• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Ode to Qhosts.apd, oh how I adore thee!

kcnychief

█▄█ ▀█▄ █
Political User
#1
Trojan Virus Qhosts.apd, remedies and suggestions

Alright, so I have this computer that is infected with Qhosts.apd. It is a HP PIII 500mhz CPU running Windows 2000. Before anyone says anything, I know it's a P.O.S. and I am replacing it, but the Geek in me wants to get to the bottom of this as well.

The machine didn't have AV protection (it's not my machine, not my fault) which makes it tough. Incase anyone doesn't know what Qhosts.apd does, read this....

http://vil.nai.com/vil/content/v_124880.htm

Basically, you could install AV off a CD or wherever, just can't update. Also can't get to Windows Update, and since it had dial-up, it's also very behind there as well.

So, I obtained a copy of McAfee Enterprise Edition 8.0i from work, downloaded the lastest SuperDat file from another computer to patch the machine.

I just got to that point about 5am this morning and left it scanning when I went to work, so I am not sure of the results as of yet. I have cleared out this virus before, but only on XP machines.

I did a little searching on OSNN, and Google, found a few interesting threads...

This one, personally, I thought was OK. The information seemed redundant, but OBVIOUSLY outdated. Just goes to show how much of a thorn in the side this one was when it was fresh out and hard to fix at first glance when the infection was new.
http://forum.osnn.net/showthread.php?t=46615&highlight=qhosts.apd

An important thing of note, was through readings I found this critical update (at least apparently) fixes the vulnerability. I have downloaded this onto my USB Jump Drive, and will install that on the machine when I return home this evening.
http://www.microsoft.com/windows/ie/downloads/critical/828750/default.mspx

Apparently, it also makes rogue registry entries, but I haven't had the chance to check the validity of this yet, since I am again, still not home :)
http://www.z-virus.com/virus/mytob-bf.htm

Lastly, if McAfee itself can't fix it from the updated SuperDAT and Engine files (which from what I have read it should) I am going to use MSCONFIG partnered with HiJack this to narrow down to the puny process that is causing this headache.

I don't really know if I need much help, at least as of yet, since the scan is probably finished waiting for me like my kitten is at home :)

I figured, since I did a little research, I would share my findings with others, see if anyone else had some insight that I either haven't found or thought of yet.
 
Last edited:

zeke_mo

(value not set)
Staff member
Political User
#4
You can always stick the drive on another computer that has AV. Its a risky way to do it but it works....sometimes
 

Members online

No members online now.

Latest posts

Latest profile posts

Electronic Punk wrote on Perris Calderon's profile.
All good still mate?
Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,015
Latest member
evaiwhitis