Cleaned a computer today that had many bits of malware. One of the bits of junk had changed the DNS entries on the Windows 7 computer to:
inetnum: 188.8.131.52 – 184.108.40.206
descr: Bezeq International-Ltd
status: ALLOCATED PA
remarks: please send ABUSE complains only to firstname.lastname@example.org
220.127.116.11 (no RDNS)
Net Range 18.104.22.168 – 22.214.171.124
Parent ELRON-C-BLK1 (NET-199-203-0-0-1)
Seems to redirect and inject their own code into requests for Google Analytics.
They had also done something to the winsock and IP settings on the system to prevent any other DNS server being used. This was resolved by:
netsh interface ip reset
netsh winsock reset
Running Hitman pro would also have solved the problem.