 | |  |
|
SettingsModifier:Win32/PossibleHostsFileHijack
(?)
Encyclopedia entry
Updated:
Oct 08, 2012
| Published:
Dec 05, 2007
Aliases
Trojan.Win32.Qhost
(Kaspersky)
-
Qhosts.apd
(McAfee)
Alert Level
(?)
Moderate
Antimalware protection details
Microsoft recommends that you download the
latest definitions
to get protected.
Detection last updated:
Definition: 1.145.1069.0
Released: Mar 05, 2013
|
|
Detection initially created:
Definition: 1.45.287.0
Released: Oct 07, 2008
|
Summary
A detection of Win32/PossibleHostsFileHijack is an indicator that your HOSTS file may have been modified by malicious or potentially unwanted software. Modifications to the HOSTS file can cause access to certain Internet domains to be redirected or denied. This may prevent the computer from connecting to certain websites.
To recover manually from Win32/PossibleHostsFileHijack, you can manually recreate a clean HOSTS file, or you can restore a version of the HOSTS file from a backup you made before the file was modified without your consent.
In some instances, your customized changes to the HOSTS file may cause it to be detected as Win32/PossibleHostsFileHijack. In this case, you need to exclude the HOSTS file from scanning.
SymptomsSituations such as the following may be signs that your HOSTS file has been modified without your consent:
-
You are unable to access a certain website that you believe is in operation, such as a site that provides programs to help keep your computer secure.
-
Your browser connects to a website that does not appear to be appropriate, given the address you entered.
Prevention
Recovery
To recover manually from Win32/PossibleHostsFileHijack, you can manually recreate a clean HOSTS file, or you can restore a version of the HOSTS file from a backup you made before the file was modified without your consent.
In some instances, your customized changes to the HOSTS file may cause it to be detected as Win32/PossibleHostsFileHijack. In this case, you need to exclude the HOSTS file from scanning.
| |
 | |  |
