Cleaned a computer today that had many bits of malware. One of the bits of junk had changed the DNS entries on the Windows 7 computer to:
inetnum: 22.214.171.124 – 126.96.36.199
descr: Bezeq International-Ltd
status: ALLOCATED PA
remarks: please send ABUSE complains only to email@example.com
188.8.131.52 (no RDNS)
Net Range 184.108.40.206 – 220.127.116.11
Parent ELRON-C-BLK1 (NET-199-203-0-0-1)
Seems to redirect and inject their own code into requests for Google Analytics.
They had also done something to the winsock and IP settings on the system to prevent any other DNS server being used. This was resolved by:
netsh interface ip reset
netsh winsock reset
Running Hitman pro would also have solved the problem.