Almost 100% of the Malware take the help of your browsers to spread and infect your PC and other’s PC. And attempting to take control of your browser is an integral part of almost all malware attacks.

There are many shapes and forms of these attempts.

What is Browser Hijacking

One of the technique used by these malware is browser hijacking. Browser hijacking is the modification of a web browser’s settings by malware. The term “hijacking” is used as the changes are performed without the user’s permission. Some browser hijacking can be easily reversed, while other instances may be difficult to reverse. Various software packages exist to prevent such modification. But the easiest and most commonly used trick is to look for any undesirable changes made to your hosts file. We will deliberate on it a bit later.

Some other types of Malware try to change the favorites, bookmarks and shortcuts stored in your browser settings. For removing such attempts, you have to carefully scan all these settings in your browser and take action accordingly.

Some of the websites to which your browsers automatically / fraudulently leads you try to scam you by selling fraud products like rogue antivirus / antispyware and security software. They try to trick you by displaying fake screens as if they are scanning your system for malware infections. The scan is completed with seconds and you are told that tens and hundreds of infections are there in your computer and you need to purchase XYZ software to remove these malware and clean your PC.

Some of the websites opened by browser hijackers are actually very dangerous and can potentially infect your computers. By exploiting the weaknesses and vulnerabilities in your browsers, these rogue websites are in a position to infect your computers through techniques like drive-by-downloads.

One method to solve such problems is using your Windows Hosts file. Although this is an old security measure but sometimes very effective in combating malware. A better way is to use an all round security software like PC Tools Internet Security. You can avail huge discounts on PC Tools Internet Security on this website.

What is Windows Hosts File

(Windows Hosts file is located at c:\windows\system32\drivers\etc\)

The Hosts file contains the mappings of IP addresses to host names. This file is loaded into memory (cache) at startup, then Windows checks the Hosts file before it queries any DNS servers, which enables it to override addresses in the DNS.

You can use your Windows Hosts file to combat malware and browser hijackers in two ways.

1. Remove Unwated Entries in Hosts file

Sometimes you will see some unwanted entries in your hosts file (see screenshot)

hosts-file

In this case, if you type www.yahoo.com in our browser address bar, you will be directed to the IP address, which is not of Yahoo. Although you will see http://www.yahoo.com in your address bar, but the web page shown will be different from Yahoo.

Many malware try to make such rogue entries in youu hosts file and you are fooled when you try to reach a popular website like Google, Yahoo or any other website. Once you reach there, it will try to scam you or infect you with the malware.

2. Block Rogue Websites in Hosts file

If you know about a particular rogue website, which has affected your system, you can easily block that through your Hosts file. For instance, one particular malware like Trojan modifies your system files to open rogue websites like www.windefender2009.cn.  A visit to this website will start a fake scan of your system to tell you that your system is infected and thus try to sell a rogue antispyware software to you.

It is very irritating pop-up and will make your life hell.

In order to block it, you can manually edit your hosts file using Notepad and make the following entries in the last.

127.0.0.1 www.windefender2009.cn

hosts-file1

127.0.0.1 is the IP address of your own computer and this entry in hosts file will tell your browser that this website is located within your computer. Thus effectively you will be saved from visiting that rogue website.

Recommended: 20% Off on PC Tools Internet Security 2009 – Avail huge Discount

P.S.: You can also block advertisement serving websites or porn servers by adding more entries to your hosts file.