I got - Trojan.QHosts.G - but cannot remove

Discussion in 'Malware Help (A Specialist Will Reply)' started by Willis, Apr 5, 2005.

  1. Willis

    Willis Private E-2

    This computer's virus detector program VirusBuster reports being infected with:

    Trojan.QHosts.G

    In:
    C:\WINDOWS\system32\drivers\etc\hosts

    But it cannot remove the Trojan, nor does quarentining or anything work. This file seems to be activated with any internet associated activities.

    I'm stumped, (I know not all are designed to remove Trojans but...) I tried search and destroy, adaware, PC Doctor, VirusBuster (default virus program), I tried googling the Trojan name, oviously none were productive.

    After glancing over these forums I noticed a program called TrojanHunter. I'm currently downloading that and it should take me about 15-20 min with this 56K connection.

    Think I should submit a HiJack list? Any suggestions, thoughts, whatever.. please share.
     
    Willis, Apr 5, 2005
    #1
  2. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    First, please follow ALL the steps in this Sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal

    After doing ALL of the above if you still have a problem:


    • Unzip the hijackthis.exe file to a folder you create named C:\Program Files\HJT
    • Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the ZIP file.
    • Before running HijackThis: You must close each of the following:your web browser, e-mail client, instant messenger, and programs like notepad, wordpad, MS Word etc. And any other unnecessary running programs.
    • Run HijackThis and save your log file.
    • Post your log as an ATTACHMENT to your next post. (Do NOT copy/paste the log into your post).

     
    bjgarrick, Apr 5, 2005
    #2
  3. Willis

    Willis Private E-2

    -- A simple "yeh run HijackThis" would have worked ;)

    Anyway.. under further investigation after lunch:
    http://viruspool.vanderkooij.org/virus.cms?&id=261277

     

    Attached Files:

    Willis, Apr 5, 2005
    #3
  4. bjgarrick

    bjgarrick MajorGeeks Admin - Malware Expert

    Look in Add/Remove programs and uninstall MySearch.

    We will address each issue but right now we need to get the WORM off.

    You have the GAOBOT WORM.

    Boot into Safe Mode w/ Networking and run these online scans:

    Run the following online scanners:
    Bitdefender
    RavAntivirus <-- select Auto Clean then click Scan My PC
    TrojanScan

    If you cant do them in Safe Mode, reboot and do them in Normal Mode. Also, Post results from these scans!

    After doing these scans, post a fresh HJT log.
     
    bjgarrick, Apr 5, 2005
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds