TechSpot

Win32:vbstat-c{trj}

By GWT
May 6, 2007
  1. Hi
    this is my first post. I have been getting a message on my Avast 4.7 scan about a trojan horse called Win32:VBStat-C (trj) can this be removed please help.
    GWT
     
  2. GameJunkie72792

    GameJunkie72792 TS Maniac Posts: 274

    well welcome to techspot! if your asking whether or not its vital to the functioning of your computer, its not. if avast can remove it then let avast take care of it. if not i have more solutions, let me know.
     
  3. GWT

    GWT TS Rookie Topic Starter

    Avast Cant Remove It Help
    Gwt
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :wave: :wave:

    This thread is for the use of GWT only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. GameJunkie72792

    GameJunkie72792 TS Maniac Posts: 274

    cool howard is here he'll tell you what to do.
     
  6. bored115

    bored115 TS Rookie Posts: 17

    Hiya Howard. this is a friend of GWT... his problem is atually my problem... i asked GWT about a virus scan pop up that comes up every time i restart my comp. and i figured that he would know what to do. he in turn sent me to this forum. Thanks for helping to answer his/my question... I'll get back to you if it works out :hotbounce
     
  7. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    No problem mate.

    Just follow the instructions and post the requested logfiles once done.

    Regards Howard :wave: :wave:

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  8. bored115

    bored115 TS Rookie Posts: 17

    well i guess gwt isn't the guy i thought i figured he was :( oh well same problem uld equal the same result providing thwork togeather :)

    i have some logs that you said you might need to read... here you go

    also i don't know if this is the right place to thread this one but i can't seem to log into my hotmail, facebook, gmail, and several other sites with IE7...
    i keep getting this > > > Internet Explorer cannot display the webpage... no matter which site i get that any suggestions?
     
  9. Shaw23

    Shaw23 TS Enthusiast Posts: 62

    Are you sure you have an internet connection? Doesnt sound to me like you are connected.
     
  10. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Threads and posts merged.

    Your system is infected with malware.

    You must follow all the instructions in this thread HERE, otherwise I can`t help you.

    You need to post all the requested logfiles, including a fresh Combofix log.

    Regards Howard :)

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  11. GWT

    GWT TS Rookie Topic Starter

    Howard
    Heres My Hijack This Log
    Gwt
     
  12. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    That wasn`t a full HJT log, nor was it posted as an attachment.

    Just whom am I dealing with here? GWT or bored115?

    Whoever it is, unless you follow the instructions and post all the requested logfiles as attachments, I can`t help you.

    Regards Howard :)

    This thread is for the use of Gwt/bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  13. bored115

    bored115 TS Rookie Posts: 17

    Howard as for the IE7 problem i got it ironed out thanks to shawn23... as for my virus thing i don't honestly know how to run HJT... but it doesn't seem like a avast pop up is coming any more... i know that is a good sign... but should i jsut look on the net for instructions on how to use HJT?
     
  14. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    All the instructions you need for running HJT are in step13 of the instructions in this this link.

    Regards Howard :)

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  15. Shaw23

    Shaw23 TS Enthusiast Posts: 62

    It is working now, but you said you selected "disable all" in your firewall to get it to work. I am not familiar with the firewall you use but I would suggest trying to figure out how to get the internet to work while your firewall is enabled... or find another firewall. It is not safe to run without one.
     
  16. bored115

    bored115 TS Rookie Posts: 17

    S23 what firewall do you use? i had ZA before but the guy that helped reinstall my windows had put the sygate one...

    oh yea i also have Windows firewall running as well
     
  17. Shaw23

    Shaw23 TS Enthusiast Posts: 62

    I use PC Tools which can be downloaded from here. I dont have any problems loading websites with this one, although if it is enabled when I play COD2 it wont let me connect to any servers (I havent figured out how to fix this yet) so I have to disable it to play.

    You can look through the others... some are free and you have to pay for some. Maybe someone else could chime in and give Firewall recomendations. I have also heard that it isnt good to run two firewalls at the same time (like Windows firewall and another).
     
  18. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your system is obviously infected with malware.

    This thread now has 18 posts and still no sign of any logfiles.

    Unless the logfiles are forth coming, there`s absolutely nothing I can do to get rid of any infections you may have.

    Regards Howard :)

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  19. bored115

    bored115 TS Rookie Posts: 17

    Howard i'm currently running my avast and it's then after the scan is done i will run HJT... sorry for the lateness on it
     
  20. bored115

    bored115 TS Rookie Posts: 17

    unknown ailments

    Can anyone help me with this? i keep getting pop ups from my firewall... see the first picture. [​IMG] ... when i serached my c drive i found all of these in my search... see picture 2


    [​IMG]

    anyonw know how to help me?
     
  21. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Threads merged.

    Your system is infected with malware and yes, I know how to help you, but you need to follow instructions. If you can`t or won`t do that, then the only advice I can give you is reformat your hard drive and reinstall from scratch. If you want to have a go at following instructions do the following.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If after reading the above, you wish to clean your system, do the following.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT, AVG Antispyware and Combofix logs as attachments into this thread, only after doing the above.

    Also, let me know the results of the AVG Antirootkit scan.

    Regards Howard :)

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  22. bored115

    bored115 TS Rookie Posts: 17

    here are the logs you asked for Howard... hope they are the right ones =)
     
  23. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    You haven`t attached an AVG Antispyware log, nor have you given me the results of the Avg Antirootkit scan. Please do so in your next reply.

    1. Please download The Avenger by Swandog46 from HERE. Save it to your Desktop and extract it.

    2. Download the attached avengerscript.txt and save it to your desktop

    Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

    3. Now, start The Avenger program by double clicking on its icon on your desktop.

    Under "Script file to execute" choose "Load script from file".
    Now click on the folder icon which will open a new window titled "open Script File"
    navigate to the file you have just downloaded, click on it and press open
    Now click on the Green Light to begin execution of the script
    Answer "Yes" twice when prompted.

    4. The Avenger will automatically do the following:

    It will Restart your computer. ( In cases where the code to execute contains "Drivers to Unload", The Avenger will actually restart your system twice.)
    On reboot, it will briefly open a black command window on your desktop, this is normal.
    After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
    The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.

    5. Please attach the content of c:\avenger.txt into your reply.

    I also need to see fresh HJT, AVG Antispyware and Combofix logs.

    Regards Howard :)

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  24. bored115

    bored115 TS Rookie Posts: 17

    ok i ran the rootkit scan and it said that there were none found... i don't know how to make a report for that scan... but here are the others you asked for

    wtf i saved the avenger report... give me a min i'll try to find the proper one

    here i hope this is it... it looks like it is
     
  25. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    All items in your AVG Antispyware log say "No Action Taken". That`s because you haven`t told AVG Antispyware to quarantine it`s results as per the instructions. See this pictorial guide.

    As for your Avenger log, you have attached the Avenger script file I created for you and not the Avenger logfile, which is located in c:\avenger.txt.

    I asked you to attach a fresh HJT log and a Combofix log in addition to the Avenger log and AVG Antispyware log. You did not attach a Combofix log and the Avenger log.

    I have tried my level best to help you, but you just don`t seem able to follow instructions.

    Unless you follow instructions and post what I ask for, it`s impossible for me to help you effectively.

    With all due respect, I can`t continue to give you instructions, if you`re not going to follow them properly.

    Regards Howard :(

    Edit: I see you have now attached the Avenger log. I still need to see fresh HJT, Combofix and an AVG Antispyware log that has been run properly.

    This thread is for the use of bored115 only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...