Something preventing DNS lookups

[Acinamoras]

Intro: I was doing some computer work for an elderly couple when the internet on that computer randomly stopped working. Rather than having me fix it, they simply bought a new computer. Once I got the new one up and running, they gave me the old one. I'm trying to get it set up so my step mother can have her own computer (it's actually not too bad a computer). The only problem left is the internet problem.

Problem itself: the problem persists on ethernet and wireless connections. The computer shows itself as being connected without any problems but chrome/firefox/ie all show "page not available" messages. They don't say dns problems specifically, but I'm pretty sure that is what I'm looking at. I can ping various ip addresses and google.com without any losses.. I did a tracert and nslookup for 8.8.8.8 without a problem. I've tried configuring the computer to opendns and 8.8.8.8/8.8.4.4. Neither worked. Disabling windows firewalls and the installed antivirus did nothing for me. There are no proxies set up on the computer. Antivirus/malware scans come back clean. At this point I really don't know what to do with it. Had the people kept the install disks or backup drive on the computer, I'd have just restored the computer to factory settings.

Any ideas would be greatly appreciated.

 

[DelJo63]

Have a look at \windows\system32\drivers\etc\hosts
get a command prompt (aka runas /user:administrator cmd and give the passwd)

run dir \windows\system32\drivers\etc\hosts and look at the size. if it is more than a kb, it has entries in it and can be suspect.
the required entry is LOCALHOST 127.0.0.1 and everything else is optional.

run attrib -r on the host file to make it r/w
echo "localhost 127.0.0.1" >\windows\system32\drivers\etc\hosts
run attrib +r on the host file to protect it

ipconfig /flushdns
net stop "dns client" (yes, quotes are necessary)​

you should be able to access google.com even though your dns client is not running
if not, investigate the LSP (winsock stack)

you can restart dns using net start "dns client"


test your browser access again

 

[deemon]

Try not using hardcoded DNS server (8.8.8.8) and use the one DHCP gives you automatically.

When your country is doing some weird DNS based internet banning (eg. http://thepiratebay.se/ => so some random local web address saying that this site is not good for you or whatever, instead of where it should be going) then it's also common practice to ban first access to commonly used public DNS servers IPs that would help people evade the DNS ban.

 

[DelJo63]

How to test your DNS- - -

get a command prompt end enter NSLOOKUP google.com
if you get something like this

$ NSLOOKUP google.com
Non-authoritative answer:
Server:  a.resolvers.level3.net
Address:  4.2.2.1

Name:  google.com
Addresses:  2607:f8b0:4007:802::1009
  74.125.224.129
  74.125.224.136
  74.125.224.133
  74.125.224.131
  74.125.224.132
  74.125.224.135
  74.125.224.128
  74.125.224.142
  74.125.224.130
  74.125.224.134
  74.125.224.137

then your dns is just fine and we suspect malware or etc\hosts entries per the above