RE: PC that can't Google
HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
lmhosts is for netbios resolution. Check the 'hosts' file in the c:\windows\system32\drivers\etc folder On Thu, Jan 12, 2012 at 9:52 AM, Bob Hartung bhart...@wiscoind.com wrote: ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Try a different user profile. On Thu, Jan 12, 2012 at 8:57 AM, David Lum david@nwea.org wrote: HOSTS file? ** ** *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 6:52 AM *To:* NT System Admin Issues *Subject:* PC that can't Google ** ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Check for add-ons in IE. From: Bob Hartung [mailto:bhart...@wiscoind.com]mailto:[mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Hosts file, or more malware embedded in the machine. On 12 January 2012 14:52, Bob Hartung bhart...@wiscoind.com wrote: ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ** IMPORTANT INFORMATION/DISCLAIMER * This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress.. * * The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. * * In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets** ** At Home yesterday. * * We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * * The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Host file... Try to resolve google.com on the infect PC and on your corporate one... PS: Not a good ides to plug a know infected station on your corporate network... De : Bob Hartung [mailto:bhart...@wiscoind.com] Envoyé : 12 janvier 2012 09:52 À : NT System Admin Issues Objet : PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
I initially tried with the user's profile and then switched to the local admin and still had the same problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:03:40 -0600 Subject: Re: PC that can't Google Try a different user profile. On Thu, Jan 12, 2012 at 8:57 AM, David Lum david@nwea.org wrote: HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
C:\windows\system32\drivers\etc\ Might be hidden/read-only but it will be there - open with notepad ...Spence From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: 12 January 2012 15:04 To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Odd, even by default there's one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
No Hosts file, Windows comes with a default Hosts file. Try running Vipre Rescue. On Thu, Jan 12, 2012 at 9:06 AM, James Rankin kz2...@googlemail.com wrote: Hosts file, or more malware embedded in the machine. On 12 January 2012 14:52, Bob Hartung bhart...@wiscoind.com wrote: ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ** IMPORTANT INFORMATION/DISCLAIMER * This document should be read only by those persons to whom it is addressed. If you have received this message it was obviously addressed to you and therefore you can read it, even it we didn't mean to send it to you. However, if the contents of this email make no sense whatsoever then you probably were not the intended recipient, or, alternatively, you are a mindless cretin; either way, you should immediately kill yourself and destroy your computer (not necessarily in that order). Once you have taken this action, please contact us.. no, sorry, you can't use your computer, because you just destroyed it, and possibly also committed suicide afterwards, but I am starting to digress.. * * The originator of this email is not liable for the transmission of the information contained in this communication. Or are they? Either way it's a pretty dull legal query and frankly one I'm not going to dwell on. But should you have nothing better to do, please feel free to ruminate on it, and please pass on any concrete conclusions should you find them. However, if you pass them on via email, be sure to include a disclaimer regarding liability for transmission. * * In the event that the originator did not send this email to you, then please return it to us and attach a scanned-in picture of your mother's brother's wife wearing nothing but a kangaroo suit, and we will immediately refund you exactly half of what you paid for the can of Whiskas you bought when you went to Pets** ** At Home yesterday. * * We take no responsibility for non-receipt of this email because we are running Exchange 5.5 and everyone knows how glitchy that can be. In the event that you do get this message then please note that we take no responsibility for that either. Nor will we accept any liability, tacit or implied, for any damage you may or may not incur as a result of receiving, or not, as the case may be, from time to time, notwithstanding all liabilities implied or otherwise, ummm, hell, where was I...umm, no matter what happens, it is NOT, and NEVER WILL BE, OUR FAULT! * * The comments and opinions expressed herein are my own and NOT those of my employer, who, if he knew I was sending emails and surfing the seamier side of the Internet, would cut off my manhood and feed it to me for afternoon tea. * ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with
Re: PC that can't Google
Take the drive out and slave it to another machine for malware scanning. Also, navigate to c:\windows\system32\drivers\etc and make sure that the hosts and lmhosts files are set back to default. Kurt On Thu, Jan 12, 2012 at 06:52, Bob Hartung bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
