Gadcom infection & pop ups

By ash in trouble
Jan 2, 2009
  1. It started with antivirus 2009 pop-ups which was installed and then I started getting the sagipsul pop-up. I started googling everything that was running in task manager and found gadcom.exe. I followed the 8 step removal process and I haven't had any problems since. I re-ran Malware and quarantined infected files. Gadcom is no longer in my processes, but I did a file search and it is still there. I don't know where to go from here.

  2. rf6647

    rf6647 TS Maniac Posts: 829

    HJT scan. Tick & Fix. Restart computer.
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =  >> SAS listed threat
    O20 - AppInit_DLLs: ysrqec.dll  >> not listed
    O24 - Desktop Component 0: (no name) -  >> user choice
    If Windows Explorer (optioned for system & hidden file) cannot find file, then what follows will not work or it has been deleted by an earlier scan.

    Delete file: c;\windows\system32\ysrqec.dll

    Usage – Instructions for FileAssassin
    Start MBAM - don't scan
    Select tab > More Tools > click >Run Tool
    > “File Name” > Type or paste “ full or partial path “ into the box > click open.
    > select file from the list > click open > confirm choice

    Gadcom often associated with resycled. Is this what you referred to?
    Majestyk; reply # 25; resycledbootcom/

    resycled/ is a worm that propagates on local fixed and removable USB drives. resycled/ may infect drives via autorun.inf file it created that runs a command each time the drive is accessed. Malicious files will be copied to a drives attached on infected computer.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...