Trojan:BASH/QHost.WB hijacks web traffic by modifying the hosts file.
Find the latest advice in our Community Knowledge Base.
See the manual for your F-Secure product on the Help Center.
Submit a file or URL for further analysis.
Trojan:BASH/QHost.WB poses as a FlashPlayer installer called FlashPlayer.pkg:
Screenshot of Trojan:BASH/QHost.WB masquerading as a FlashPlayer
This trojan is also further discussed in our Labs Weblog post:
Upon installation, the trojan will hijack and redirect web traffic to Google by adding the following entries to the hosts file: