Hi, I’m new to the boards. I did a google search to find this place, hopefulyl it can help me wiht my issues. I recently discovered that alot of virus’ was in my C:\ drive.
So I did the normal avast search, deleted most of them except for 2. It said that they could not be deleted. One file was ashQuick.exe (which was located in one of the avast program ffile folders ironicly enough) And another one was a .tmp file extension which I can’t seem to remember.
However, whenever I try to use avast now, most of my .exes do not load. It does a browse search or is replaced by my disk cleanup. I am not sure if avast is planting virus’, or what but now I can’t seem to uninstall avast. Plus, it won’t delete the virus that it has.
I tried ad-aware, and it found 115 virus’, but still couldn’t detect the two that seems to be corrupting most of my programs.
If anyone is having the same problems, please reply back and/or IM me on my aim : CM Punk AAR. Thanks
I can’t remember the other one but that is the main one that is causing the problem
And plus whenever i use my aim now, whenever I try to put up an away message, it makes this fast clicking sound then it closes the application. These problems started to occur last night.
ashQuick.exe is the quick scanner from Avast. From the info you provided it looks like you at least have a virus that infects applications on install. I suggest you click on the link in my signature and follow all steps on that page. Instead of scanning with Avast I would say scan with at least two online scanners. Take your time to read that page and do the things as explained there. Let us know the status when you are finished.
Ok, I tried to run the first one that they mentioned avg) and they detected the main virus was Win32/Parite. It keeps infecting everything, and it;s infecting my browsers, and i Have to keep re-installing them. I’m not sure if that’s the main virus, but avg is detecting that’s what’s infecting everything
Logfile of HijackThis v1.98.2
Scan saved at 12:42:47 PM, on 8/25/2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
I suggest you click on the link in my signature, get the HijackThis Log Analyzer and see what it tells you. Also copy/paste your log file HERE and see what that tells you. After doing so, create a new log and tell us what things you don’t know or still have problems/doubts about.
It won’t let me use Hi-jack this now, because the win32/Parite virus has now infected it and it won’t le tme run nor uninstall it to re-install hijack this. This is the virus that is infecting everything and it’s not getting deleted/can’t be deleted
Ok, lets aproach it differently. Run one or two online scanners and make sure you enable the “repair/fix” option when running them to at least get rit of the most harmfull things. Let us know the result after you finished them.
ps: HJT can be run from a (boot)floppy as well as can mine HJT log analyzer.
Hi-jack this doesn’t seem to know what’s infected and what’s not, I figured out how to work it again, but it keeps saying my aim isn’t infected and that it’s safe when I uninstalled my aim awhile ago when it was infected.
I just need to find someway how to get rid of this win32/Parite virus.
I used every single thing on the link you gave me, and it has still not got rid of it. I think this is a new virus because I have never heard of it before.
Ok it’s infecting everything now except for th ebrowser, it even got into my memory and infected it, luckily I got it out before it did any damage. It’s lurking on almost every file and has corrupted it. I can’t click on anything except for the browser without it saying virus found win32/Parite virus found
It’s not letting me uninstall anything now. And I had to be quick because it seems to be timed and infects everything rather quickly before you can fix it. This is one of the worse virus’ I have evr had (worse than the sasser) And I am not exaggerating at all. It won’t let me re-install anything.
This is pissing me off. Sorry, and thanks for all the help . I really do appreciate it
Hi-jack this doesn't seem to know what's infected and what's not
True, HiajckThis is not a tool that tells you what is harmfull or not. But it does show a lot of information and it is up to you as user to decide what to remove or keep.
I think this is a new virus because I have never heard of it before.
No it is not a new malware. It could be there is a new version of it, but that is not likely. Parite aka Pinfy aka Pate is a memory-resident polymorphic virus that will infect the .EXE and .SCR files and is known since october 2001.
I used every single thing on the link you gave me, and it has still not got rid of it.
Sounds to me applications on your system are infected when installing them. That means that you can't trust them to work properly.
On the Avast website you can ask for a demo/trial version of the BART cd. Although it is a demo/trial version it is fully functioning. Only time period limitation. Get that one and use a clean system to create the cd. Use that to clean/delete at least the majority of the infection.
Ugh, those bastards turned me down. You have to fill out this ofrm and they turne dme down sighs. Thanks for your help though. if you find another way please inform me
Ok these guys know more about this kind of thing than I do but if you have the windows instilation disks for your computer my suggestion is to wipe the drive clean…I know that’s typically the last thing anyone wants to do but if it’s infecting everything that might be 1 of your only options?
This is like using a sledge hammer to crack a nut and I would say an option of last resort. Not least having to re-install everything and have to go online and re-download all windows update patches, etc. (especially when SP2 has just been released), not to mention all your programs and tweaks and settings (a real pain).
An other potential problem is getting infected when you go inline for hours to download the patches, taking you right back to square one. Recent reports state the average time to get infected (for a vulnerable PC) is 20 mins, I however feel that 20 minutes is a high figure.
People should have a reasonable backup and recovery strategy for when they experience serious system problems. I take an image of my C: (windows) and D: (programs and Data files) partitions every week and a backup of data files daily. I can restore an image in about 15 minutes or less and data in seconds.
everything has two sides…
a) you’re probably right generally about the sledgeHammer
b) imho you’re wrong in this here case…:
even if PARITE is seemingly successfully removed/Cleaned, that doesn’t mean that all programs will be successfully repaired/working…
(especially if avast & VRDB isn’t working properly anymore).
And this sure can wreak havoc on your system …
OP had obviously some active trojans/worms probably with BackdoorFunctions → the system’s security is compromised already…
For XP: There’s SP2 available → Just get the full Installer somehow on CD.
flatten your Windows-Partition, and reinstall (OFFLINE!!) XP + SP2, avast and maybe firewall…
Then you’ve a basic protection…
Secure Passwords, Secure Browser-settings of course still need to be done immediately…Plus SafeHex & Brain1.x