It's a file without an extension From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 10:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Have you tried safe mode with networking? On Thu, Jan 12, 2012 at 7:25 AM, Bob Hartung bhart...@wiscoind.com wrote: ** I initially tried with the user's profile and then switched to the local admin and still had the same problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com -- *From:* Eric Wittersheim [mailto:eric.wittersh...@gmail.com] *To:* NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com ] *Sent:* Thu, 12 Jan 2012 09:03:40 -0600 *Subject:* Re: PC that can't Google Try a different user profile. On Thu, Jan 12, 2012 at 8:57 AM, David Lum david@nwea.org wrote: HOSTS file? ** ** *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 6:52 AM *To:* NT System Admin Issues *Subject:* PC that can't Google ** ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Thank you, Mike Sullivan ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Probably not what you want to hear but, a VPs machine that has a known infection Flatten the box and rebuild it. That is the only way to be sure you got all the spyware/junk off of it. Host file... Try to resolve google.com on the infect PC and on your corporate one... PS: Not a good ides to plug a know infected station on your corporate network... De : Bob Hartung [mailto:bhart...@wiscoind.com] Envoyé : 12 janvier 2012 09:52 À : NT System Admin Issues Objet : PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Mise en garde concernant la confidentialité : Le présent message, comprenant tout fichier qui y est joint, est envoyé à l'intention exclusive de son destinataire; il est de nature confidentielle et peut constituer une information protégée par le secret professionnel. Si vous n'êtes pas le destinataire, nous vous avisons que toute impression, copie, distribution ou autre utilisation de ce message est strictement interdite. Si vous avez reçu ce courriel par erreur, veuillez en aviser immédiatement l'expéditeur par retour de courriel et supprimer le courriel. Merci! Confidentiality Warning: This message, including any attachment, is sent only for the use of the intended recipient; it is confidential and may constitute privileged information. If you are not the intended recipient, you are hereby notified that any printing, copying, distribution or other use of this message is strictly prohibited. If you have received this email in error, please notify the sender immediately by return email, and delete it. Thank you! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Think green. Please consider the environment before printing *** CONFIDENTIALITY NOTE: The information contained in this transmission is privileged and confidential information intended only for the use of the individual or entity named above. If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this transmission in error, do not read it. Please immediately reply to the sender that you have received this communication in error and then delete it. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
+1 on checking %SYSTEM%\System32\drivers\etc\hosts What IP address is it trying to reach when you do this? It will be easy to figure out if it's an IP that belongs to Google or to a malevolent third party. That said, I'm of the belief that once malware gets onto your machine, it is no longer your machine... backup documents and re-image. (And that's if you trust the BIOS and MBR...) --Steve On Thu, Jan 12, 2012 at 10:25 AM, Bob Hartung bhart...@wiscoind.com wrote: I initially tried with the user's profile and then switched to the local admin and still had the same problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:03:40 -0600 Subject: Re: PC that can't Google Try a different user profile. On Thu, Jan 12, 2012 at 8:57 AM, David Lum david@nwea.org wrote: HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Likely the hosts file is hidden. attrib -s -h -r c:\windows\system32\drivers\etc\hosts Then open it in notepad Lately seeing the bad hosts entries at very bottom of hosts file after about 100 blank lines. Once in a while too I see the ACLs changed on the hosts file to make difficulty in editing it. Restore ACLs then remove the bad hosts. (right click properties security advanced inherit from the parent OK out) Can you send me the bad hosts? I want to be able to get them in Vipre defs. Tammy From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: January-12-12 10:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
I have seen a PC that couldn't Google. I also know that you can tune a piano, but you can't tune-a- fish! (Ha! Ha! chuckle! snort!) On Thu, Jan 12, 2012 at 10:39 AM, Spencer Read spencer.r...@nemesisgb.comwrote: C:\windows\system32\drivers\etc\ Might be hidden/read-only but it will be there – open with notepad …Spence ** ** *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* 12 January 2012 15:04 *To:* NT System Admin Issues *Subject:* RE: PC that can't Google ** ** I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com -- *From:* David Lum [mailto:david@nwea.org] *To:* NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] *Sent:* Thu, 12 Jan 2012 08:57:32 -0600 *Subject:* RE: PC that can't Google HOSTS file? *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 6:52 AM *To:* NT System Admin Issues *Subject:* PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin __ This email has been scanned by the Symantec Email Security.cloud service. For more information please visit http://www.symanteccloud.com __ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
