high
Summary
Summary
Action- More Information
| Affected operating systems | Windows |
|---|---|
| Included in our products from | November 2005 (3.99) |
| Protection available since | 30 September 2005 09:16:22 (GMT) |
| Detected by | All Sophos products |
Action
- Summary
- Action
- More Information
Please follow the instructions for removing Trojans.
More Information
Troj/QHosts-J is a Trojan for the Windows platform.
Troj/QHosts-J includes functionality to access the internet and communicate with a remote server via HTTP.
When Troj/QHosts-J is run, it may attempt to contact a remote server to obtain a file called ip.txt. That information may be used to create the following files:
<Windows folder>\hosts
<Windows system folder>\hosts
Troj/QHosts-J may also modify the HOSTS file in <Windows system folder>\drivers\etc.
The file ip.txt may contain one or more IP addresses to redirect users trying the following URLs:
auto.search.msn.de
gogl.com
gogle.at
gogle.ch
gogle.de
gogle.nl
gogle.se
googl.at
googl.ch
googl.de
googl.nl
googl.se
google.at
google.ch
google.com
google.de
google.nl
google.se
gooogl.com
gooogle.at
gooogle.ch
gooogle.de
gooogle.nl
gooogle.se
ww.googl.at
ww.googl.ch
ww.googl.de
ww.googl.nl
ww.googl.se
ww.google.at
ww.google.ch
ww.google.de
ww.google.nl
ww.google.se
www.gogl.com
www.gogle.at
www.gogle.ch
www.gogle.de
www.gogle.nl
www.gogle.se
www.googl.at
www.googl.ch
www.googl.com
www.googl.de
www.googl.nl
www.googl.se
www.google.at
www.google.ch
www.google.com
www.google.de
www.google.nl
www.google.se
www.gooogle.at
www.gooogle.ch
www.gooogle.com
www.gooogle.de
www.gooogle.nl
www.gooogle.se
wwwgoogle.at
wwwgoogle.ch
wwwgoogle.com
wwwgoogle.de
wwwgoogle.nl
wwwgoogle.se
|
