Solved

cant load www.google.com

Posted on 2011-09-14
11
1,294 Views
Last Modified: 2012-05-12
I worked on a computer running XP Pro. It recently had a virus and it blue screened.
MalwareBytes found a few entries. I then ran RogueKiller that also found a few entries. I then re-ran MalwareBytes for the mere fact RogueKiller finds the process but is not designed to remove it.

MSC was the antivirus on this PC. When I attempted update, it failed to update.

Further research finds that I can’t “turn the automatic updates” in Security Center

Anyway, the PC seems to be behaving normally - except for the fact I can’t run www.google.com or google.com. It won’t load. It also fails www.bing .com  – however www.ask.com and www.yahoo.com works.
I know there were history about this related issue after installed Firefox and/Google chrome. This PC had Firefox and I removed. Still no luck

- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly

More Findings
- removed Yahoo Toolbars and associated tools. If the Yahoo toolbar is needed, it can be reinstalled. I just don’t recommend it because it brings advertising increasing the odds of getting Malware
- removed the Windows Search engine. It slows down the PC. If this tool is actually needed, it can be reinstalled from the Microsoft website.
- Removed all the Windows Live and its associated tools. All these tools show “rarely used”
- removed Mozilla. Primarily to remove any related components that may interfere with IE. It can be reinstalled with the latest version if preferred. I have no issues with Mozilla
- Updated and ran CCleaner
- Cleaned registry
- Updated and ran MalwareBytes. Found no issues
- Used a “Rogue Killer” program that found and removed 3 infected files. These were items MalwareBytes did not discover and remove. There were no bad processes found.
- Rebooted PC.
- since the I removed the rogue which really removes it from the startup, I need to re-run the Malwarebytes to actually remove the process and/or entry
- updated the Adobe Flash
- there was an issue with the “Microsoft Security’ Essentials” not updating properly. It became corrupted. Required uninstalling and reinstalling the Antivirus program. NOTE: it did have a virus infected file in quarantined. After installing the Microsoft Antivirus program, it still failed updating
- there was an issue opening “google.com” search engine. I have seen this before when Firefox was installed and uninstalled with no change
- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly
- performed a “sfc /scannow” to check the file system. Found no issues

I checked the hosts file
There was no other hosts file
I was able to ping www.google.com

There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it. I already spent 3 hours trying to repair it locally
0
Comment
Question by:agieryic
11 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 150 total points
Comment Utility
Looks like you answered your question in your question.
There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it.
0
 
LVL 1

Author Comment

by:agieryic
Comment Utility
Yeh, I know. I was just looking for a couple of things to try before I throw in the towel.
0
 
LVL 4

Assisted Solution

by:tflai
tflai earned 100 total points
Comment Utility
If you feel like to investigate a little further, you can scan your machine with tools like HijackThis and CWShredder, maybe you can find and remove the malware.  You can also scan with GMER and other rootkit removers.
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 150 total points
Comment Utility
@tflai,

CWShredder is one of a number of tools that used to be highly effective back in the day, but it has not been updated for several years, is no longer supported, and will be of no use whatsoever in fighting current malware.  There is an excellent article about this subject (and others) by younghv here:

http://www.experts-exchange.com/Software/Internet_Email/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html?sfQueryTermInfo=1+30+younghv

Likewise, Hijack This is not the tool it once was, and is not really very good at detecting current malware variants.

@agieryic

"...I checked the hosts file
There was no other hosts file..."

Rogue Killer option 3 will reset the hosts file.  If scans are coming up clean, the next step would be to run TDSSKiller:

http://support.kaspersky.com/faq/?qid=208280684

Please post the scan log for review.
0
 
LVL 30

Expert Comment

by:flubbster
Comment Utility
When you checked for hosts file, did you make sure that view both system and hidden files was turned on? Many times viruses create a second hosts file that is well hidden and it is the one being used.
0
Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 50 total points
Comment Utility
As mentioned by phototropic you should run TDSSKIller to fix this issue. You could also try FixTDSS from Symantec:

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

I hope that would help

Sudeep
0
 
LVL 1

Author Comment

by:agieryic
Comment Utility
I am familiar with most toolsthat you mentioned.But I haven't tried to run the addition tool Other than the ones I mentioned.
I have hidden files turned on! I did not see any additional hosts files.

It's a definitely worth a try to run the additional tools.
0
 
LVL 23

Expert Comment

by:phototropic
Comment Utility
OK.  Start with TDSSKiller.
0
 
LVL 14

Assisted Solution

by:Don Thomson
Don Thomson earned 50 total points
Comment Utility
Hace you checked to see if the malware set up a phantom proxy - Internet options Connections, Lan Settings. You may be pointing to a rouge proxy server that is only allowing you what it wants you to get . I've seen viruses and malware that do this all the time - YOu can't get to any windows/Microsoft sites or anywhere that has anti-malware tools on it
0
 
LVL 1

Author Comment

by:agieryic
Comment Utility
Folks thanks for all your feed back. I ended up calling Microsoft for help with the failing uploads which I'm sure all related to the mentioned issues but they were not helpful.

I ended up backing up the data and successfully rebuilding the PC
0
 
LVL 1

Author Closing Comment

by:agieryic
Comment Utility
Sometimes you just have to bite the bullet and give up and rebuild.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Ransomware continues to be a growing problem for both personal and business users alike and Antivirus companies are still struggling to find a reliable way to protect you from this dangerous threat.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now