Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

PE_Parite.A help

Posted on 2004-04-19
21
1,687 Views
Last Modified: 2013-12-04
hi,
I've been having trouble with my computer and was told it was a virus, so i got PC Cillin and found i had 1000 infected files with PE_Parite.A, after the scan i restarted my computer and all the files were infected again i dont know whats causing it if any1 can help i'd be grateul.

thank you
0
Comment
Question by:tonyxp
  • 6
  • 5
  • 4
  • +2
21 Comments
 
LVL 67

Accepted Solution

by:
sirbounty earned 84 total points
ID: 10858169
Greetings tonyxp,

Check these links for online virus scanners.  It's recommended to run at least two of these.  
  Norton/Symantec --> http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
  Trend Micro -->     http://housecall.antivirus.com/housecall/start_corp.asp
  Panda ActiveScan--> http://www.pandasoftware.com/activescan/
  McAfee Security --> http://us.mcafee.com/root/mfs/default.asp
  Stinger -->         http://download.nai.com/products/mcafee-avert/stinger.exe

These links Check for Spyware:
  Spybot-S&D -->  http://www.safer-networking.org/
  HijackThis -->  http://www.spychecker.com/program/hijackthis.html
  Ad-Aware -->    http://www.netsecurity.about.com/library/blfreespyware.htm
  Web Shredder--> http://www.spywareinfo.com/~merijn/cwschronicles.html#cwshredder
  Pest Patrol --> http://www.pestpatrol.com/downloads/eval/download.asp
  PCHell removal->http://www.pchell.com/support/spyware.shtml

  Make sure that after downloading these, that you update them.  It helps to try at least two of these.
  If all else fails, download HijackThis and post the log that is generated after running it on your system.
~sirbounty
0
 
LVL 32

Assisted Solution

by:LucF
LucF earned 83 total points
ID: 10858170
Hi tonyxp,

I assume you checked these pages:
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A
http://securityresponse.symantec.com/avcenter/venc/data/w32.pinfi.html

Make sure to disable system restore before cleaning.
Also make sure you check all workstations for the virus as it spreads through mapped drives and network shares.
What I suggest you to do is disconnect all computers from the network and scan all computer seperately for Parite.A

Greetings,

LucF
0
 
LVL 7

Assisted Solution

by:IceRaven
IceRaven earned 83 total points
ID: 10858191
Hi tonyxp,

You could be getting re-infected, this is a description of your virus here:

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=PE_PARITE.A

I would update PC Cillin,
Disconnect the comptuer from the internet / Network
Scan all the files,
Make sure you have the stay resident protection enabled in PC-Cillin
reboot the computer.
Scan again and see if you still have the problems.

Cheers,
IceRaven
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 7

Expert Comment

by:IceRaven
ID: 10858200
hmmm I think I am getting link envy, I only have one :)

Cheers,
IceRaven.
0
 
LVL 32

Expert Comment

by:LucF
ID: 10858212
:)
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10858284
LOL
0
 

Author Comment

by:tonyxp
ID: 10858467
Thanks for repling i've tryed most of them but ill do it again to make sure. Whats troubling me is i run a anti-virus and it cleans most of them(but as you know they come back) and it cant clean the PE_parite.A-1 and on the website it says delete them but they hav infected system files like winlogon etc. in the task manager.
0
 
LVL 32

Expert Comment

by:LucF
ID: 10858483
>>they hav infected system files like winlogon etc.<<
That's not possible, the virus can't attach to them as they are in use, these are bogus files with the same name as the official winlogon.exe Try scanning from safe mode.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10858495
You can try the following method to eliminate items from startup:
  Click Start->Run->MSCONFIG

  In the Startup tab, start out by disabling everything you're unfamiliar with (or everything if you're unsure).
  Optionally, you can also disable non-Microsoft services from the Services tab.
  If the problem no longer exists after a reboot, then you can narrow it down as one of the items in your
  startup.  To permanently remove these item(s), proceed as follows...

