Gadcom.exe virus. 8 Steps completed, logs attached

[dshaw002]

Got the gatcom virus a couple days ago. Been running the software. I haven't been able to do the Java thing, due to me not wanting to go online until I finished all the anitvirus, spyware sweeps, and put the firewall on board. I still need to restart the computer one last time, but every time before, it opened up the System32 window automatically.

Logs are attached.

Thanks in advance,

David Shaw

 

[rf6647]

I need to point this out. User action required -- permit MBAM to remove infections.

C:\WINDOWS\system32\[B]cdwqyb.dll[/B] (Trojan.Vundo.H)
 -> No action taken.

MBAB handles nothing that it found until permitted to remove infections.

Rescan with MBAB followed by SAS. Repeat until clean or something that cannot be cleaned.

Scan with HJT. It informs what has not been handled (computer restart before HJT scan)

Caught by HJT

O20 - AppInit_DLLs: [B]cdwqyb.dll[/B]

O23 - Service: LFB - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\LFB.exe (file missing)
O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)
O24 - Desktop Component 0: (no name) - http://entimg.msn.com/i/gal/HarryPotterOrderPhoenix/HP5-TL2-0047_75.jpg

[LIST]
[*]Confirm files appearing in code box have been deleted. 
[*]'HJT 'tick & fix' can be used to delete [B]only[/B] the O20 references to file
[/LIST]

Post new logs and describe conditions.