You should also try the scans in safe mode. On Thu, Jan 12, 2012 at 9:48 AM, Kurt Buff kurt.b...@gmail.com wrote: Take the drive out and slave it to another machine for malware scanning. Also, navigate to c:\windows\system32\drivers\etc and make sure that the hosts and lmhosts files are set back to default. Kurt On Thu, Jan 12, 2012 at 06:52, Bob Hartung bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Look in C:\WINDOWS\system32\drivers\etc for a file name hosts # Copyright (c) 1993-1999 Microsoft Corp. # # # Par exemple : # # 102.54.94.97 rhino.acme.com # serveur source # 38.25.63.10 x.acme.com # hôte client x 127.0.0.1 localhost De : David Lum [mailto:david@nwea.org] Envoyé : 12 janvier 2012 10:42 À : NT System Admin Issues Objet : RE: PC that can't Google Odd, even by default there's one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
Re: PC that can't Google
On Thu, Jan 12, 2012 at 11:16 AM, Chad Leeper c...@capitalcityfruit.com wrote: Probably not what you want to hear but, a VPs machine that has a known infection Flatten the box and rebuild it. That is the only way to be sure you got all the spyware/junk off of it. +255. Once a machine has been compromised, you cannot trust anything about it anymore. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
Re: PC that can't Google
On Thu, Jan 12, 2012 at 11:54 AM, Eric Wittersheim eric.wittersh...@gmail.com wrote: Take the drive out and slave it to another machine for malware scanning. You should also try the scans in safe mode. I would advise against that. If you're going to try and recover a compromised machine, the first thing you need to do is get running in an environment you can trust. Safe Mode is still depending on a computer *you know is compromised*. All sorts of malware is known which can still subvert the machine in Safe Mode. Remove the drive, attach the drive as a secondary drive to a known-clean computer, and scan it using the known-clean computer's software. This will still only find known malware, but at least you're not trusting a known-bad computer. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Also try deleting all cookies. We had a machine the other day with that issue, it was a problem with a malformed cookie. Having said that, however, +1 on flattening the machine after you get any necessary files off -- you'll never be sure you haven't kept a root kit or some other bleeped-up zero-day widget. David On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.com wrote: ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- David _ ** The democracy will cease to exist when you take away from those who are willing to work and give to those who would not. ~Thomas Jefferson ** ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
that looks like maybe an IPv6 loopback ? But before editing the hosts file you'll need to change it from Read Only Have you looked at browser addins (BHOs) for oddities ? On Thu, Jan 12, 2012 at 12:26 PM, Bob Hartung bhart...@wiscoind.com wrote: ** Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com -- *From:* David Lum [mailto:david@nwea.org] *To:* NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com ] *Sent:* Thu, 12 Jan 2012 09:41:38 -0600 *Subject:* RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 7:04 AM *To:* NT System Admin Issues *Subject:* RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com -- *From:* David Lum [mailto:david@nwea.org] *To:* NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] *Sent:* Thu, 12 Jan 2012 08:57:32 -0600 *Subject:* RE: PC that can't Google HOSTS file? *From:* Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 6:52 AM *To:* NT System Admin Issues *Subject:* PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: PC that can't Google
I think that one should say ::1 Localhost which is IPV6speak for 127.0.0.1 Localhost. There must have been something else in there that was causing this. Gotta be. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 12:26 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise
Re: PC that can't Google
I would almost bet money that it's still infected. On Thu, Jan 12, 2012 at 12:54 PM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jan 12, 2012 at 11:16 AM, Chad Leeper c...@capitalcityfruit.com wrote: Probably not what you want to hear but, a VPs machine that has a known infection Flatten the box and rebuild it. That is the only way to be sure you got all the spyware/junk off of it. +255. Once a machine has been compromised, you cannot trust anything about it anymore. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- -cynicalgeek- cynicalgeekatgmail.com -- ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
You've still got a nasty infection. Take the hard drive out, slave it to another machine, scan it with at least two different anti-malware packages, save the documents only after scanning, and if you don't want to put a new hard drive in it, delete the partition and rebuild the machine from scratch. Kurt On Thu, Jan 12, 2012 at 09:26, Bob Hartung bhart...@wiscoind.com wrote: Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body
RE: PC that can't Google
Looks like ::1 = 127.0.0.1 but for IPv6. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 1:20 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com
