Solved

PE_Parite.A help

Posted on 2004-04-19
21
1,683 Views
Last Modified: 2013-12-04
hi,
I've been having trouble with my computer and was told it was a virus, so i got PC Cillin and found i had 1000 infected files with PE_Parite.A, after the scan i restarted my computer and all the files were infected again i dont know whats causing it if any1 can help i'd be grateul.

thank you
0
Comment
Question by:tonyxp
  • 6
  • 5
  • 4
  • +2
21 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 84 total points
ID: 10858169
Greetings tonyxp,

Check these links for online virus scanners.  It's recommended to run at least two of these.  
  Norton/Symantec --> http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
  Trend Micro -->     http://housecall.antivirus.com/housecall/start_corp.asp
  Panda ActiveScan--> http://www.pandasoftware.com/activescan/
  McAfee Security --> http://us.mcafee.com/root/mfs/default.asp
  Stinger -->         http://download.nai.com/products/mcafee-avert/stinger.exe

These links Check for Spyware:
  Spybot-S&D -->  http://www.safer-networking.org/
  HijackThis -->  http://www.spychecker.com/program/hijackthis.html
  Ad-Aware -->    http://www.netsecurity.about.com/library/blfreespyware.htm
  Web Shredder--> http://www.spywareinfo.com/~merijn/cwschronicles.html#cwshredder
  Pest Patrol --> http://www.pestpatrol.com/downloads/eval/download.asp
  PCHell removal->http://www.pchell.com/support/spyware.shtml

  Make sure that after downloading these, that you update them.  It helps to try at least two of these.
  If all else fails, download HijackThis and post the log that is generated after running it on your system.
~sirbounty
0
 
LVL 32

Assisted Solution

by:Luc Franken
Luc Franken earned 83 total points
ID: 10858170
Hi tonyxp,

I assume you checked these pages:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A
http://securityresponse.symantec.com/avcenter/venc/data/w32.pinfi.html

Make sure to disable system restore before cleaning.
Also make sure you check all workstations for the virus as it spreads through mapped drives and network shares.
What I suggest you to do is disconnect all computers from the network and scan all computer seperately for Parite.A

Greetings,

LucF
0
 
LVL 7

Assisted Solution

by:IceRaven
IceRaven earned 83 total points
ID: 10858191
Hi tonyxp,

You could be getting re-infected, this is a description of your virus here:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A

I would update PC Cillin,
Disconnect the comptuer from the internet / Network
Scan all the files,
Make sure you have the stay resident protection enabled in PC-Cillin
reboot the computer.
Scan again and see if you still have the problems.

Cheers,
IceRaven
0
Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 7

Expert Comment

by:IceRaven
ID: 10858200
hmmm I think I am getting link envy, I only have one :)

Cheers,
IceRaven.
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10858212
:)
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10858284
LOL
0
 

Author Comment

by:tonyxp
ID: 10858467
Thanks for repling i've tryed most of them but ill do it again to make sure. Whats troubling me is i run a anti-virus and it cleans most of them(but as you know they come back) and it cant clean the PE_parite.A-1 and on the website it says delete them but they hav infected system files like winlogon etc. in the task manager.
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10858483
>>they hav infected system files like winlogon etc.<<
That's not possible, the virus can't attach to them as they are in use, these are bogus files with the same name as the official winlogon.exe Try scanning from safe mode.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10858495
You can try the following method to eliminate items from startup:
  Click Start->Run->MSCONFIG

  In the Startup tab, start out by disabling everything you're unfamiliar with (or everything if you're unsure).
  Optionally, you can also disable non-Microsoft services from the Services tab.
  If the problem no longer exists after a reboot, then you can narrow it down as one of the items in your
  startup.  To permanently remove these item(s), proceed as follows...

  Click Start->Run->Regedit
  *Be careful when editing the registry as an accidental deletion can render your system inoperable.
  First navigate to the following key in the registry:
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunOnceEx, RunServices, RunServiceOnce or any of these with a trailing dash (-)

  Once found, click File, Export to save a copy of the key before you delete any items (if necessary).
  After the file has been saved, delete items as needed from the right pane.
  Now find the next startup key:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunServices, RunServiceOnce or any of these with a trailing dash (-)
  Follow the previous procedures to export a copy before deleting items from the right pane.

You could also post the log from HijackThis - if it's there, we'll find it... ;)
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10858535
Just noticed that PC Cillian Recommends you DELETE all files marked as
PE_PARITE.A-1, rather than clean them.

Just thought I would bring that up, I am guessing that they are bogus files as LucF says.

Cheers,
IceRaven.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10858660
Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Author Comment

by:tonyxp
ID: 10859903
nope tryed all of them ideas got all virus's wiped cleared redgistry and scan adware with alot of pograms but the only 1 i couldnt get rid of wasa virus in the anti-virus so idownloaded another 1 and wiped it and quess what they all cam back again.

there must be a master file some where.

thanks fr help by the way
0
 

Author Comment

by:tonyxp
ID: 10860549
ive just used panda scan and it found 100 when the other 1 found 1000 (dont know whats happining there) anyway it couldnt disinfect 4 files and in the log it said operating system instead of a file name and that doesnt sound good if ne1 can help.
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10860568
Again, have you tried scanning from safe mode?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10863199
Second that...Safe mode.
Either F8 before Windows loads, or MSConfig, as outlined previously - Boot.ini tab - select Safe Boot
0
 

Author Comment

by:tonyxp
ID: 10863748
yea ive tryed it in safe mode, my pc is stable now but im still worried they might start up again so if ne1 has more ideas I'd love to hear them

thank you
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10863788
have you started updating windows yet?
Have you made sure all other computers in the network are clean?
0
 

Author Comment

by:tonyxp
ID: 10864581
yea ive updated all my windows files but i dont understand what u mean by all the computers i only have 1 connected to aol.
0
 
LVL 32

Expert Comment

by:Luc Franken
ID: 10866421
As this virus spreads over network shares. I just wanted to make sure no other computer on the network could infect your computer again.

Just wondering, you do have a firewall on your computer, don't you?
If you don't, get something like ZoneAlarm => http://www.zonelabs.com the free version will suit all your needs.

LucF
0

Featured Post

Three Reasons Why Backup is Strategic

Backup is strategic to your business because your data is strategic to your business. Without backup, your business will fail. This white paper explains why it is vital for you to design and immediately execute a backup strategy to protect 100 percent of your data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

No security measures warrant 100% as a "silver bullet". The truth is we also cannot assume anything but a defensive and vigilance posture. Adopt no trust by default and reveal in assumption. Only assume anonymity or invisibility in the reverse. Safe…
Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

815 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now