Im not sure WHAT I've got.

[AndyFlinders]

Alright. The AVG Rootkit Scan picks up one file, which it is unable to remove, namely c:\sccfg.sys. As far as symptoms, I was having some random minimization of everything, which soon began to include pop-ups (i.e, I'm playing Vangaurd, and in the middle of a fight the game minimizes and some cell-phone ad takes its place.) Several other irritating programs were discovered and destroyed in the steps you had me take before posting, and I have not had that symptom since. So perhaps I am clean, but as you will see, there is something in the HJT scan that bothers me, which it is unable to remove. So, let me know what you think. Thanks much.

-Andy

 

[howard_hopkinso]

The sccfg.sys file is part of the Folderlock programme is nothing to worry about.

Did you post your HJT log from safe mode? If so please post a fresh HJT log from normal mode.

Your system has a Vundo infection, but we can sort that out fairly easily.

Regards Howard

This thread is for the use of AndyFlinders only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[AndyFlinders]

That HJT scan was in normal mode, and the thing I was talking about that concerned me is the
O20 - Winlogon Notify: gprqcx - C:\WINDOWS\SYSTEM32\gprqcx.dll
I do HJT scans fairly frequently and I recognize (I thought) everything that should be there, and thats not one of them, this file having showed up shortly after those minimizing problems I described. Also, I am suspicious because HJT cannot remove that file, which, in my experience, is only the case with a virus or malware of some kind. Regardless, here is a fresh HJT scan in normal mode.
Also, I did run VundoFix again, and it did pick something up which it then removed.

Thanks again
-Andy

 

[tomrca]

usualy when you find something that does not have any information on the web, is usually bad.

i also see that yo do not have a firewall or an antivirus programme. these you need!. free firewall FROM HERE and free av programme FROM HERE.

 

[howard_hopkinso]

I agree with tomrca, you really need to install some antivrus and firewall software.

Download Vundofix from HERE.

Double click the Vundofix.exe to run it.

Right click in the vundofix window and click add files.

Enter the full file path/s to the files you want Vundofix to delete and click the add files button, followed by the close window button. Click the remove vundo button and let Vundofix do it`s stuff.

This is the filepath you need to enter into vundofix.

C:\WINDOWS\SYSTEM32\gprqcx.dll

Post a fresh HJT log.

Regards Howard

This thread is for the use of AndyFlinders only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.

 

[AndyFlinders]

Alright

That seemed to do the trick. Thanks so much Howard . Also, I will get some AV and Firewall stuff. I really appreciate your guys' help.

-Andy

 

[howard_hopkinso]

Your HJT log is now clean.

Turn off system restore.(XP/ME only) See how HERE.

Now, turn system restore back on. This will have deleted all your old restore points and any nasties that are in them. It will also have created a new, clean restore point.

Install antivirus and firewall software ASAP.

If you have any further virus/spyware problems, please post in this thread.

Regards Howard

This thread is for the use of AndyFlinders only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.