RE: PC that can't Google
In order to edit the Hosts file, you’ll need to Open Notepad by using the Run as Administrator option. Then, using Notepad, you’ll need to open the hosts file, then you’ll be able to edit. Thank you Win 7/Server 2008. But the ::1 entry is just the IPv6 version of 127.0.0.1 Joe Heaton ITB – Windows Server Support From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 10:20 AM To: Heaton, Joseph@DFG; NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhartung@wiscoindcommailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body
RE: PC that can't Google
Any chance you had a System Restore point you can roll it back to? John W. Cook System Administrator Partnership For Strong Families 5950 NW 1st Place Gainesville, Fl 32607 Office (352) 244-1610 Cell (352) 215-6944 MCSE, MCP+I, MCTS, CompTIA A+, N+, VSP4, VTSP4 From: David [mailto:blazer...@gmail.com] Sent: Thursday, January 12, 2012 1:37 PM To: NT System Admin Issues Subject: Re: PC that can't Google Also try deleting all cookies. We had a machine the other day with that issue, it was a problem with a malformed cookie. Having said that, however, +1 on flattening the machine after you get any necessary files off -- you'll never be sure you haven't kept a root kit or some other bleeped-up zero-day widget. David On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.commailto:bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215tel:%28608%29%20835-3106%20x215 Fax: (608) 835-7399tel:%28608%29%20835-7399 e-mail: bhartung(at)wiscoind.comhttp://wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- David _ The democracy will cease to exist when you take away from those who are willing to work and give to those who would not. ~Thomas Jefferson ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
For future use: Right-click on Notepad and choose “Run as Administrator”, then you can open/edit/save the hosts file with Notepad. And yes you need to do this even if you’re already logged in as a local admin. I would be VERY suspect of a machine with a compromised HOSTS file. If you don’t want to flatten/rebuild it (the recommended action), do run a rootkit scan. Future reference #2 – the HOSTS file can’t be modified if the user isn’t logged in as a local admin ☺ Dave From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 10:20 AM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.orgmailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt
Re: PC that can't Google
agreed, especially if he is unable to change hosts file read only property, something has it locked. On Thu, Jan 12, 2012 at 1:51 PM, Cynicalgeek cynicalg...@gmail.com wrote: I would almost bet money that it's still infected. On Thu, Jan 12, 2012 at 12:54 PM, Ben Scott mailvor...@gmail.com wrote: On Thu, Jan 12, 2012 at 11:16 AM, Chad Leeper c...@capitalcityfruit.com wrote: Probably not what you want to hear but, a VPs machine that has a known infection Flatten the box and rebuild it. That is the only way to be sure you got all the spyware/junk off of it. +255. Once a machine has been compromised, you cannot trust anything about it anymore. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- -cynicalgeek- cynicalgeekatgmail.com -- ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
On 1/12/2012 11:03 AM, John C Owen wrote: It’s a file without an extension Usually in C:\Windows\System32\drivers\etc or equivalent. You are searching with system files shown, right? *From:*Bob Hartung [mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 10:04 AM *To:* NT System Admin Issues *Subject:* RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com *From:*David Lum [mailto:david@nwea.org] mailto:[mailto:david@nwea.org] *To:* NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] *Sent:* Thu, 12 Jan 2012 08:57:32 -0600 *Subject:* RE: PC that can't Google HOSTS file? *From:*Bob Hartung [mailto:bhart...@wiscoind.com mailto:bhart...@wiscoind.com] *Sent:* Thursday, January 12, 2012 6:52 AM *To:* NT System Admin Issues *Subject:* PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com mailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 That's an IPv6 address. That's normal. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Some [possibly] easy no-touch cleanup: *Reset Hosts File*: *MicrosoftFixit50267*.msi Reset Internet Explorer Settings: *MicrosoftFixit50195*.msi Reset TCP/IP: *MicrosoftFixit50199*.msi Reset Winsock: *MicrosoftFixit50203*.msi Run them quietly ala: msiexec /i msi file /quiet /passive /norestart Restart afterward. -- Espi On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.com wrote: ** One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Possible file was set to read-only. read only attributes wouldn't let you edit it. That ::1 is ivp6 address. Further down in that hosts.junk should be some funny addresses there with a ton of blank space between the ::1 the end of file. Tammy From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: January-12-12 12:26 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com _ From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: PC that can't Google
