Gereetings everybody,
I'm reading this article:
http://www.daniweb.com/blogs/entry1911.html
I must admit I cannot understand how this is possible? Is this problem affects only users computers or Google web site.
"acts by modifying the infected computers' Hosts file " Where is that hosts file? is it on my computer?
If my computer is clean, is it still possible to see hijacked google advertis. on some web pages?
Micko 2 Junior Poster
DimaYasny 180 Godmode enabled Team Colleague Featured Poster
very simple. the virus puts a spoofed IP address in the hosts file, the basic internal DNS for every PC (c:\windows\system32\drivers\etc\hosts)
and when your browser is supposed to show a banner from googlesyndication.com it gets the wrong IP address because it is altered in the hosts file.
if you don't know what a hosts file is, of course you wouldn't understand the threat. it is very primitive, so no worries, just have a look into that hosts file and see if you have a record for googlesyndication.com in there
crunchie 990 Most Valuable Poster Team Colleague Featured Poster
The Hosts file is on your pc. It has no file extension. Can be found (on XP) here; C:\WINDOWS\system32\drivers\etc\HOSTS
Micko 2 Junior Poster
I only have entry for localhost, so my computer is clean, I suppose.
Thank you for your help.
The Dude 944 Nearly a Senior Poster
What if you LOCKED your host file and UNCHECKED "Archive",wouldnt this make it harder to alter that file?? (I have always wondered this)
DimaYasny 180 Godmode enabled Team Colleague Featured Poster
not really. remove permissions - yeah, that's the way linux works
Be a part of the DaniWeb community
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.