If none of the above methods
have eliminated your problem, the next step is a manual search through several
areas of your system, looking for signs of the offending program. To do
this: First go to the control panel
and open 'add or remove programs.' Look for any suspicious entries here
(software you don't recognize, or which is named oddly or contains links to the
problems you are experiencing.) and remove them.
Empty the recycling
Open the HOSTS file by
launching a Notepad window and opening the
'C:\WINDOWS\SYSTEM32\DRIVERS\ETC\HOSTS' file. Note that the HOSTS file has no
extension, so it will not appear as a text file. You will need to change the
'files of type' dropdown box to 'all files' in order to see it.
The HOSTS file provides a
means for your system to resolve DNS addresses (like
www.pcstats.com ) into IP addresses for transferring data
across a network or the Internet.
Typing the addresses from the right hand column
into your browser will result in it being directed to the IP address to the left
of that address. In this way, a browser hijacker can divert traffic
automatically from legitimate pages to those of its own choosing, since your
computer will check its own HOSTS file for data on an address you enter before
it asks your Internet Service Provider's DNS server for information.
The only entry in a normal
HOSTS file should be
Unless you have customized it
yourself or your computer is part of a network which is managed by someone else.
Note that in some cases, other programs such as Norton's email protection
software may insert their own entries into the hosts file. What you are looking
for is a diversion of commonly used websites or Internet Explorer search
functions to a specific valid IP address.
The picture above shows a
HOSTS file with a foreign entry which would redirect a browser to the IP address
'184.108.40.206' if 'www.google.com' was requested. Eliminate any foreign entries
and save the file.