Win32/Parite

Discussion in 'Malware Help (A Specialist Will Reply)' started by asda123, Jul 2, 2007.

  1. asda123

    asda123 Private E-2

    O poop, i "Think" i have a virus....

    So my little brother downloaded a "Game" for free, when it didn't work he got suspicious. So he looked around for a while reading what people have said to try get it working and he finds out that its apparently a key logger so my brother gets me to help. Anyway, this guy posted an MSN address to contact him for removal details and he tells me the key logger injects itself into everything on the PC including explorer.exe and it is actually impossible to remove.

    I asked how he knows and he simply replied "I helped code the virus with some friends but it wasn't made for this" this is where i though he was lier, but i scanned the file for the first time and there it came up as Win32/Parite. I read about this and it seems to fit the description of what he has told me but it says low risk, medium spread if it had a key logger surely it would be high risk but maybe he has adapted it to become more harmful.

    I tried removing it with Anti-Parite from www.bitdefender.com and it got halfway through the removal and crashed, now i cant even run the removal tool for 30seconds.

    I checked other PC on my network and now they seem to be infected also. All i ask is for a little help and a few questions answered and i know my brother has been stupid he should have scanned it before also i regret not having an anti virus installed i never expected anything like this would happen to me.

    1) Is it possible for this to be a key logger or steal any harmful information from me?
    2) How should i go about removing it (e.g. Unplug all PCs on network and run the scanner on each one) ?

    Thanks for any help.
     
    asda123, Jul 2, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Welcome to Major Geeks!

    I'm not sure that this infection is actually a keylogger. It does infect all EXE and SCR files and it does spread over network shares. So yes you will need to clean all PCs on the network and you unplug all PCs from the network and also disable any sharing while cleaning this all up.

    Did you try running the tool from BitDefender after booting into safe mode?

    What antivirus program do you now have installed (if any)? Do all PCs have an antivirus program installed now?


    Have you read this?

    http://www.symantec.com/security_response/writeup.jsp?docid=2003-011708-2030-99


    You may want to give the below a try if you are still having problems!

    Download the following two files, create a folder on your desktop, call it TSC. Save these 2 files there.

    Note: They must be in the same directory for the scan to work properly!

    Sysclean Package

    Trend Micro Pattern File for Windows

    After you download the above the above, locate the file "lptxxx.zip" (where xxx will be a number representing the version number. Currently this is 573), right click to extract the contents into the same directory you created!

    Once you complete the steps above, REBOOT INTO SAFE MODE!

    Once in Safe Mode double click the file sysclean.com. When the system cleaner loads, click SCAN to start the scanner. After you complete the scan reboot and attach the Trend SysClean Log here.
     
    chaslang, Jul 3, 2007
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds