How do I get rid of this trojan??

[xvblack]

Hi - I have somehow got the Win32 vbstat -c trojan on my pc. I use Avast as my AntiVirus scanner and it detects the trojan but can't remove it.

I have done everything in the prelimary instructions list and have attached the logs from the various programs as requested. AVG AntiRootKit did not find anything.

Many thanks for your help.

 

[howard_hopkinso]

Hello and welcome to Techspot.

All items in your AVG Antispyware log say "No Action Taken". That`s because you haven`t told AVG Antispyware to quarantine it`s results as per the instructions. See this pictorial guide.

I have therefore removed your logfiles, that way you`ll be able to attach the new logfiles without problems.

Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread.

Also, let me know the results of the AVG Antirootkit scan.

Regards Howard :wave: :wave:

This thread is for the use of xvblack only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[xvblack]

Hi - hopefully I've carried out the instructions correctly this time!

 

[howard_hopkinso]

Delete all files in AVG Antispyware quarantine.

Run HJT with no other programmes open. Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

O2 - BHO: (no name) - {0AAF2B88-A240-4F97-BB49-E55AF3B32855} - C:\WINDOWS\system32\geede.dll (file missing)

Click on the fix checked button.

Close HJT.

Locate and delete the following bold files and/or directories(if there).

C:\VundoFix Backups
C:\qoobox

Other than the above inactive entry your HJT log is clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of xvblack only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.