Bizarre problem......cannot access search engines but everything else OK

Hi guys,

I'm at my wit's end.

I cannot access google, lycos, or any of the other major search engines.  Yet all other websites work fine.  I have windows 98, IE 6 and Netscape 7.1 (same problem with both).  I have scanned for viruses AND adware, and no viruses were found, tons of adware was found and removed, but the problem persists.  Any ideas?


Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Page won't load at all??

Any error messages?
Clicking on this link will not open google??
What is your ISP? do you use their software? or just use a DUN with their settings and then browse with IE or Netscape?
Angular Fundamentals

Learn the fundamentals of Angular 2, a JavaScript framework for developing dynamic single page applications.

You've most likely acquired the QHosts.Trojan

The removal tool is here
Go to C:\windows and see if there is a file (with no extension and with the "unknown file type windows flag-icon) named HOSTS or hosts. There may also be another one below it named HOSTS.SAM.  Just ignore that one.

If "hosts" is there, hold down your Shift Key > Right-Click on it > "Open With".
Uncheck the "always use this program to open files of this type" box
Scroll down to NotePad and double-click on it.
Delete all content and save the file.
Alternatively, just delete the file - windows can live without it.

HomePage HiJackings sometimes use the hosts file and add entries there.  Some people use the file deliberately to block specific web addresses by pointing them back at their own computer's IP address.

It does sound like spiderfix's suggestion, though.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
The Trojan will just rewrite to the HOSTS file.
cnwilsonAuthor Commented:
To all who replied, thank you very much.

Spiderfix, I tried your solution first but the trojan wasn't detected.  I then followed BillDL's instructions and the worked like a charm, so I awarded him the points.  I'll keep an eye on it to see if it rewrites.
Thank you, cnwilson.

I'll dig out a text file I saved with a few more details about the misuse and uses of the hosts file and post back here.

Meantime, here's some general notes I post for people experiencing issues concerning spyware and rogue processes running.  While it obviously doesn't all apply to you, take a look at the program "HiJack This".

This identifies known tracking cookies, and I'm sure it once identified entries in the hosts file on a computer I was fixing.

Firstly, download, install and run the freeware personal version of "Adaware" from Lavasoft.  It will identify any rogue Advertising Software or components on your system and allow you to get rid of them.

Download, unzip, and run (no need to install) the freeware "BHO Demon".  Browser Helper Objects (or BHO's) are small programs that run automatically when you start your Internet Browser, come in many forms including the legitimate Adobe Acrobat Reader, and Norton AntiVirus, but also can be malicious or just a plain nuisance.  This program allows you to enable or disable them.  Take for example Go!Zilla, the downloading utility, which installs a BHO created by Radiate (formerly Aureate Media).  This BHO tracks which advertisements you see as you surf the Web, which may not bother you too much, but it is using up resources.

That said, there is no restriction on what a BHO can do your system.  It can do anything any other program can do ie. read or write (or delete) anything on your system.  Usually, software is installed on your system explicitly by you, but BHO's have a history of being installed without the users knowledge.

With BHO Demon, BHO's are disabled by simply renaming the DLL that houses them.  By renaming the DLL, instead of deleting it, you have the option of enabling it later if you wish.

You should also run a Full virus scan of your system after updating your AntiVirus software with the latest definition download.  Scan ALL files, memory and boot sector where these are options.

To inspect what processes are running on your system:

Use the Start Menu as follows:

1. Start > Run > and type MSINFO32
2. In the left pane, find "Software Environment"
3. For each of the following sections, click on it and then use the menu as follows:
    Edit > Select All > Edit Copy
4. Paste each into NotePad and save by the name of the section in MSINFO32

Software Environment\
                                  Running Tasks
                                  Startup Programs
                                  System Hooks

You need to decide what you need and don't need to run automatically when Windows boots.  You could disable many of them using "Start > Run"  > and typing MSCONFIG.  The checkboxes are in the "startup" tab, and the only one you usually require is the System Tray.  You could retore them again one at a time again, rebooting between, and test until you find the culprit.

A helpful page to assist you in identifying Startup items is:

Another useful program for finding things that take over your system is "HiJack This" from: 

It will run from any folder without needing installation.  Just unzip it, launch Hijack This, and configure it quickly.  It will scan your system for evidence of known parasites and allow you to remove them.  You can also obtain an instant list.  Press "Config" > "Miscellaneous Tools", and press "Generate Startuplist Log".

No application will identify ALL potential risks, but these are a few good ones that are easy to use.
Taken from

The "Hosts" file in Windows and other operating systems is used to associate host names with IP addresses. Host names are the addresses that you see every day. IP addresses are numbers that mean the same thing as the www words - the computers use the numbers to actually find the sites, but we have words like so humans do not need to remember the long strings of numbers when they want to visit a site.

For instance, the host name for Yahoo! is, while its IP address is Either address will take you to Yahoo!'s site, but the www address will first have to be translated into the IP address. If you type in the IP address directly, your computer will not have to look it up.

A series of steps are used when searching for IP addresses that go with these host names. The first step, and the one that concerns us here, is the hosts file on your local computer. The Hosts file tells your computer what the name is in numbers so the computer can go find it. If the IP address is found in your Hosts file, the computer will stop looking and go to that site, but if it is not it will ask a DNS computer (domain name server) for the information. Since the search ends once a match is found, that provides us with a mechanism to block sites we have no interest in. You may block sites that serve advertisements, sites that serve objectionable content, or any other site that you choose to block.

We can put names and addresses into the Hosts file so your computer does not have to ask a DNS server to translate the domain name into an IP number. This speeds up access to the host site you want to see because your computer no longer has to query other systems on the Internet for the address translation. When you type in a web address like, the host name portion of the web address is translated into an IP address before the site is accessed. If you put Yahoo!'s host and IP settings into your Hosts file, it would load a little quicker because your computer doesn't have to ask another to translate where to look for Yahoo!

Computers have a host address of their own - it is known as the "localhost" address, with an IP address of which it uses to refer to itself. If you associate another computer's host name with your localhost IP address, you have effectively blocked that host since all attempts to access it will lead back to you. That is how we will block sites using the Hosts file. We will tell our computer that the IP address of the site we want to block is our own address. That way, our computer will not ever leave and go looking for the site we are blocking - which keeps that site from appearing because the computer thinks it has found the site and displayed it already.

Many web sites have links to other servers for the retrieval of advertisements. In the case of those web servers, the browser will quickly fail to locate the requested data (scripts, images, etc.) from the advertising server because we told our computer to look for the information on itself - of course it won't find any of it and will quit looking for it - and will continue loading the pertinent portions of the page you want to see. This will keep your computer from even talking to the ad servers, and thus you won't see the ads, they can't put cookies on your hard drive, and you can't be profiled by them.


Download sample hosts files with blocked web sites:
(blocks over 12,800 servers)

Ready-made template:

Other configuation:

eDexter is a program that acts as a local-only (it is not accessible throught the Internet) HTTP server on your computer. It is used to replace the empty boxes that occur when you use the Hosts file to block ads. eDexter will put one of its own images into the box that would have been occupied by the advertisement. This way, you will not have large, empty boxes in your browser and will instead have an image where the box used to be.

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.