If you are having trouble accessing search engines like google, yahoo or altavista, you may have been hijacked. This particular and latest one uses the hosts file to redirect all traffic from these major search engines to the following IP: 18.104.22.168
Do a search for 'hosts' no extension and open it in Notepad (If you use a hosts file and want to remove the offending entries manually). Remove all the lines that contain this IP address (see example below)
Where is the hosts file located ?
Windows 95/98/Me c:\windows\hosts
Windows NT/2000/XP Pro c:\winnt\system32\drivers\etc\hosts
Windows XP Home c:\windows\system32\drivers\etc\hosts
(you may need administrator access for Windows NT/2000/XP)
NOTE: Hosts is the name of the hosts file and not another directory name. It does not have an extension (extensions are the .exe, .txt, .doc, etc. endings to filenames) and so appears to be another directory in the example above.
If you do not use a hosts file, you can just delete the whole file using explorer as you would delete any other file.
Or you can get Hijack This and remove all of the lines that contain, again, this same IP as in this example:
O1 - Hosts: 22.214.171.124 www.google.com
More from Spyware info