Solved

cant load www.google.com

Posted on 2011-09-14
11
1,310 Views
Last Modified: 2012-05-12
I worked on a computer running XP Pro. It recently had a virus and it blue screened.
MalwareBytes found a few entries. I then ran RogueKiller that also found a few entries. I then re-ran MalwareBytes for the mere fact RogueKiller finds the process but is not designed to remove it.

MSC was the antivirus on this PC. When I attempted update, it failed to update.

Further research finds that I can’t “turn the automatic updates” in Security Center

Anyway, the PC seems to be behaving normally - except for the fact I can’t run www.google.com or google.com. It won’t load. It also fails www.bing .com  – however www.ask.com and www.yahoo.com works.
I know there were history about this related issue after installed Firefox and/Google chrome. This PC had Firefox and I removed. Still no luck

- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly

More Findings
- removed Yahoo Toolbars and associated tools. If the Yahoo toolbar is needed, it can be reinstalled. I just don’t recommend it because it brings advertising increasing the odds of getting Malware
- removed the Windows Search engine. It slows down the PC. If this tool is actually needed, it can be reinstalled from the Microsoft website.
- Removed all the Windows Live and its associated tools. All these tools show “rarely used”
- removed Mozilla. Primarily to remove any related components that may interfere with IE. It can be reinstalled with the latest version if preferred. I have no issues with Mozilla
- Updated and ran CCleaner
- Cleaned registry
- Updated and ran MalwareBytes. Found no issues
- Used a “Rogue Killer” program that found and removed 3 infected files. These were items MalwareBytes did not discover and remove. There were no bad processes found.
- Rebooted PC.
- since the I removed the rogue which really removes it from the startup, I need to re-run the Malwarebytes to actually remove the process and/or entry
- updated the Adobe Flash
- there was an issue with the “Microsoft Security’ Essentials” not updating properly. It became corrupted. Required uninstalling and reinstalling the Antivirus program. NOTE: it did have a virus infected file in quarantined. After installing the Microsoft Antivirus program, it still failed updating
- there was an issue opening “google.com” search engine. I have seen this before when Firefox was installed and uninstalled with no change
- as I go on further, I get this error when attempting update windows. It fails consistently Error number: 0x80070424
- Microsoft Security Essentials fail. Requires IE to be working properly
- performed a “sfc /scannow” to check the file system. Found no issues

I checked the hosts file
There was no other hosts file
I was able to ping www.google.com

There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it. I already spent 3 hours trying to repair it locally
0
Comment
Question by:agieryic
11 Comments
 
LVL 21

Accepted Solution

by:
Papertrip earned 150 total points
ID: 36540711
Looks like you answered your question in your question.
There’s no doubt that this was PC is heavily infected and apparently done more damage than expected. I’ll need to rebuild it.
0
 
LVL 1

Author Comment

by:agieryic
ID: 36540772
Yeh, I know. I was just looking for a couple of things to try before I throw in the towel.
0
 
LVL 4

Assisted Solution

by:tflai
tflai earned 100 total points
ID: 36541036
If you feel like to investigate a little further, you can scan your machine with tools like HijackThis and CWShredder, maybe you can find and remove the malware.  You can also scan with GMER and other rootkit removers.
0
 
LVL 23

Assisted Solution

by:phototropic
phototropic earned 150 total points
ID: 36541241
@tflai,

CWShredder is one of a number of tools that used to be highly effective back in the day, but it has not been updated for several years, is no longer supported, and will be of no use whatsoever in fighting current malware.  There is an excellent article about this subject (and others) by younghv here:

http://www.experts-exchange.com/Software/Internet_Email/Anti_Spyware/A_6650-Malware-Fighting-Best-Practices.html?sfQueryTermInfo=1+30+younghv

Likewise, Hijack This is not the tool it once was, and is not really very good at detecting current malware variants.

@agieryic

"...I checked the hosts file
There was no other hosts file..."

Rogue Killer option 3 will reset the hosts file.  If scans are coming up clean, the next step would be to run TDSSKiller:

http://support.kaspersky.com/faq/?qid=208280684

Please post the scan log for review.
0
 
LVL 30

Expert Comment

by:flubbster
ID: 36542941
When you checked for hosts file, did you make sure that view both system and hidden files was turned on? Many times viruses create a second hosts file that is well hidden and it is the one being used.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 
LVL 29

Assisted Solution

by:Sudeep Sharma
Sudeep Sharma earned 50 total points
ID: 36544638
As mentioned by phototropic you should run TDSSKIller to fix this issue. You could also try FixTDSS from Symantec:

http://www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixTDSS.exe

I hope that would help

Sudeep
0
 
LVL 1

Author Comment

by:agieryic
ID: 36545595
I am familiar with most toolsthat you mentioned.But I haven't tried to run the addition tool Other than the ones I mentioned.
I have hidden files turned on! I did not see any additional hosts files.

It's a definitely worth a try to run the additional tools.
0
 
LVL 23

Expert Comment

by:phototropic
ID: 36551961
OK.  Start with TDSSKiller.
0
 
LVL 14

Assisted Solution

by:Don Thomson
Don Thomson earned 50 total points
ID: 36568387
Hace you checked to see if the malware set up a phantom proxy - Internet options Connections, Lan Settings. You may be pointing to a rouge proxy server that is only allowing you what it wants you to get . I've seen viruses and malware that do this all the time - YOu can't get to any windows/Microsoft sites or anywhere that has anti-malware tools on it
0
 
LVL 1

Author Comment

by:agieryic
ID: 36588696
Folks thanks for all your feed back. I ended up calling Microsoft for help with the failing uploads which I'm sure all related to the mentioned issues but they were not helpful.

I ended up backing up the data and successfully rebuilding the PC
0
 
LVL 1

Author Closing Comment

by:agieryic
ID: 36588815
Sometimes you just have to bite the bullet and give up and rebuild.
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
If you have done a reformat of your hard drive and proceeded to do a successful Windows XP installation, you may notice that a choice between two operating systems when you start up the machine. Here is how to get rid of this: Click Start Clic…
I designed this idea while studying technology in the classroom.  This is a semester long project.  Students are asked to take photographs on a specific topic which they find meaningful, it can be a place or situation such as travel or homelessness.…
Concerto provides fully managed cloud services and the expertise to provide an easy and reliable route to the cloud. Our best-in-class solutions help you address the toughest IT challenges, find new efficiencies and deliver the best application expe…

948 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now