How JustAnswer Works:

  • Ask an Expert
    Experts are full of valuable knowledge and are ready to help with any question. Credentials confirmed by a Fortune 500 verification firm.
  • Get a Professional Answer
    Via email, text message, or notification as you wait on our site.
    Ask follow up questions if you need to.
  • 100% Satisfaction Guarantee
    Rate the answer you receive.

Ask webpagesby22 Your Own Question

webpagesby22, Computer Hardware Engineer
Category: Mac
Satisfied Customers: 527
Experience:  I have eight years of experience working with Macs and Windows machines in corporate enviroments.
Type Your Mac Question Here...
webpagesby22 is online now
A new question is answered every 9 seconds

How do I reset my DNS settings to get rid of malicious bot?

This answer was rated:

How do I reset my DNS settings to get rid of malicious bot? Directions to go thru terminal & type a command to flush cache did not work

Give these steps a try

Here we'll show you how to manually assign DNS (Domain Name Service) servers for your Internet connection

Open System Preferences (either by clicking the icon on the dock or by clicking the Apple Icon and selecting it from the list).

Double-click the Network icon.

Double-click the connection you want to change DNS for. The connection you're using now will have a green light next to it. In this example we'll be changing the DNS on the AirPort connection.

On the connection properties window, click the DNS tab.

Use the + or - symbols to add or remove the DNS servers your connection uses. Servers will be used in the order they are shown in this list.

I recommend using the following server addresses:
When you've finished, click OK.
Customer: replied 4 years ago.
It will not allow me to click on the - sign only the + so I can not remove the 2 DNS addresses that are there.
What DNS ip addresses do you have in the DNS field?
Customer: replied 4 years ago.
Customer: replied 4 years ago.
Could it have something to do with the wireless network?
Can you check the wireless configuration settings of your router. To see if you have a anything in the DNS menu in the router
Customer: replied 4 years ago.
Not to be the village do I do that? I am not computer literate at all!
Can you give me the make and model of router so that I can give you a walk through .
Customer: replied 4 years ago.

1. Open a web browser on a computer connected to your network, then go
The router prompts you for a user name and password
2. Enter the user name and password, then click OK The utility’s main menu
. Click the Setup tab, then click the Basic Setup page 34
Linksys E-Series Setting Up: Advanced
3. Complete the Static DNS fields with
4. Click Save Settings
Customer: replied 4 years ago.
How do I know if that worked??? Until I hear from comcast I will not know.
Restart your mac and check your DNS settings on your mac. The updated DNS should reflect on your mac when you go to the network settings. After that your issue should be resolved
Customer: replied 4 years ago.
tjey are the same DNS settings as before/ nothing has changed/ any new ideas or another person who can solve the problem?

In terminal

Run the following command
dscacheutil -flushcache
Customer: replied 4 years ago.
have done that 3 times. says command not recognized
What mac os version are you using? 10.5, 10.6, 10.7 ?
You can also copy and paste the command into terminal and should allow you to run it.
Customer: replied 4 years ago.
Customer: replied 4 years ago.
Copying doesn't work
Customer: replied 4 years ago.
Copying doesn't work
Should this really be this difficult?
No it shouldn't the command works fine on my Mac. Can you send me a screenshot of the terminal screen?
Customer: replied 4 years ago.
Ok how do I do that? This isna friction nightmare
Command-Shift-3: Take a screenshot of the screen, and save it as a file on the desktop

I am so sorry give this command a shot

Open a command terminal.
Run the command lookupd -flushcache
Customer: replied 4 years ago.
It says command not found. I tried it 3 times
copy and paste the window or send a screenshot of the of the terminal window so I can see what is going on
Customer: replied 4 years ago.
Last login: Tue Jul 21 21:41:22 on console
dawn-weisss-imac:~ Dawn$

Try the steps from this webpage
Customer: replied 4 years ago.
I have tried to get to that website multiple ways and it tells me safari can't find that server. Even when I copied and pasted what you sent me.
Go here System Preferences --> Network --> Airport> click on "Advanced> make sure airpot is selected> Select your wireless network and select the minus button. Shut down the computer. Locate the following keys on the keyboard: Command, Option, P, and R. You will need to hold these keys down simultaneously in step 4. Turn on the computer. Press and hold the Command-Option-P-R keys. You must press this key combination before the gray screen appears. Hold the keys down until the computer restarts and you hear the startup sound for the second time. Release the keys. After that rejoin back to your network
I also want you to download this anti-virus scanner to scan your mac for virus. To see if that is what is keeping your mac for clearing the DNS
Customer: replied 4 years ago.
I tried that 3 times. Still saying in airport under DNS that the servers are still & when I rejoined.
Download the anti virus scanner and have it scan the whole computer for viruses

Go here to see if you have any trojans on you machine

How to remove the trojan horse
If you’re infected, what’s the easiest way to get rid of the trojan horse? As noted above, VirusBarrier will do the job, using today’s virus definitions. However, you can do it yourself, if you wish, though it will require a tiny bit of Terminal work. Here’s what you need to do—and yes, I infected my own machine and tested this (on OS X 10.5, but OS X 10.4 should be identical) to make sure it works.

In the Finder, navigate to /Library -> Internet Plug-Ins, and delete the file named plugins.settings. Empty the trash. This deletes the tool that sets the rogue DNS Server information.
In Terminal, type sudo crontab -r and provide your admin password XXXXX asked. This deletes the root cron job that checks the DNS Server settings. You can prove it worked by typing sudo crontab -l; you should see the message “crontab: no crontab for root.”
Open your Network System Preferences panel, go to the DNS Server box, and copy the entries you can see to a Stickies note, TextEdit document, or memorize them. Now retype those same values in the box, then click Apply.
Reboot your Mac.
After you reboot, you can confirm you’re free of the trojan horse (in OS X 10.5) by opening the Advanced pane of the Network System Preferences panel and looking at the DNS tab—you shouldn’t see any gray entries. In Tiger, to really prove that you’re free of the infestation, use the scutil command detailed above, as that’s the only way to see all the DNS Servers your machine knows about.

As always, the best way to avoid these things is to not install software from untrusted sources—especially if it comes as an installer package and requests your administrator’s password! But if you do get infected, at least you’ll know how to confirm you have an issue, and remove the troublesome software.

There is a trojan causing this issue

Well those DNS entries are definitely in the Possible Hostile Inhoster Addresses ( list.

There was a mention of where the trojan drops its file, so you can delete it directly.

In the Finder, navigate to /Library -> Internet Plug-Ins, and delete the file named plugins.settings. Empty the trash. This deletes the tool that sets the rogue DNS Server information.
webpagesby22 and 2 other Mac Specialists are ready to help you
Customer: replied 4 years ago.
I haven't been able to get on Mac due to kids doing homework. I will try this as soon as I can get on there.
Customer: replied 4 years ago.
I have no library in finder I have preferences which I don't see library, empty trash, secure empty trash, serviceswhich doesn't show library ,hide finder , and Hide others
Customer: replied 4 years ago.
Never mind last post, I found it