Spyware :: Threats :: Browser Hijackers :: Host Hijack
When you type in a URL in the address bar in your browser, it queries a DNS to try and resolve the domain name to an IP address. However the hosts file can be used to bypass this process as it checks the host file before querying the DNS. The locations are as follows depending on your operating system;
c:\windows\hosts [Windows 95/98/me] c:\winnt\system32\drivers\etc\hosts [Windows NT/2000/XP Pro] c:\windows\system32\drivers\etc\hosts [Windows XP Home]
126.96.36.199 google.com 188.8.131.52 www.google.com
This will affect all programs connected to the Internet not just Internet Explorer. Some Hijackers have used this technique to redirect popular sites to their website. For example it's possible to redirect all popular search engines to a website of your choice. The kind of attack can be very hard for the average user to fix, and will most likely require specialist software or detailed instructions given to help people fix this kind of attack. Other practises involve changing auto.search.msn.com to redirect to their website, so whenever users type an incorrect URL it will redirect to auto.search.msn.com but then resolve it to a different IP address of the hijackers choice. This will also not be fixed if you reset web settings because all that does it set you search page back to auto.search.msn.com, and leaves the hosts file unaltered.
Browser Hijackers : Further Info on Adoko
URL Prefix Attacks
Internet Reset Hijack (iereset.inf hijack)
Adoko Forum - If you've been hijacked, and need any advice on how to remove it - try the adoko forum.
Browser Hijackers : Links
Internet Controller - A program from Adoko.com, you might find this useful for sorting out hijacking problems.
Hijackthis - A great program for sorting out hijacking problems.