Google Timeout or Virus Warnings on Page Load

Posted: October, 23 2008

When visiting websites, specifically in Internet Explorer, or installing software, there may be changes to your computer, adware or spyware may have found its way on your machine that will cause your computer to behave abnormally. Often changes are made to the HOSTS file that directs traffic to search engines such as google.com and msn.com on your machine.

Often registry keys are changed to make this adjustment upon restart of your computer, so sometimes a one-time fix doesn’t eliminate the problem.

The HOSTS file, located in

C:/windows/system32/drivers/etc (there is also a C:/windows HOSTS file) on XP, and,
C:/windows/ on 95,98 and ME, and
C:/winnt/system32/drivers/etc on 2000 and NT based operating systems.

A new VBS.QHOSTS trojan appears to be causing some people’s problems, this puts a copy of HOSTS in your c:/windows/help, c:/winnt/help directory, you should be able to simply delete HOSTS files in these locations.

By default these have no real useful routing information. You may have to right click on the file, and select “properties”, and uncheck “read only”. I also received an email stating that win2k users may have to boot in safe mode for the changes to be applied.

In the file is an explanation of how the file works.

As noted, the first piece of information is the IP address where the second piece of information, the domain, is routed. For instance, if you placed (216.239.51.99, one of google’s IP addresses) as the first piece of information, and www.yahoo.com as the second, yahoo.com would now display google.com on your machine only.

If you’ve installed Kazaa Lite, and installed the HOSTS file, you’ll find the HOSTS file has a good deal of information in it. Most of it is to eliminate advertisements, etc.

Firstly, you’ll have to agree to view the files, when Windows tells you it’s a protected folder. You’ll also have to go to the options settings and choose view (not hide) system files, and perhaps hidden files. HOSTS as a file has no extension, it?s just HOSTS (there will likely be a hosts.ics file in the same folder). To open the file you can right click and send to notepad (if you have this option setup), or choose “open with” and select notepad, you may also be able to double-click on the file, and have it request what service you want to use to open the file. No matter what, always choose notepad, and I would advise to not check the box indicating that you always open files of this type with this application.

Upon locating the file and opening it, scan for the domain with which you are having the problem. If you have an entry for www.google.com or google.com, you would delete that line of data if to repair problems with the google page timing out, not loading, or causing your virus software to display warnings. Any other domains you see that aren’t working, msn.com, yahoo.com, askjeeves.com (for whatever reason you would need askjeeves) should also be removed. Save the file, exit, and restart.

Some people have found it more affective to just delete the hosts file and restart. I didn’t recommend it, but it’s the brut force solution.

Additional Safe Browsing

Suggestions:

* Download and use Mozilla for your email and web browing needs.
* If you must use Internet Explorer, disable javascript, and download the google toolbar. This will at least get rid of most of the popups I’ve not missed since moving to Mozilla.
* Again, if you must use Internet Explorer, go to Tools->Internet Options, and click on the “Accessibility” button, and uncheck “format dcouments using my style sheet”. (There is an exploit that runs javascript to launch a window at the 5000 x 5000 pixel, it’s an Internet Explorer exploit)