Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Latest trojan.qhosts

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    United Kingdom: Bridlington
    Hi Folks,

    I come to you yet again as "a voice grying in the Wilderness", although in this case "the Outback" might be more appropriate.

    The Trojan changes the registry values
    Please go to:


    From the first page, select the "Products" link on the left side. On the next page, scroll down to the "Freeware" section.

    There are a lot of useful free tools but the one you are really interested in is RegistryProt. This will intercept any attempt to modify the Registry, and will catch at least 98% of stuff that gets past your firewall and AV.

    You need to understand the Registry to interpret the message, but I usually give the advice to non IT aware people to say "No" to everything, unless you are DELIBERATELY loading new software.

    I have used this product for a number of years...IT WORKS...IT IS FREE

    Good Luck


  2. #12
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Arnt virus def's updated after new viruses are discovered (that is hit computers)?
    Well yes and no.. in the situation of some of the biggies yes this is true. But defs are released for Discovered threats.. that proof of concept virii and some virii writers even submitt their virii to the AV co's and the virii is never released into the wild..

    a rough answer.. trust it is a good start 4 you


    BTW: nihil.. Oh great prophet.. we the converted hear you.. your advice has been heeded by only us few.. but many are in the desert nashing their teeth in frustration.. speak louder for they are thicked of head.. for they may be converted if you use a brighter light or firmer of tone..
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  3. #13
    Join Date
    Apr 2003
    Well this is not nice, virus that can activate automatically, just by opening a web page.

    I think its time to explore the security settings in IE.

    I set my security setting on HIGH for Internet zone, that will not allow this virus to run, but its makeing surffing harder. Now Windows update does not work.

    Adding *.microsoft.com to trusted sites, and setting trusted sites to MEDIUM fixed that problem, but I guess I run into more trouble as I surff the web.

    I have XP Home edition, and my vife and 2 kids are using the puter as well.
    I set the security high for me, but the setting is not changed for their accounts.

    And XP home does not have local policy either.

    If anyone knows how to easely implement IE security settings to all users please tell me.

    Surffing google, microsoft sites did not help much, only found out that policy is not the way to go....
    I did not do it.

  4. #14
    AntiOnline Senior Member souleman's Avatar
    Join Date
    Oct 2001
    Flint, MI
    ]agree that using another browser might prevent this but the problem is when you are in the office and you are only allowed to install certain programs only and mozilla is not on the list. At home i dont use IE or but in the office I do not have a choice.
    1st> make your IT department job easier by not playing around on the web while you are at work. I would be willing to bet that if you got a work computer infected with this, you were not viewing a site that was work related when you got the trojan.

    There isn't much you can do as an enduser in a work situation. The best bet would be to contatct the IT department and tell them to install osme sort of program that doesn't allowchages to the registry. I can't think of the name right now, but there are a few out hter. Other then that, there isn't much you can do in that situation.
    \"Ignorance is bliss....
    but only for your enemy\"
    -- souleman

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts