-----Original Message-----
Peter,
Trojan Qhosts hijacks the HOSTS file, however unlike normal redirectors,
this one hides the HOSTS file in the "Windows\Help" folder. It then
creates entries that redirects *all* major search engines to a website.
Note: this website has now been removed, thus the DNS errors.
Some users have reported multiple HOSTS files in various locations
[more HOSTS info]
http://www.mvps.org/winhelp2002/hosts.htm
Microsoft has released a cumulative patch for this vulnerability:
Simply go to Windows Update [hotfix 828750]
[more info]
http://www.microsoft.com/security/security_bulletins/ms03- 040.asp
[Removal Method]
http://www.brown.edu/Facilities/CIS/Software_Services/viru s/index.htmlojan.qhosts.html
[or]
http://vil.nai.com/vil/content/v_100719.htm
Note: not all machines are affected by the same Registry changes
but the user needs to verify in any case, if changes exist.
You can detect "Qhosts" via "HijackThis!"
http://www.mvps.org/winhelp2002/unwanted.htm
_______________________________________
Mike Burgess http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 10-13- 03]
Please post replies to this Newsgroup, email address is invalid
--
for the last 2 weeks i have been unable to search the
web. this came on suddenly, the message that comes up is
that the web page is not found and an error messege of
http 404.
.
Robert Henlsey said:I was in denial that it was a virus. However, my kids got
on my computer last week when I was out of town. I found
the 'fortunecity.com' in my history that was mentioned in
the symantec description.
My problems is that symantec quarantined this virus. I
then deleted it. I did the check for the virus and it's
gone. However the damage it did is still evident - unable
to use any search engine.
Would it be better to reinstall than take the change of
destroying my registry?
-----Original Message-----
Peter,
Trojan Qhosts hijacks the HOSTS file, however unlike normal redirectors,
this one hides the HOSTS file in the "Windows\Help" folder. It then
creates entries that redirects *all* major search engines to a website.
Note: this website has now been removed, thus the DNS errors.
Some users have reported multiple HOSTS files in various locations
[more HOSTS info]
http://www.mvps.org/winhelp2002/hosts.htm
Microsoft has released a cumulative patch for this vulnerability:
Simply go to Windows Update [hotfix 828750]
[more info]
http://www.microsoft.com/security/security_bulletins/ms03- 040.asp
[Removal Method]
http://www.brown.edu/Facilities/CIS/Software_Services/viru s/index.htmlojan.qhosts.html
[or]
http://vil.nai.com/vil/content/v_100719.htm
Note: not all machines are affected by the same Registry changes
but the user needs to verify in any case, if changes exist.
You can detect "Qhosts" via "HijackThis!"
http://www.mvps.org/winhelp2002/unwanted.htm
_______________________________________
Mike Burgess http://www.mvps.org/winhelp2002/
Blocking Spyware, Adware, Parasites, Hijackers, Trojans, with a HOSTS file
http://www.mvps.org/winhelp2002/hosts.htm [updated 10-13- 03]
Please post replies to this Newsgroup, email address is invalid
--
for the last 2 weeks i have been unable to search the
web. this came on suddenly, the message that comes up is
that the web page is not found and an error messege of
http 404.
.