Greatings Fellow Cybernoids.
My PC was recently infected with a little devil called vbstub.exe.
It continually tried to redirect me to a site "bestplace.ru".
It auto started IEXPLORER and vbstub.exe which caused my CPU to lock up at 100%. I only noticed it because I use Firefox as my default browser, and IE has to ask pemission to access the internet, this through up a warning on my Firewall, which made me aware. All the latest updates and scans couldn't pick it up so I tracked the little bugger down and deleted it manually.
Restart your PC in safemode.
Goto C:\Windows and delete these files
system.exe
system.ini
system16.exe
system16.ini
vbstub.exe
vbsub.ini
Reboot your PC then goto regedit
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Current Version\Run
Check to see if any of the file names are there, if so delete them.
If any one else has had a similar problem please let me know, or if ther is a better way of removal of this pesky little beast.
My PC seems to be clear ( For the moment!!!)
Good Luck
Byteme:cool:

Hello

Check policies to
http://www.sophos.com/virusinfo/analyses/trojagenten.html

Can spybot get rid of it now?
Please someone say yes!

escan(free) has found vstub.exe in winnt of win2k:
c:\winnt\vstub.exe

all deleting efforts in safe-mode and command/dos-prompt did not work. this worked: go to windows explorer and delete there. maybe as administrator. killbox did not work. maybe i made something wrong. could not see the program-window properly. after executing one of the option i could see c:\killbox\vstub.exe but original location was untouched. we will see if its a permanent solution.

:angel: thks to byteme. your ins. got rid of vbstub for me

thks again;)

kevin434445