- Joined
- 8 Apr 2005
- Messages
- 16,950
Trojan Virus Qhosts.apd, remedies and suggestions
Alright, so I have this computer that is infected with Qhosts.apd. It is a HP PIII 500mhz CPU running Windows 2000. Before anyone says anything, I know it's a P.O.S. and I am replacing it, but the Geek in me wants to get to the bottom of this as well.
The machine didn't have AV protection (it's not my machine, not my fault) which makes it tough. Incase anyone doesn't know what Qhosts.apd does, read this....
http://vil.nai.com/vil/content/v_124880.htm
Basically, you could install AV off a CD or wherever, just can't update. Also can't get to Windows Update, and since it had dial-up, it's also very behind there as well.
So, I obtained a copy of McAfee Enterprise Edition 8.0i from work, downloaded the lastest SuperDat file from another computer to patch the machine.
I just got to that point about 5am this morning and left it scanning when I went to work, so I am not sure of the results as of yet. I have cleared out this virus before, but only on XP machines.
I did a little searching on OSNN, and Google, found a few interesting threads...
This one, personally, I thought was OK. The information seemed redundant, but OBVIOUSLY outdated. Just goes to show how much of a thorn in the side this one was when it was fresh out and hard to fix at first glance when the infection was new.
http://forum.osnn.net/showthread.php?t=46615&highlight=qhosts.apd
An important thing of note, was through readings I found this critical update (at least apparently) fixes the vulnerability. I have downloaded this onto my USB Jump Drive, and will install that on the machine when I return home this evening.
http://www.microsoft.com/windows/ie/downloads/critical/828750/default.mspx
Apparently, it also makes rogue registry entries, but I haven't had the chance to check the validity of this yet, since I am again, still not home
http://www.z-virus.com/virus/mytob-bf.htm
Lastly, if McAfee itself can't fix it from the updated SuperDAT and Engine files (which from what I have read it should) I am going to use MSCONFIG partnered with HiJack this to narrow down to the puny process that is causing this headache.
I don't really know if I need much help, at least as of yet, since the scan is probably finished waiting for me like my kitten is at home
I figured, since I did a little research, I would share my findings with others, see if anyone else had some insight that I either haven't found or thought of yet.
Alright, so I have this computer that is infected with Qhosts.apd. It is a HP PIII 500mhz CPU running Windows 2000. Before anyone says anything, I know it's a P.O.S. and I am replacing it, but the Geek in me wants to get to the bottom of this as well.
The machine didn't have AV protection (it's not my machine, not my fault) which makes it tough. Incase anyone doesn't know what Qhosts.apd does, read this....
http://vil.nai.com/vil/content/v_124880.htm
Basically, you could install AV off a CD or wherever, just can't update. Also can't get to Windows Update, and since it had dial-up, it's also very behind there as well.
So, I obtained a copy of McAfee Enterprise Edition 8.0i from work, downloaded the lastest SuperDat file from another computer to patch the machine.
I just got to that point about 5am this morning and left it scanning when I went to work, so I am not sure of the results as of yet. I have cleared out this virus before, but only on XP machines.
I did a little searching on OSNN, and Google, found a few interesting threads...
This one, personally, I thought was OK. The information seemed redundant, but OBVIOUSLY outdated. Just goes to show how much of a thorn in the side this one was when it was fresh out and hard to fix at first glance when the infection was new.
http://forum.osnn.net/showthread.php?t=46615&highlight=qhosts.apd
An important thing of note, was through readings I found this critical update (at least apparently) fixes the vulnerability. I have downloaded this onto my USB Jump Drive, and will install that on the machine when I return home this evening.
http://www.microsoft.com/windows/ie/downloads/critical/828750/default.mspx
Apparently, it also makes rogue registry entries, but I haven't had the chance to check the validity of this yet, since I am again, still not home
http://www.z-virus.com/virus/mytob-bf.htm
Lastly, if McAfee itself can't fix it from the updated SuperDAT and Engine files (which from what I have read it should) I am going to use MSCONFIG partnered with HiJack this to narrow down to the puny process that is causing this headache.
I don't really know if I need much help, at least as of yet, since the scan is probably finished waiting for me like my kitten is at home
I figured, since I did a little research, I would share my findings with others, see if anyone else had some insight that I either haven't found or thought of yet.
Last edited:
