BV:QHost-FT [TRJ] Found in my Chrome User Data

Hello this is the second Trojan I have found in like 3 days this one is

Name of file/program ----- "History Index 2013-06 "
Original Location C:\Users\AppData\Local\Google\Chrome\User Data\Default
Virus: BV:QHost-FT [TRJ]

The other one found on Saturday was unp93425700.tmp.mdmp
C:\ProgramData\Avast Software\Avast\log
Virus: JS:Bicololo-Y [TRJ]

I’ve not found anything on my computer in 16 months and now I find 2 trojans in two days and I don’t know what to do, I could use some help please. Are they both false flags or?

hey and welcome to the forum. from where do you get the trojan alert? what program?

I’m not sure but the second detection feels like a false threat to me seen it report a avast file.

to be one the safe side please follow and attach the needed files from this guide.

http://forum.avast.com/index.php?topic=53253.0

we need the file from adwclener, malwarebytes. otl and aswmbr

I got the alert from Avast when I decided to randomly scan due to the possible Trojan found two days previously. I added both things to the Virus Chest.

I will get the administrator to run those files and I will post the logs here.

Here is the four things requested.

Unfortunately Chrome does not allow the emptying of temp files on closing, and this is where the js scripts are. So I will empty them :slight_smile:

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
O2:64bit: - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.