• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1718
  • Last Modified:

PE_Parite.A help

hi,
I've been having trouble with my computer and was told it was a virus, so i got PC Cillin and found i had 1000 infected files with PE_Parite.A, after the scan i restarted my computer and all the files were infected again i dont know whats causing it if any1 can help i'd be grateul.

thank you
0
tonyxp
Asked:
tonyxp
  • 6
  • 5
  • 4
  • +2
3 Solutions
 
sirbountyCommented:
Greetings tonyxp,

Check these links for online virus scanners.  It's recommended to run at least two of these.  
  Norton/Symantec --> http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
  Trend Micro -->     http://housecall.antivirus.com/housecall/start_corp.asp
  Panda ActiveScan--> http://www.pandasoftware.com/activescan/
  McAfee Security --> http://us.mcafee.com/root/mfs/default.asp
  Stinger -->         http://download.nai.com/products/mcafee-avert/stinger.exe

These links Check for Spyware:
  Spybot-S&D -->  http://www.safer-networking.org/
  HijackThis -->  http://www.spychecker.com/program/hijackthis.html
  Ad-Aware -->    http://www.netsecurity.about.com/library/blfreespyware.htm
  Web Shredder--> http://www.spywareinfo.com/~merijn/cwschronicles.html#cwshredder
  Pest Patrol --> http://www.pestpatrol.com/downloads/eval/download.asp
  PCHell removal->http://www.pchell.com/support/spyware.shtml

  Make sure that after downloading these, that you update them.  It helps to try at least two of these.
  If all else fails, download HijackThis and post the log that is generated after running it on your system.
~sirbounty
0
 
LucFCommented:
Hi tonyxp,

I assume you checked these pages:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A
http://securityresponse.symantec.com/avcenter/venc/data/w32.pinfi.html

Make sure to disable system restore before cleaning.
Also make sure you check all workstations for the virus as it spreads through mapped drives and network shares.
What I suggest you to do is disconnect all computers from the network and scan all computer seperately for Parite.A

Greetings,

LucF
0
 
IceRavenCommented:
Hi tonyxp,

You could be getting re-infected, this is a description of your virus here:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A

I would update PC Cillin,
Disconnect the comptuer from the internet / Network
Scan all the files,
Make sure you have the stay resident protection enabled in PC-Cillin
reboot the computer.
Scan again and see if you still have the problems.

Cheers,
IceRaven
0
2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

 
IceRavenCommented:
hmmm I think I am getting link envy, I only have one :)

Cheers,
IceRaven.
0
 
LucFCommented:
:)
0
 
sirbountyCommented:
LOL
0
 
tonyxpAuthor Commented:
Thanks for repling i've tryed most of them but ill do it again to make sure. Whats troubling me is i run a anti-virus and it cleans most of them(but as you know they come back) and it cant clean the PE_parite.A-1 and on the website it says delete them but they hav infected system files like winlogon etc. in the task manager.
0
 
LucFCommented:
>>they hav infected system files like winlogon etc.<<
That's not possible, the virus can't attach to them as they are in use, these are bogus files with the same name as the official winlogon.exe Try scanning from safe mode.
0
 
sirbountyCommented:
You can try the following method to eliminate items from startup:
  Click Start->Run->MSCONFIG

  In the Startup tab, start out by disabling everything you're unfamiliar with (or everything if you're unsure).
  Optionally, you can also disable non-Microsoft services from the Services tab.
  If the problem no longer exists after a reboot, then you can narrow it down as one of the items in your
  startup.  To permanently remove these item(s), proceed as follows...

  Click Start->Run->Regedit
  *Be careful when editing the registry as an accidental deletion can render your system inoperable.
  First navigate to the following key in the registry:
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunOnceEx, RunServices, RunServiceOnce or any of these with a trailing dash (-)

  Once found, click File, Export to save a copy of the key before you delete any items (if necessary).
  After the file has been saved, delete items as needed from the right pane.
  Now find the next startup key:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunServices, RunServiceOnce or any of these with a trailing dash (-)
  Follow the previous procedures to export a copy before deleting items from the right pane.

You could also post the log from HijackThis - if it's there, we'll find it... ;)
0
 
IceRavenCommented:
Just noticed that PC Cillian Recommends you DELETE all files marked as
PE_PARITE.A-1, rather than clean them.

Just thought I would bring that up, I am guessing that they are bogus files as LucF says.

Cheers,
IceRaven.
0
 
trywaredkCommented:
Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 
tonyxpAuthor Commented:
nope tryed all of them ideas got all virus's wiped cleared redgistry and scan adware with alot of pograms but the only 1 i couldnt get rid of wasa virus in the anti-virus so idownloaded another 1 and wiped it and quess what they all cam back again.

there must be a master file some where.

thanks fr help by the way
0
 
tonyxpAuthor Commented:
ive just used panda scan and it found 100 when the other 1 found 1000 (dont know whats happining there) anyway it couldnt disinfect 4 files and in the log it said operating system instead of a file name and that doesnt sound good if ne1 can help.
0
 
LucFCommented:
Again, have you tried scanning from safe mode?
0
 
sirbountyCommented:
Second that...Safe mode.
Either F8 before Windows loads, or MSConfig, as outlined previously - Boot.ini tab - select Safe Boot
0
 
tonyxpAuthor Commented:
yea ive tryed it in safe mode, my pc is stable now but im still worried they might start up again so if ne1 has more ideas I'd love to hear them

thank you
0
 
LucFCommented:
have you started updating windows yet?
Have you made sure all other computers in the network are clean?
0
 
tonyxpAuthor Commented:
yea ive updated all my windows files but i dont understand what u mean by all the computers i only have 1 connected to aol.
0
 
LucFCommented:
As this virus spreads over network shares. I just wanted to make sure no other computer on the network could infect your computer again.

Just wondering, you do have a firewall on your computer, don't you?
If you don't, get something like ZoneAlarm => http://www.zonelabs.com the free version will suit all your needs.

LucF
0

Featured Post

What Security Threats Are We Predicting for 2018?

Cryptocurrency, IoT botnets, MFA, and more! Hackers are already planning their next big attacks for 2018. Learn what you might face, and how to defend against it with our 2018 security predictions.

  • 6
  • 5
  • 4
  • +2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now