Tilted Forum Project Discussion Community

Tilted Forum Project Discussion Community (https://thetfp.com/tfp/)
-   Tilted Technology (https://thetfp.com/tfp/tilted-technology/)
-   -   Google search not working... (https://thetfp.com/tfp/tilted-technology/29424-google-search-not-working.html)

Mr. Mojo 09-29-2003 01:53 PM

Google search not working...
 
When i try to run a google (or yahoo) search i get this page, and cant search for anything. The funny thing: GIS and Google news still works.
This happen to anyone?


Are you trying to get to Google?
Your computer is running software that doesn’t allow you to use Google.
You’re seeing this page because your computer is trying to send you to a website that is pretending to be Google. Over the past few weeks, you may have seen a website that looks like Google, but launches pop-up windows and does not work like Google. That page is not affiliated with Google in any way and is intended to deceive you.

Why is this happening?
Most likely a program was installed on your computer automatically and without your knowledge when you downloaded an otherwise harmless piece of software. Or you may have been tricked into clicking on a disguised download button while visiting a website.

What can I do about it?
This problem can be fixed fairly easily, but will require that you make changes in a file that is part of your computer’s operating system. You should always be cautious when making these kinds of adjustments, as they may affect the performance of your computer. If you are not comfortable doing this yourself, you may want to print out this page and show it to someone whose technical knowledge you trust.

What steps do I take?
The first step is to remove the entry for Google from your hosts file. This entry is telling your computer where to send your computer instead of to Google.

In Windows, open the Notepad program. You can do this by going to the Start menu in the lower left of your screen, selecting “Programs,” then “Accessories,” then “Notepad.”

In the Notepad menu, click on “File,” then “Open.” You will see a new window asking which file to open. You may need to change "Files of type" to "All Files" instead of "Text Documents". The actual file to open is listed below:

If your computer is running Windows XP, Window NT, or Windows 2000, the file is located in the folder found by following this path:

My Computer >Local Disk(C) >Windows >System32 >Drivers >etc >hosts

If your computer is running Windows 98, Second Edition or Windows ME, the file is located in the folder found by following this path:

My Computer >Local Disk(C) >Windows >hosts

Once you have opened this file, remove entirely any line of text that contains “google.com”, “www.google.com” or other Google domains (such as “google.co.uk”). To remove the text, highlight it by dragging your pointer across the line while holding down the mouse button. Once the text is highlighted, hit the Backspace or Delete button, then save the file by going to the File menu and clicking “Save.” You can now exit Notepad.

What else can I do?
You might want to try software that attempts to detect and uninstall programs like this one. While we do not have a relationship with anyone who offers this software and we cannot endorse a particular product, the most popular programs for doing this seem to be Spybot Search and Destroy and LavaSoft's AdAware. The particular program affecting your computer is relatively new, so these products might not be able to detect and repair this type of problem yet.

The next step is to learn more. You can visit http://www.doxdesk.com/parasite/ to review information about a number of known self-installing software programs. Several articles on the web may be helpful, such as

· http://www.theage.com.au/articles/20...172507212.html
· http://news.com.com/2100-1023-877568.html
· http://news.com.com/2100-1023-257592.html

Investigate individual programs using search engines. Try keywords such as "spyware," "scumware," and "adware."
Once you’re informed, take action. Help your family and friends avoid these annoying programs. If you can find the site that installed this software on your computer, let them know how you feel about it. You might also want to track down companies that benefit from having your web visits redirected, and share your feelings with them.

Finally, it's quick and easy to file a complaint with the Federal Trade Commission (FTC). This U.S. government agency handles complaints about deceptive or unfair business practices. To file a complaint, visit: http://www.ftc.gov/ and click on "File a Complaint Online", or call 1-877-FTC-HELP. Or write to:

Federal Trade Commission
CRC-240
Washington, D.C. 20580

If your complaint is against a company in another country, you can file it at http://www.econsumer.gov/.

Redlemon 09-29-2003 02:03 PM

The page you are reading is entirely true. Google has detected that a page is leeching off of them. Follow the directions to clean out your system.

(I think there was another identical thread on TFP recently; if not, another of the boards I frequent.)

heyal256 09-29-2003 02:43 PM

I have never come across that problem before, but it does sound legit. The steps about removing google entries from your hosts file isn't a problem only because there is no reason for them to be there. usualy the only things in your hosts file should be he names/ips of computers on your local network OR maybe the name and ip (127.0.0.1) of the ad networks so that you can block ads.

MontanaXVI 09-29-2003 02:52 PM

wow sounds like some proggie did a bad number on you there, nice to see google is able to detect and warn people about it. Good luck on getting it corrected but it seems you are on the right step

jfranco13 09-29-2003 03:06 PM

Here is a link to the previous thread with some good info and solutions towards the bottom:

http://www.tfproject.org/tfp/showthr...threadid=28238

Redlemon 09-30-2003 05:32 AM

Also, in case you don't trust any of us, here's a link over at Spyware Info that has an excellent description of what is going on. I get their newsletter weekly, it is a must-read. It has an even easier solution to the problem.

Mr. Mojo 09-30-2003 08:50 AM

Thanks for all your help. There so much crap out there, you cant help but be wary of everything.

So how did this happen?

I have KazzaLite installed, should I dump that?

paultantk 09-30-2003 10:23 AM

I had a problem with Google this morning too, but unrelated to this topic though. It just showed some Javascript source code and that was it.

Redlemon 09-30-2003 11:12 AM

Quote:

Originally posted by Mr. Mojo
So how did this happen?
From the SpywareInfo site,
Quote:

There are several possible means of distributing this hijack. The most common way is to spam people with a link to a web site hosting the malicious code. Some email clients also may download and execute a malicious java applet as soon as the attacker's email is opened or previewed.

Please do not be fooled by "experts" who downplay the danger of this and other flaws by saying the victim would first have to visit a malicious web site. There are many ways to force a victim's computer to load a particular web site. We help dozens of victims of such hijacks every single day at the support forums.

Victims show none of the regular symptoms of a browser hijack other than a bad HOSTS file. There are no suspicious activex objects or other tell-tale signs of infections. This leads me to believe that the victim was hijacked using either Microsoft Java VM or MSHTA.

The CWS trojan is one example of malware that exploits the ByteVerify flaw in Microsoft's proprietary version of Java. Faulty code checking allows an attacker to run arbitrary code on the victim's machine. This flaw has been patched in an updated version of Microsoft VM. My advice is to install the much more secure Sun Java and to use that instead of Microsoft Java.

The other possibility is the object data flaw I've written about previously. A flaw exists in Microsoft Internet Explorer that allows a malicious hacker to fool it into running malicious scripts with reduced security restrictions. Microsoft released a patch for this flaw, but unfortunately it failed to fix the problem. A workaround is either to disable ActiveX controls and plugins in Internet Options > Security or to run the HTAStop program from NSClean.
So, first thing is dump Microsoft VM and replace with Sun Java.

Personally, I use the Mozilla Firebird browser, and haven't had any security issues (IE can leave a lot of holes open). I also run Ad-Aware and SpyBot every other week or so.


All times are GMT -8. The time now is 02:54 AM.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2021, vBulletin Solutions, Inc.
Search Engine Optimization by vBSEO 3.6.0 PL2
© 2002-2012 Tilted Forum Project


1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360