troubleshooting Question

Google resolving to 87.125.87.99 or 64.125.87.101

Avatar of srlincoln
srlincolnFlag for United States of America asked on
Anti-Virus AppsAnti-SpywareDNS
17 Comments2 Solutions7929 ViewsLast Modified:
Got a virus on an XP SP3 computer the other day.  
Have run Malwarebytes to remove bad registry and file entries.   Have deleted a hidden Hosts file from the etc directory.
Whenever I ping www.google.com on the pc, it's trying to go to either 87.125.87.99 or 64.125.87.101
NSLookup cannot resolve www.google.com   it tries to look at my local dns server, then does a 2 second time out ... seeming not ever trying to go the outside world to check the non-authoritative dns servers
I have NO idea where it's getting these IPs from, file, registry or what.   Doesn't matter what user I'm logged in as either, so if it's registry, must be in the Local Machine area.

Anyone else ever deal with this and resolve?   I don't want to re-image the machine yet as I'm extremely curious as to how the el' a setting like this could be set on searching type websites only.
I say that because I can go to yahoo.com , but if I do an actual search, it fails out as if it was being redirected to a bad site that is obviously down now.

Sam
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 2 Answers and 17 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 2 Answers and 17 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros