Gadcom.exe virus. 8 Steps completed, logs attached

By dshaw002
Jan 6, 2009
  1. Got the gatcom virus a couple days ago. Been running the software. I haven't been able to do the Java thing, due to me not wanting to go online until I finished all the anitvirus, spyware sweeps, and put the firewall on board. I still need to restart the computer one last time, but every time before, it opened up the System32 window automatically.

    Logs are attached.

    Thanks in advance,

    David Shaw
  2. rf6647

    rf6647 TS Maniac Posts: 829

    I need to point this out. User action required -- permit MBAM to remove infections.
    C:\WINDOWS\system32\[B]cdwqyb.dll[/B] (Trojan.Vundo.H)
     -> No action taken.

    MBAB handles nothing that it found until permitted to remove infections.

    Rescan with MBAB followed by SAS. Repeat until clean or something that cannot be cleaned.

    Scan with HJT. It informs what has not been handled (computer restart before HJT scan)

    Caught by HJT
    O20 - AppInit_DLLs: [B]cdwqyb.dll[/B]
    O23 - Service: LFB - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LFB.exe (file missing)
    O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
    O24 - Desktop Component 0: (no name) -
    [*]Confirm files appearing in code box have been deleted. 
    [*]'HJT 'tick & fix' can be used to delete [B]only[/B] the O20 references to file
    Post new logs and describe conditions.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...