Did you check the PC's DNS settings? Alex Eckelberry www.eckelberry.com http://www.eckelberry.com/ c 727 644 8830 Skype: alexeckelberry From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Thursday, January 12, 2012 3:56 PM To: NT System Admin Issues Subject: Re: PC that can't Google Some [possibly] easy no-touch cleanup: Reset Hosts File: MicrosoftFixit50267.msi Reset Internet Explorer Settings: MicrosoftFixit50195.msi Reset TCP/IP: MicrosoftFixit50199.msi Reset Winsock: MicrosoftFixit50203.msi Run them quietly ala: msiexec /i msi file /quiet /passive /norestart Restart afterward. -- Espi On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 tel:%28608%29%20835-3106%20x215 Fax: (608) 835-7399 tel:%28608%29%20835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: PC that can't Google
Good point. It might still be pointed at ClearCloud. :) (Sorry, couldn't resist.) On Thu, Jan 12, 2012 at 4:45 PM, Alex Eckelberry a...@eckelberry.com wrote: Did you check the PC’s DNS settings? Alex Eckelberry www.eckelberry.com c 727 644 8830 Skype: alexeckelberry From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Thursday, January 12, 2012 3:56 PM Some [possibly] easy no-touch cleanup: Reset Hosts File: MicrosoftFixit50267.msi Reset Internet Explorer Settings: MicrosoftFixit50195.msi Reset TCP/IP: MicrosoftFixit50199.msi Reset Winsock: MicrosoftFixit50203.msi Run them quietly ala: msiexec /i msi file /quiet /passive /norestart Restart afterward. -- Espi On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin To: NT System Admin Issues Subject: Re: PC that can't Google ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
I believe you can put the hosts file in a nonstandard location specified by HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath The one in %windir%\System32\drivers\etc could be a decoy. …Tim From: Tammy Stewart [mailto:copper...@personainternet.com] Sent: Thursday, January 12, 2012 1:40 PM To: NT System Admin Issues Subject: RE: PC that can't Google Possible file was set to read-only. read only attributes wouldn't let you edit it. That ::1 is ivp6 address. Further down in that hosts.junk should be some funny addresses there with a ton of blank space between the ::1 the end of file. Tammy From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: January-12-12 12:26 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org]mailto:[mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com]mailto:[mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.commailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise
Re: PC that can't Google
One more thing to consider... there's a bit of malware that hides the real hosts file, stuffs it full of nastyness, and creates an innocuous-looking file that *appears* to be named hosts, but the o is some other unicode character either exactly the same visually, or imperceptibly different from, lowercase o. hosts is not supposed to be a hidden file. To complicate things, some A/V packages try very hard to prevent edits to hosts. --Steve On Thu, Jan 12, 2012 at 5:35 PM, Tim Evans tev...@sparling.com wrote: I believe you can put the hosts file in a nonstandard location specified by HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DataBasePath The one in %windir%\System32\drivers\etc could be a decoy. …Tim From: Tammy Stewart [mailto:copper...@personainternet.com] Sent: Thursday, January 12, 2012 1:40 PM To: NT System Admin Issues Subject: RE: PC that can't Google Possible file was set to read-only. read only attributes wouldn't let you edit it. That ::1 is ivp6 address. Further down in that hosts.junk should be some funny addresses there with a ton of blank space between the ::1 the end of file. Tammy From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: January-12-12 12:26 PM To: NT System Admin Issues Subject: RE: PC that can't Google Interesting. Originally I searched for hosts on the C Drive and nothing showed up. Now I've navigated to windows\system32\drivers\etc, there's the hosts file. I can open it and it looks like the default hosts files with one exception, the last line is ::1 I tried to edit this out but was denied even though I'm logged in as the local administrator. I went to the command prompt and ran attrib on it and it show as an SHR. Checking another PC and normally this file doesn't have these attributes. I tried to change the attributes but still no luck. Finally, I tried renaming the hosts files to hosts.junk and that worked. Go figure. Then I copied a default hosts file from a different PC and that enabled Google.com. I don't have a clue as to why this fixed the problem. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 09:41:38 -0600 Subject: RE: PC that can't Google Odd, even by default there’s one that has 127.0.0.1 in it. Show hidden and system files and look in hidden files and folders and look again, it should exist. From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 7:04 AM To: NT System Admin Issues Subject: RE: PC that can't Google I've searched the C drive for any hosts file and couldn't find one. -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com From: David Lum [mailto:david@nwea.org] To: NT System Admin Issues [mailto:ntsysadmin@lyris.sunbelt-software.com] Sent: Thu, 12 Jan 2012 08:57:32 -0600 Subject: RE: PC that can't Google HOSTS file? From: Bob Hartung [mailto:bhart...@wiscoind.com] Sent: Thursday, January 12, 2012 6:52 AM To: NT System Admin Issues Subject: PC that can't Google One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 Fax: (608) 835-7399 e-mail: bhartung(at)wiscoind.com