  Click Start->Run->Regedit
  *Be careful when editing the registry as an accidental deletion can render your system inoperable.
  First navigate to the following key in the registry:
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunOnceEx, RunServices, RunServiceOnce or any of these with a trailing dash (-)

  Once found, click File, Export to save a copy of the key before you delete any items (if necessary).
  After the file has been saved, delete items as needed from the right pane.
  Now find the next startup key:
   HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
   *You might also find RunOnce, RunServices, RunServiceOnce or any of these with a trailing dash (-)
  Follow the previous procedures to export a copy before deleting items from the right pane.

You could also post the log from HijackThis - if it's there, we'll find it... ;)
0
 
LVL 7

Expert Comment

by:IceRaven
ID: 10858535
Just noticed that PC Cillian Recommends you DELETE all files marked as
PE_PARITE.A-1, rather than clean them.

Just thought I would bring that up, I am guessing that they are bogus files as LucF says.

Cheers,
IceRaven.
0
 
LVL 12

Expert Comment

by:trywaredk
ID: 10858660
Cleaning your computer  - and protecting it in the future -  can't be answered with one issue.

As you can see in my url below there are at least 7 different issues, where you should decide 1 of each, or else you does'nt protect your computer at all.

The reason is, that the many different programs not always protects against each other, and each of them does'nt protect equally.

It's very important, that you study all of these issues in my knowledgebase (some of them are freeware):
http://www.tryware.dk/English/Knowledgebase/HowToProtectYourComputer.html

BTW: I'm using the Trend Micro virus-suite, and SoftScan , and haven't got any of my servers or computers infected since 1999.

Many Regards
Jorgen Malmgren
IT-Supervisor
Denmark

:o) Your brain is like a parachute. It works best when it's open
0
 

Author Comment

by:tonyxp
ID: 10859903
nope tryed all of them ideas got all virus's wiped cleared redgistry and scan adware with alot of pograms but the only 1 i couldnt get rid of wasa virus in the anti-virus so idownloaded another 1 and wiped it and quess what they all cam back again.

there must be a master file some where.

thanks fr help by the way
0
 

Author Comment

by:tonyxp
ID: 10860549
ive just used panda scan and it found 100 when the other 1 found 1000 (dont know whats happining there) anyway it couldnt disinfect 4 files and in the log it said operating system instead of a file name and that doesnt sound good if ne1 can help.
0
 
LVL 32

Expert Comment

by:LucF
ID: 10860568
Again, have you tried scanning from safe mode?
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10863199
Second that...Safe mode.
Either F8 before Windows loads, or MSConfig, as outlined previously - Boot.ini tab - select Safe Boot
0
 

Author Comment

by:tonyxp
ID: 10863748
yea ive tryed it in safe mode, my pc is stable now but im still worried they might start up again so if ne1 has more ideas I'd love to hear them

thank you
0
 
LVL 32

Expert Comment

by:LucF
ID: 10863788
have you started updating windows yet?
Have you made sure all other computers in the network are clean?
0
 

Author Comment

by:tonyxp
ID: 10864581
yea ive updated all my windows files but i dont understand what u mean by all the computers i only have 1 connected to aol.
0
 
LVL 32

Expert Comment

by:LucF
ID: 10866421
As this virus spreads over network shares. I just wanted to make sure no other computer on the network could infect your computer again.

Just wondering, you do have a firewall on your computer, don't you?
If you don't, get something like ZoneAlarm => http://www.zonelabs.com the free version will suit all your needs.

LucF
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Users of Windows 10 Professional can disable automatic reboots using the policy editor. This tool is not included in the Windows home edition. But don't worry! Follow the instructions below to install (a Win7) policy editor on your Windows 10 Home e…
Container Orchestration platforms empower organizations to scale their apps at an exceptional rate. This is the reason numerous innovation-driven companies are moving apps to an appropriated datacenter wide platform that empowers them to scale at a …
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…

860 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question