Solved

Vista cannot resolve names to IPs after virus

Posted on 2010-11-20
2
271 Views
Last Modified: 2012-05-10
I am working on a vista pc which was badly infected. I scanned the hard drive as a slave using Malwarebytes, Comodo, and Bitdefender online scanner. Since sticking the hard dive back in the machine and booting it up I have also used Combofix (after realising the there was a name resolution issue). After that I manually updated the definitions in Malwarebytes (as no program can download updates) but the scan came up clean.

When I check the IP configuration it is all fine. I can connect to the router by IP address and can open up a website such as Google using their IP address but not the name.

I am guessing that one of the viruses has done the damage but cannot find out what!

I can post a Hijackthis log if anyone thinks it would help - please let me know.

Any suggestions would be appreciated.

TIA
0
Comment
Question by:WhoIsThatChild
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 500 total points
ID: 34179562
The hijackthis log will help, but these are the major things to check:

1) Check your HOSTS file in C:\Windows\system32\drivers\etc. You may need to show hidden files and folder in the explorer options to look at it. Some viruses will redirect many common search engines to their own malicious "spoof" pages.

2) Check if your proxy settings. Open Internet Explorer, and go to Tools->Interent Options->Connections->Lan Settings, ensure that "Use a proxy server" is unchecked. In Firefox go to Tools->Options->Advanced->Network->Settings, and ensure that "No proxy server" or "Use System Settings" is selected. Some malware will run as a local proxy server, and setup your proxy to use 127.0.0.1, this lets the malware inject search results / hijack your webpages

3) Check your DNS settings are correct. You can look at them by going to a command prompt window as an Administrator, and type "ipconfig /all", then look for your network device and the DNS settings. It should be the same as the DNS settings on your router, or to be safe you can set it to OpenDNS or Google DNS:
   208.67.222.222     or   8.8.8.8

The HijackThis logs will reveal all three of these things, so if you can post it here it will help.
0
 

Author Closing Comment

by:WhoIsThatChild
ID: 34179784
I feel such a dumb-dumb!! It was the IP configuration, specifically the DNS!!

Thanks for your help
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Are you one of those front-line IT Service Desk staff fielding calls, replying to emails, all-the-while working to resolve end-user technological nightmares? I am! That's why I have put together this brief overview of tools and techniques I use in o…
Lithium-ion batteries area cornerstone of today's portable electronic devices, and even though they are relied upon heavily, their chemistry and origin are not of common knowledge. This article is about a device on which every smartphone, laptop, an…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question