Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1427
  • Last Modified:

cant load www.google.com

I worked on a computer running XP Pro. It recently had a virus and it blue screened.
MalwareBytes found a few entries. I then ran RogueKiller that also found a few entries. I then re-ran MalwareBytes for the mere fact RogueKiller finds the process but is not designed to remove it.

MSC was the antivirus on this PC. When I attempted update, it failed to update.

Further research finds that I can’t “turn the automatic updates” in Security Center

Anyway, the PC seems to be behaving normally - except for the fact I can’t run www.google.com or google.com. It won’t load. It also fails www.bing .com  – however www.ask.com and www.yahoo.com works.
I know there were history about this related issue after installed Firefox and/Google chrome. This PC had Firefox and I removed. Still no luck

- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly

More Findings
- removed Yahoo Toolbars and associated tools. If the Yahoo toolbar is needed, it can be reinstalled. I just don’t recommend it because it brings advertising increasing the odds of getting Malware
- removed the Windows Search engine. It slows down the PC. If this tool is actually needed, it can be reinstalled from the Microsoft website.
- Removed all the Windows Live and its associated tools. All these tools show “rarely used”
- removed Mozilla. Primarily to remove any related components that may interfere with IE. It can be reinstalled with the latest version if preferred. I have no issues with Mozilla
- Updated and ran CCleaner
- Cleaned registry
- Updated and ran MalwareBytes. Found no issues
- Used a “Rogue Killer” program that found and removed 3 infected files. These were items MalwareBytes did not discover and remove. There were no bad processes found.
- Rebooted PC.
- since the I removed the rogue which really removes it from the startup, I need to re-run the Malwarebytes to actually remove the process and/or entry
- updated the Adobe Flash
- there was an issue with the “Microsoft Security’ Essentials” not updating properly. It became corrupted. Required uninstalling and reinstalling the Antivirus program. NOTE: it did have a virus infected file in quarantined. After installing the Microsoft Antivirus program, it still failed updating
- there was an issue opening “google.com” search engine. I have seen this before when Firefox was installed and uninstalled with no change
- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly
- performed a “sfc /scannow” to check the file system. Found no issues

I checked the hosts file
There was no other hosts file
I was able to ping www.google.com

There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it. I already spent 3 hours trying to repair it locally
0
agieryic
Asked:
agieryic
5 Solutions
 
PapertripCommented:
Looks like you answered your question in your question.
There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it.
0
 
agieryicAuthor Commented:
Yeh, I know. I was just looking for a couple of things to try before I throw in the towel.
0
 
tflaiCommented:
If you feel like to investigate a little further, you can scan your machine with tools like HijackThis and CWShredder, maybe you can find and remove the malware.  You can also scan with GMER and other rootkit removers.
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
phototropicCommented:
@tflai,

CWShredder is one of a number of tools that used to be highly effective back in the day, but it has not been updated for several years, is no longer supported, and will be of no use whatsoever in fighting current malware.  There is an excellent article about this subject (and others) by younghv here:

http://www.experts-exchange.com/Software/Internet_Email/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html?sfQueryTermInfo=1+30+younghv

Likewise, Hijack This is not the tool it once was, and is not really very good at detecting current malware variants.

@agieryic

"...I checked the hosts file
There was no other hosts file..."

Rogue Killer option 3 will reset the hosts file.  If scans are coming up clean, the next step would be to run TDSSKiller:

http://support.kaspersky.com/faq/?qid=208280684

Please post the scan log for review.
0
 
flubbsterCommented:
When you checked for hosts file, did you make sure that view both system and hidden files was turned on? Many times viruses create a second hosts file that is well hidden and it is the one being used.
0
 
Sudeep SharmaTechnical DesignerCommented:
As mentioned by phototropic you should run TDSSKIller to fix this issue. You could also try FixTDSS from Symantec:

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

I hope that would help

Sudeep
0
 
agieryicAuthor Commented:
I am familiar with most toolsthat you mentioned.But I haven't tried to run the addition tool Other than the ones I mentioned.
I have hidden files turned on! I did not see any additional hosts files.

It's a definitely worth a try to run the additional tools.
0
 
phototropicCommented:
OK.  Start with TDSSKiller.
0
 
Don ThomsonCommented:
Hace you checked to see if the malware set up a phantom proxy - Internet options Connections, Lan Settings. You may be pointing to a rouge proxy server that is only allowing you what it wants you to get . I've seen viruses and malware that do this all the time - YOu can't get to any windows/Microsoft sites or anywhere that has anti-malware tools on it
0
 
agieryicAuthor Commented:
Folks thanks for all your feed back. I ended up calling Microsoft for help with the failing uploads which I'm sure all related to the mentioned issues but they were not helpful.

I ended up backing up the data and successfully rebuilding the PC
0
 
agieryicAuthor Commented:
Sometimes you just have to bite the bullet and give up and rebuild.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now