tonyxp
asked on
PE_Parite.A help
hi,
I've been having trouble with my computer and was told it was a virus, so i got PC Cillin and found i had 1000 infected files with PE_Parite.A, after the scan i restarted my computer and all the files were infected again i dont know whats causing it if any1 can help i'd be grateul.
thank you
I've been having trouble with my computer and was told it was a virus, so i got PC Cillin and found i had 1000 infected files with PE_Parite.A, after the scan i restarted my computer and all the files were infected again i dont know whats causing it if any1 can help i'd be grateul.
thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
:)
LOL
ASKER
Thanks for repling i've tryed most of them but ill do it again to make sure. Whats troubling me is i run a anti-virus and it cleans most of them(but as you know they come back) and it cant clean the PE_parite.A-1 and on the website it says delete them but they hav infected system files like winlogon etc. in the task manager.
>>they hav infected system files like winlogon etc.<<
That's not possible, the virus can't attach to them as they are in use, these are bogus files with the same name as the official winlogon.exe Try scanning from safe mode.
That's not possible, the virus can't attach to them as they are in use, these are bogus files with the same name as the official winlogon.exe Try scanning from safe mode.
You can try the following method to eliminate items from startup:
Click Start->Run->MSCONFIG
In the Startup tab, start out by disabling everything you're unfamiliar with (or everything if you're unsure).
Optionally, you can also disable non-Microsoft services from the Services tab.
If the problem no longer exists after a reboot, then you can narrow it down as one of the items in your
startup. To permanently remove these item(s), proceed as follows...
Click Start->Run->Regedit
*Be careful when editing the registry as an accidental deletion can render your system inoperable.
First navigate to the following key in the registry:
HKEY_CURRENT_USER\Software
*You might also find RunOnce, RunOnceEx, RunServices, RunServiceOnce or any of these with a trailing dash (-)
Once found, click File, Export to save a copy of the key before you delete any items (if necessary).
After the file has been saved, delete items as needed from the right pane.
Now find the next startup key:
HKEY_LOCAL_MACHINE\Softwar
*You might also find RunOnce, RunServices, RunServiceOnce or any of these with a trailing dash (-)
Follow the previous procedures to export a copy before deleting items from the right pane.
You could also post the log from HijackThis - if it's there, we'll find it... ;)
Click Start->Run->MSCONFIG
In the Startup tab, start out by disabling everything you're unfamiliar with (or everything if you're unsure).
Optionally, you can also disable non-Microsoft services from the Services tab.
If the problem no longer exists after a reboot, then you can narrow it down as one of the items in your
startup. To permanently remove these item(s), proceed as follows...
Click Start->Run->Regedit
*Be careful when editing the registry as an accidental deletion can render your system inoperable.
First navigate to the following key in the registry:
HKEY_CURRENT_USER\Software
*You might also find RunOnce, RunOnceEx, RunServices, RunServiceOnce or any of these with a trailing dash (-)
Once found, click File, Export to save a copy of the key before you delete any items (if necessary).
After the file has been saved, delete items as needed from the right pane.
Now find the next startup key:
HKEY_LOCAL_MACHINE\Softwar
*You might also find RunOnce, RunServices, RunServiceOnce or any of these with a trailing dash (-)
Follow the previous procedures to export a copy before deleting items from the right pane.
You could also post the log from HijackThis - if it's there, we'll find it... ;)
Just noticed that PC Cillian Recommends you DELETE all files marked as
PE_PARITE.A-1, rather than clean them.
Just thought I would bring that up, I am guessing that they are bogus files as LucF says.
Cheers,
IceRaven.
PE_PARITE.A-1, rather than clean them.
Just thought I would bring that up, I am guessing that they are bogus files as LucF says.
Cheers,
IceRaven.
Cleaning your computer - and protecting it in the future - can't be answered with one issue.
As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.
The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.
It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html
BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.
Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark
:o) Your brain is like a parachute. It works best when it's open
As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.
The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.
It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html
BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.
Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark
:o) Your brain is like a parachute. It works best when it's open
ASKER
nope tryed all of them ideas got all virus's wiped cleared redgistry and scan adware with alot of pograms but the only 1 i couldnt get rid of wasa virus in the anti-virus so idownloaded another 1 and wiped it and quess what they all cam back again.
there must be a master file some where.
thanks fr help by the way
there must be a master file some where.
thanks fr help by the way
ASKER
ive just used panda scan and it found 100 when the other 1 found 1000 (dont know whats happining there) anyway it couldnt disinfect 4 files and in the log it said operating system instead of a file name and that doesnt sound good if ne1 can help.
Again, have you tried scanning from safe mode?
Second that...Safe mode.
Either F8 before Windows loads, or MSConfig, as outlined previously - Boot.ini tab - select Safe Boot
Either F8 before Windows loads, or MSConfig, as outlined previously - Boot.ini tab - select Safe Boot
ASKER
yea ive tryed it in safe mode, my pc is stable now but im still worried they might start up again so if ne1 has more ideas I'd love to hear them
thank you
thank you
have you started updating windows yet?
Have you made sure all other computers in the network are clean?
Have you made sure all other computers in the network are clean?
ASKER
yea ive updated all my windows files but i dont understand what u mean by all the computers i only have 1 connected to aol.
As this virus spreads over network shares. I just wanted to make sure no other computer on the network could infect your computer again.
Just wondering, you do have a firewall on your computer, don't you?
If you don't, get something like ZoneAlarm => http://www.zonelabs.com the free version will suit all your needs.
LucF
Just wondering, you do have a firewall on your computer, don't you?
If you don't, get something like ZoneAlarm => http://www.zonelabs.com the free version will suit all your needs.
LucF
Cheers,
IceRaven.