Solved

Could not resolver test domain pop-up

Posted on 2009-04-06
9
834 Views
Last Modified: 2013-11-22
One of my user's is getting this weird pop-up that says "Could not resolve test domain, please contact your administrator." I have attached a screenshot. Has anyone seen this before? I have a feeling that it is some type of virus or something, but have been running a lot of scans anbd am not finding anything.
CropperCapture-1-.Bmp
0
Comment
Question by:italo5696
  • 5
  • 4
9 Comments
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 24078199
Doubt it's a virus given the icon looks like a VBScript program.  Probably a VBS file in your startup folder.
Can you give us a Hijackthis log?
0
 

Author Comment

by:italo5696
ID: 24078821
i am trying to download hijackthis, but it keeps stalling. will continue to try and downloadit.
0
 

Author Comment

by:italo5696
ID: 24078915
it keeps timing out at 70% every time. Whether I try and download the file or run it. also, i did not see any unusual scripts in the start-up folder.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
LVL 22

Expert Comment

by:Adam Leinss
ID: 24079209
Try running Autoruns from http://live.sysinternals.com/
Then to a File>Export and post the TXT file
0
 

Author Comment

by:italo5696
ID: 24080088
here you go.
AutoRuns.txt
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 24080284
You have two VB scripts running:
\\nps.doi.net\netlogon\confickerreps\confickersnitcher.vbs
\\inpnewhmemsrv02\smsgpoclientinstall\clientinstall.vbs
Likely, one of these is causing the error.  Open them up with Notepad and search for the phrase: "test domain"
These are assigned using Group Policy, so if one of them is causing the error you need to talk with your admin staff.
Not related to your direct question, but looking at your log, I see you have both Symantec Antivirus loaded and Windows Defender.  Why?  Symantec does greyware detection.
 
0
 
LVL 22

Expert Comment

by:Adam Leinss
ID: 24080319
This could be caling a VB script as well:
\\inppeterm-50606\rm_scripts\peterm_drives.bat
0
 

Author Comment

by:italo5696
ID: 24080334
that is a script that maps network drives. it is supposed to be there.
0
 
LVL 22

Accepted Solution

by:
Adam Leinss earned 500 total points
ID: 24080397
99.9% sure it is the ConfickerSnitcher VB Script:
ftp://disftp.state.ar.us/pub/NT/AntiVirus/ConfickerSnitcher/setup.conf
if dnsfailed = 1 then
MsgBox "Could not resolve test domain, please contact your administrator", 0 + 16, "WARNING"
End If
 
 
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Operating system developers such as Microsoft (https://www.microsoft.com) and Apple have made incredible strides in virus protection over the past decade. Operating systems come packaged with built in defensive tools such as virus protection and a f…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question