I cant use any search engines.

[stevo]

I get this message:


Are you trying to get to Google?
Your computer is running software that doesn’t allow you to use Google.
You’re seeing this page because your computer is trying to send you to a website that is pretending to be Google. Over the past few weeks, you may have seen a website that looks like Google, but launches pop-up windows and does not work like Google. That page is not affiliated with Google in any way and is intended to deceive you.

Why is this happening?
Most likely a program was installed on your computer automatically and without your knowledge when you downloaded an otherwise harmless piece of software. Or you may have been tricked into clicking on a disguised download button while visiting a website.

What can I do about it?
This problem can be fixed fairly easily, but will require that you make changes in a file that is part of your computer’s operating system. You should always be cautious when making these kinds of adjustments, as they may affect the performance of your computer. If you are not comfortable doing this yourself, you may want to print out this page and show it to someone whose technical knowledge you trust.

What steps do I take?
The first step is to remove the entry for Google from your hosts file. This entry is telling your computer where to send your computer instead of to Google.

In Windows, open the Notepad program. You can do this by going to the Start menu in the lower left of your screen, selecting “Programs,” then “Accessories,” then “Notepad.”

In the Notepad menu, click on “File,” then “Open.” You will see a new window asking which file to open. You may need to change "Files of type" to "All Files" instead of "Text Documents". The actual file to open is listed below:

If your computer is running Windows XP, Window NT, or Windows 2000, the file is located in the folder found by following this path:

My Computer >Local Disk(C) >Windows >System32 >Drivers >etc >hosts

If your computer is running Windows 98, Second Edition or Windows ME, the file is located in the folder found by following this path:

My Computer >Local Disk(C) >Windows >hosts

Once you have opened this file, remove entirely any line of text that contains “google.com”, “www.google.com” or other Google domains (such as “google.co.uk”). To remove the text, highlight it by dragging your pointer across the line while holding down the mouse button. Once the text is highlighted, hit the Backspace or Delete button, then save the file by going to the File menu and clicking “Save.” You can now exit Notepad.

What else can I do?
You might want to try software that attempts to detect and uninstall programs like this one. While we do not have a relationship with anyone who offers this software and we cannot endorse a particular product, the most popular programs for doing this seem to be Spybot Search and Destroy and LavaSoft's AdAware. The particular program affecting your computer is relatively new, so these products might not be able to detect and repair this type of problem yet.

The next step is to learn more. You can visit http://www.doxdesk.com/parasite/ to review information about a number of known self-installing software programs. Several articles on the web may be helpful, such as

· http://www.theage.com.au/articles/20...172507212.html
· http://news.com.com/2100-1023-877568.html
· http://news.com.com/2100-1023-257592.html

Investigate individual programs using search engines. Try keywords such as "spyware," "scumware," and "adware."
Once you’re informed, take action. Help your family and friends avoid these annoying programs. If you can find the site that installed this software on your computer, let them know how you feel about it. You might also want to track down companies that benefit from having your web visits redirected, and share your feelings with them.

Finally, it's quick and easy to file a complaint with the Federal Trade Commission (FTC). This U.S. government agency handles complaints about deceptive or unfair business practices. To file a complaint, visit: http://www.ftc.gov/ and click on "File a Complaint Online", or call 1-877-FTC-HELP. Or write to:

Federal Trade Commission
CRC-240
Washington, D.C. 20580

If your complaint is against a company in another country, you can file it at http://www.econsumer



Is this the correct thing to do?

[Peep]

That is weird shit.

I don't know what to make of it, and I read it twice.

What is the URL of the the site that you get instead of google?

[Minnow]

Steve, Are you running any spyware removal programs? If not, go to lavasoft.com and download and run adaware. It should sniff out the google redirects and then you can remove them. It will also get the "live girls" icon off your desktop, so be careful. [img]i/expressions/face-icon-small-wink.gif[/img]

[stevo]

Thanks Minnow.

Peep..........The address never changes from say "MW" when i hit my search icon. That whole message just appears in the side bar. Yes.......alot of scrolling....LOL.

[Tom0Co]

Your browser has been hijacked. Had a friend with same problem. Nothing worked (spybot, etc...) until I found this thread.

http://www.wilderssecurity.com/index...threadid=14604

Go there and in the thread there is a link to download a program called "Hijack This" beta version.

It worked for him.

Good Luck!

[alm]

Are you trying to get to Google?
Your computer is running software that doesn't allow you to use Google.

----------------------

"The above is a message that many thousands of unfortunate browser hijack victims have been seeing recently, while trying to use certain major search engines. Someone has released a browser hijacker that exploits flaws in the Internet Explorer web browser to drop a bad HOSTS file on infected machines.

A HOSTS file is used to tell Windows that a web site is located at the IP address listed next to its name. When you load a web site, Windows checks this list to see if the site is listed there. If the site is not listed, Windows then checks your ISP's domain name servers to find the IP address of the web site.

This bad HOSTS file tells Windows that google.com, altavista.com, yahoo.com and other major search engines are located at the hijacker's IP address. Thankfully, it would seem the web host that owns that IP address terminated the attacker's account. Most likely, the attacker was running a pay-per-click search portal of his own and was hoping to profit from his victims.

http://www.spywareinfo.net/sept30,2003#searchjack"

[alm]

New Google redirect page - Trojan:
"Trojan.Qhosts or Qhost-1
October 1, 2003

A new trojan horse called Qhost-1 or Trojan.Qhosts was
discovered on October 1, 2003. The purpose of this
trojan is to "hijack" browser use. When page requests
are made, they are rerouted to specified Domain Name
Servers. This allows a remote "administrator" to direct
users to the pages of their choosing. For example, if
an infected user attempted to navigate to
http://www.google.com, they would be routed to a
different site.

This trojan is responsible for recent reports of strange
DNS changes on systems as recently reported on
NTBUGTRAQ. [McAfee] " (Road Runner San Antonio)

Sophos - Symantec (Removal of Qhost)

Related Microsoft IE Patch or go to Windows update and Scan for updates

TweakXP.com victim of Search Redirect Program

Discussion from Google Guy - more discussion

[Peep]

Good posts back guys.

KNEW somone here had to know LOL.

[stevo]

Yes.....Thanks guys. WEith a little help from Rogthedodger I will tackle this in morning.

Thanks alot
[img]i/expressions/face-icon-small-smile.gif[/img]

[WorldRunner2]

Run Spyware Search & Destory every morning. It's the first thing you should do.

I've written a TON of letters in the last year about making this type of thing illegal...but I'm sure I'm the only one doing anything about it rather than just bitching.