Trojan.Qhost

Short bio

Trojan.Qhost is Malwarebytes’ generic detection name for malware that modifies the Windows system’s hosts file.

Symptoms

Trojan.Qhost alters the hosts file as a means to redirect the user’s Internet traffic, for example to stop him from downloading security software or installing updates.

Protection

Malwarebytes protects users from Trojan.Qhost by using real-time protection.

block Trojan.Qhost

Malwarebytes blocks Trojan.Qhost

Remediation

Malwarebytes can detect and remove Trojan.Qhost without further user interaction.

  1. Please download Malwarebytes to your desktop.
  2. Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
  3. Then click Finish.
  4. Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
  5. If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
  6. When the scan is complete, make sure that All Threats are selected, and click Remove Selected.
  7. Restart your computer when prompted to do so.

If you were using a custom hosts file before infection, you may have to recreate it or restore from your backup.

Related blog content

Hosts file hijacks

How to tell if you’re infected with malware

Select your language