Solved

Vista cannot resolve names to IPs after virus

Posted on 2010-11-20
2
268 Views
Last Modified: 2012-05-10
I am working on a vista pc which was badly infected. I scanned the hard drive as a slave using Malwarebytes, Comodo, and Bitdefender online scanner. Since sticking the hard dive back in the machine and booting it up I have also used Combofix (after realising the there was a name resolution issue). After that I manually updated the definitions in Malwarebytes (as no program can download updates) but the scan came up clean.

When I check the IP configuration it is all fine. I can connect to the router by IP address and can open up a website such as Google using their IP address but not the name.

I am guessing that one of the viruses has done the damage but cannot find out what!

I can post a Hijackthis log if anyone thinks it would help - please let me know.

Any suggestions would be appreciated.

TIA
0
Comment
Question by:WhoIsThatChild
2 Comments
 
LVL 31

Accepted Solution

by:
Frosty555 earned 500 total points
ID: 34179562
The hijackthis log will help, but these are the major things to check:

1) Check your HOSTS file in C:\Windows\system32\drivers\etc. You may need to show hidden files and folder in the explorer options to look at it. Some viruses will redirect many common search engines to their own malicious "spoof" pages.

2) Check if your proxy settings. Open Internet Explorer, and go to Tools->Interent Options->Connections->Lan Settings, ensure that "Use a proxy server" is unchecked. In Firefox go to Tools->Options->Advanced->Network->Settings, and ensure that "No proxy server" or "Use System Settings" is selected. Some malware will run as a local proxy server, and setup your proxy to use 127.0.0.1, this lets the malware inject search results / hijack your webpages

3) Check your DNS settings are correct. You can look at them by going to a command prompt window as an Administrator, and type "ipconfig /all", then look for your network device and the DNS settings. It should be the same as the DNS settings on your router, or to be safe you can set it to OpenDNS or Google DNS:
   208.67.222.222     or   8.8.8.8

The HijackThis logs will reveal all three of these things, so if you can post it here it will help.
0
 

Author Closing Comment

by:WhoIsThatChild
ID: 34179784
I feel such a dumb-dumb!! It was the IP configuration, specifically the DNS!!

Thanks for your help
0

Featured Post

U.S. Department of Agriculture and Acronis Access

With the new era of mobile computing, smartphones and tablets, wireless communications and cloud services, the USDA sought to take advantage of a mobilized workforce and the blurring lines between personal and corporate computing resources.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Computer running slow? Taking forever to open a folder, documents, or any programs that you didn't have an issue with before? Here are a few steps to help speed it up. The programs mentioned below ALL have free versions, you can buy them if you w…
Trying to figure out group policy inheritance and which settings apply where can be a chore.  Here's a very simple summary I've written which might help.  Keep in mind, this is just a high-level conceptual overview where I try to avoid getting bogge…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now