They are items being blocked by your hosts file which is whay they show with 127.0.0.1 which is the loopback address to your local PC. I will give you an example. Suppose I added the below line to my hosts file

    127.0.0.1 www.google-analytics.com

    If I go to a web page that tries to access this google address to display an advertisement, the ad will not display because the URL has been looped back to the local host (my pc) which is address 127.0.0.1. If I then displaydns, you will see the below
    Code:
            [URL="http://www.google-analytics.com"]www.google-analytics.com[/URL]
            ----------------------------------------
            Record Name . . . . . : [URL="http://www.google-analytics.com"]www.google-analytics.com[/URL]
            Record Type . . . . . : 1
            Time To Live  . . . . : 584326
            Data Length . . . . . : 4
            Section . . . . . . . : Answer
            A (Host) Record . . . : 127.0.0.1
     
  3. Amazon13

    Amazon13 Private E-2

    Thanks chaslang for clearing that up for me, I thought that I had wandered into a hornets nest.LOL
     
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome. Surf safely!
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds