Help cleaning up a relatives PC
07 November 2004, 07:43 PM
#1
Scooby Regular
Thread Starter
Join Date: Dec 1999
Posts: 3,360
Likes: 0
Received 0 Likes
on
0 Posts
Help cleaning up a relatives PC
I offered to help sort out someones PC!
Ran Grisoft AVG, AD-Aware and Spybot, installed Sygate, and thought I'd cleaned it all up, but it appears not!
Tried Norton 2002 which found no virus!
Tried these 2 online scanners which found virus but couldn't disenfect.
http://www.ravantivirus.com/scan
http://www.bitdefender.com/scan/Msie/index.php
Log from Bitdefender below. Can anyone tell me how I can clean this PC up?
AVG only fines Dropper.Delf.3.L
C:\Program Files\Windows SyncroAd\CComm.dll: infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\CComm.dll: disinfection failed C:\Program Files\Windows SyncroAd\SyncroAd.exe=>(Upx): infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\SyncroAd.exe=>(Upx): disinfection failed C:\Program Files\Windows SyncroAd\WinSync.exe: infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\WinSync.exe: disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027324.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027324.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027326.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027326.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027336.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027336.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027339.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027339.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027482.dll:
infected with Adware.Wupd
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027482.dll:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027749.dll:
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027749.dll:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027750.exe=>(Upx):
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027750.exe=>(Upx):
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027751.exe:
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027751.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP194\A0027809.exe:
infected with Adware.180Solutions.5.11
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP194\A0027809.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP203\A0028227.exe:
infected with Adware.Bargan.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP203\A0028227.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028250.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028250.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028251.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028251.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028270.dll:
infected with Adware.NaviSrch.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028270.dll:
disinfection failed
C:\temp\WebRebates_Auto_InstallSilent_Euro.exe=>(N SIS o)=>zlib_nsis0001:
infected with Application.ProcKill.Jk
cheers,
Greg
Ran Grisoft AVG, AD-Aware and Spybot, installed Sygate, and thought I'd cleaned it all up, but it appears not!
Tried Norton 2002 which found no virus!
Tried these 2 online scanners which found virus but couldn't disenfect.
http://www.ravantivirus.com/scan
http://www.bitdefender.com/scan/Msie/index.php
Log from Bitdefender below. Can anyone tell me how I can clean this PC up?
AVG only fines Dropper.Delf.3.L
C:\Program Files\Windows SyncroAd\CComm.dll: infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\CComm.dll: disinfection failed C:\Program Files\Windows SyncroAd\SyncroAd.exe=>(Upx): infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\SyncroAd.exe=>(Upx): disinfection failed C:\Program Files\Windows SyncroAd\WinSync.exe: infected with Adware.SyncroAD C:\Program Files\Windows SyncroAd\WinSync.exe: disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027324.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027324.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027326.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027326.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027336.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027336.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027339.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027339.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027482.dll:
infected with Adware.Wupd
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP186\A0027482.dll:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027749.dll:
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027749.dll:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027750.exe=>(Upx):
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027750.exe=>(Upx):
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027751.exe:
infected with Adware.SyncroAD
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP192\A0027751.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP194\A0027809.exe:
infected with Adware.180Solutions.5.11
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP194\A0027809.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP203\A0028227.exe:
infected with Adware.Bargan.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP203\A0028227.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028250.exe=>(CExe
r)=>(MS-Compress 5): infected with Trojan.Downloader.Agent.AE C:\System Volume Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028250.exe=>(CExe
r)=>(MS-Compress 5): disinfection failed C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028251.exe:
infected with Adware.Serchentrix.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028251.exe:
disinfection failed
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028270.dll:
infected with Adware.NaviSrch.A
C:\System Volume
Information\_restore{758325F3-C511-464B-812C-4D2296C54C9C}\RP204\A0028270.dll:
disinfection failed
C:\temp\WebRebates_Auto_InstallSilent_Euro.exe=>(N SIS o)=>zlib_nsis0001:
infected with Application.ProcKill.Jk
cheers,
Greg
07 November 2004, 09:12 PM
#2
Scooby Regular
Join Date: Oct 2001
Location: Lovely Lancing in West Sussex
Posts: 3,449
Likes: 0
Received 0 Likes
on
0 Posts
You need to turn off System Restore and then run the checks.
The files listed above are read only as they are in the SysVOL folder for System Restore.
Darren
The files listed above are read only as they are in the SysVOL folder for System Restore.
Darren
Thread
Thread Starter
Forum
Replies
Last Post
Mattybr5@MB Developments
Full Cars Breaking For Spares
12
18 November 2015 07:03 AM
Sub-Subaru
General Technical
1
28 September 2015 12:47 PM