Tech Support banner

Status
Not open for further replies.
1 - 4 of 4 Posts

·
Registered
Joined
·
2 Posts
Discussion Starter #1 (Edited)
ok, let me get started here, this is my first post
anyway, I have been doing some downloading lately, been to alot of 3rd party sides, yatta, yatta, yatta, and this PC has neverr ever been touched by anything, ever, that was bad, but of the stuff I know that was put on it.
anyway, my Anti-Virus software, which I must say is teh ROX, its Anti-Vir.
It has been reporting some .EXE files in my System volume information section, here is the exact path:
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP74\A0006204.EXE
C:\SYSTEM VOLUME INFORMATION\_RESTORE{F845E3DB-F751-4BE4-A620-64F2CA1BFB5F}\RP74\A0006201.EXE

Its been saying that it contains the code of the Windows virus "W32/Parite", and I was wondering that are these safe files, I have been telling it to deny any of its access, but ussually when my screen saver comes up, or I come out of my screen saver for some reason, it will warn me of this.
Now I know that some actual Windows files will cause the alarm to go off because of course they contain code done by microsoft, and of course bassically these A0006204.EXE, and A0006201.EXE, files contain relations to the virus. I just want to know if its ok to go ahead and delete these, or must I allow them to run. also I think there are alot off these files in here, (SYS VOL INFO section) I just don't want to screw up my install, becuse I really don't have the time to sit and get copy all my files onto another HDD. I have a support disc though that I built using Bart's PE builder, but thats not the point of this thread, so I will end it here.
thanks for any help in advance. :)

EDIT: oh yeah 1 more thing, of course when I open the folder to all these A########.EXE files AntiVir keeps telling me that they are all containing the "W32/PARITE" Windows Virus. just wanting to know if this is really really bad. of course is that where ever I browse, Anti-Vir browses and scans for me. again thanks in advance to the deep OS Guru's, these deep things aren't really my field.
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
The simple answer would be to flush your system restore points.

CLEAR & RESET SYSTEM RESTORE'S CACHE
Go to Start >> Run - type control sysdm.cpl,,4 & press Enter

* Tick on the checkbox - Turn off System Restore on all drives
* Click Apply

Turn it back 'On' by unticking the same checkbox & click OK

A more involved approach would be to have us look over your system.

Please download HijackThis - this program will help us determine if there are any spyware/malware on your computer. Double-click on the file you just downloaded.
Click on the "Unzip" button to install. It will by default install to the directory - C:\PROGRAM FILES\HIJACKTHIS\

Double click on HijackThis.exe to run the program.

1. If it gives you an intro screen, just choose 'Do a system scan and save a logfile'.
2. If you don't get the intro screen, just hit Scan and then click on Save log.
3. Post the hijackthis.log file in the HijackThis Log Help forum. Do not fix anything in HijackThis since they may be harmless.
 

·
Registered
Joined
·
2 Posts
Discussion Starter #3
ok thanks for that but I also would like to know if I can just delete these VIA Anti-Vir, cause all I have to do is tell it to delete itand all of its related items with it. this is the first time I have ever had a problem with this system, I know for a fact that I don't have anyother malware, spyware, worms, viruses, or anything, I was just wanting to know if its ok to delete these in case it messes up my system at all. but thanks for the help.
 

·
TSF Security Manager, Emeritus
Joined
·
52,197 Posts
Generally, allowing another program to delete something from System Restore points renders those points worthless. Flush the points. Set a new clean point.

Malware is very clever at hiding, and unless you're an expert at rooting them out, the tool you mentioned is not enough to see all the places where they hide.

That said, it's your system. I'm only offering you advice on what course I would take in that instance.
 
1 - 4 of 4 Posts
Status
Not open for further replies.
Top