The pc technician offers help with computer </a> problems and virus removal got
a
virus? pc technician says that even windows 7 needs a good anti-virus program, you can get free software from the sources given on this page 		virus help



PC Technician discusses hijacking of Google search




Something to watch out for!    Google search results hijacked.

This month's tip has to do with a sneaky little trick the hackers use to hijack your Google search results and send you to adverisers hell. What the clever little SOB's do was to modify a file in windows called the hosts file. They added one other trick and that was to set the hidden attribute to "on" - so when you look in the

"C:\windows\system32\drivers\etc "   folder

you do not see the "hosts" file. And the entry they added looks like this:

94.63.147.16     www.google.com

which now sets the google server to the ip address as shown, i.e., the address 94.63.147.16. Here's what happens. With the bogus entry in the hosts file - you are sent to this ip address and here is screen shot of the page that is returned when you type in the google URL, i.e., - http://www.google.com - see below:

google bogus results page

Well, this looks exactly like Google's home page but remember it is the bogus address - not google's. So I typed in a search term "windows 7" and got the search results page as shown below:

bogus google results page

In this screen shot I left the mouse cursor over the result for "Windows 7 -Microsoft Windows" and you can see the left hand bottom of the page - indeed shows the correct URL for this site. If I click on this link it DOES take me to the correct site. But if you look at the next screen shot where I moused over the site
"Windows 7 How-To Articles, Tips, and Guides :: How-To Geek"
Screen shot for How-To Geek below:

image shows bogus results for google search

Now look at the URL ( lower left hand side - bottom of page) - this looks bogus and indeed it is, as when I clicked on the link I got this page see below ( and not Howtogeek.com site - and most of the other links are bogus as well):

redirected page from google bogus results

So, with this sneaky little trick - I was re-directed to the sprint.com site and not to what should have been the howtogeek.com site. The problem with this trick is that most anti-malware or anti-virus programs probably will not detect what had happened - as there is no telltale signs of a virus. The hosts file can be modified for legitimate purposes and the anti-malware programs have no way of determining what is legit and what is a bogus entry. The lesson here is to check the contents of the hosts file if you are getting strange or unexpected web page results. Happy Surfing!





PCTECHNICIAN.COM
Cool Counters @ pctechnician.com