Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

I Don't Get It [CLOSED]

Started by Racer_X69 , Jan 23 2004 01:27 AM

  • This topic is locked This topic is locked

#1
Racer_X69
Posted 23 January 2004 - 01:27 AM

Racer_X69

    New Member

  • Member
  • Pip
  • 8 posts
Today when I logged on to my computer I found it was running really slow, so i rebooted but only to find the same result. I did a virus scan online with Mcafee and found a Trojan named QHosts-2. It gave me the location of it and I deleted a file called hosts 20020116-165750.backup
It also gives another location in the registry...HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\
Run "easywww" but when I went to that location I found nothing. I searched with spybot, ad-aware, and hi-jack this and found nothing there. So what I wanted to know was how to properly remove it, how do I know if I did remove it already and why my PC was running so slow?
Can someone help me out please. <_<
  • 0

Advertisements

#2
tazz1964
Posted 23 January 2004 - 04:22 AM

tazz1964

    Member

  • Member
  • PipPipPip
  • 608 posts
Hi Racer_X69
Welcome to geekstogo
rerun the virus you did and see if it finds anything. run your hijack this and post it here and some one will look at it to make sure its ok. make sure that you do a defrag and delete your temp files on a regular bases.and always have a anti virus program running and do a regular updates.
<_<
  • 0

#3
Racer_X69
Posted 28 January 2004 - 09:42 PM

Racer_X69

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
Ok I ran Hijack This and here's the log

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee Internet Security\GUARDDOG.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\McAfee Internet Security\GUARDDOG.EXE
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\progra~1\scansoft\paperp~1\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Documents and Settings\Roy 3\My Documents\My eBooks\Kazaa Lite K++\KazaaLite.kpp
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Program Files\ClearSearch\Loader.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
  • 0

#4
admin
Posted 28 January 2004 - 10:26 PM

admin

    Founder Geek

  • Community Leader
  • 24,639 posts
Please post the entire log. <_<
  • 0

#5
Racer_X69
Posted 31 January 2004 - 12:51 PM

Racer_X69

    New Member

  • Topic Starter
  • Member
  • Pip
  • 8 posts
K, I scaned again and this is the log I saved.

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\McAfee\McAfee Internet Security\GUARDDOG.EXE
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\BRMFRSMG.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\McAfee\McAfee Internet Security\GUARDDOG.EXE
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\Program Files\McAfee\McAfee Firewall\CPD.EXE
C:\progra~1\scansoft\paperp~1\pptd40nt.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Program Files\BroadJump\Client Foundation\CFD.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe
C:\Documents and Settings\Roy 3\My Documents\My eBooks\Kazaa Lite K++\KazaaLite.kpp
C:\Program Files\ClearSearch\Loader.exe
C:\Program Files\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\vTuner\vTuner.exe
C:\Program Files\BigFix\BigFix.exe
C:\Program Files\ScanSoft\PaperPort\Config\Ereg\REMIND32.EXE
C:\Program Files\Internet Explorer\iexplore.exe

Edited by Racer_X69, 31 January 2004 - 12:52 PM.

  • 0

#6
Kat
Posted 12 August 2005 - 04:28 PM

Kat

    Retired

  • Retired Staff
  • 19,711 posts
  • MVP
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a New Topic.
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP