Solved

Vista cannot resolve names to IPs after virus

Posted on 2010-11-20
2
267 Views
Last Modified: 2012-05-10
I am working on a vista pc which was badly infected. I scanned the hard drive as a slave using Malwarebytes, Comodo, and Bitdefender online scanner. Since sticking the hard dive back in the machine and booting it up I have also used Combofix (after realising the there was a name resolution issue). After that I manually updated the definitions in Malwarebytes (as no program can download updates) but the scan came up clean.

When I check the IP configuration it is all fine. I can connect to the router by IP address and can open up a website such as Google using their IP address but not the name.

I am guessing that one of the viruses has done the damage but cannot find out what!

I can post a Hijackthis log if anyone thinks it would help - please let me know.

Any suggestions would be appreciated.

TIA
0
Comment
Question by:WhoIsThatChild
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 500 total points
Comment Utility
The hijackthis log will help, but these are the major things to check:

1) Check your HOSTS file in C:\Windows\system32\drivers\etc. You may need to show hidden files and folder in the explorer options to look at it. Some viruses will redirect many common search engines to their own malicious "spoof" pages.

2) Check if your proxy settings. Open Internet Explorer, and go to Tools->Interent Options->Connections->Lan Settings, ensure that "Use a proxy server" is unchecked. In Firefox go to Tools->Options->Advanced->Network->Settings, and ensure that "No proxy server" or "Use System Settings" is selected. Some malware will run as a local proxy server, and setup your proxy to use 127.0.0.1, this lets the malware inject search results / hijack your webpages

3) Check your DNS settings are correct. You can look at them by going to a command prompt window as an Administrator, and type "ipconfig /all", then look for your network device and the DNS settings. It should be the same as the DNS settings on your router, or to be safe you can set it to OpenDNS or Google DNS:
   208.67.222.222     or   8.8.8.8

The HijackThis logs will reveal all three of these things, so if you can post it here it will help.
0
 

Author Closing Comment

by:WhoIsThatChild
Comment Utility
I feel such a dumb-dumb!! It was the IP configuration, specifically the DNS!!

Thanks for your help
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

9 Experts available now in Live!

Get 1:1 Help Now