Name:
Parite virus
Also known as:
Pinfi, Pate, Win32.Parite.a, W32/Pate.a, W32.Pinfi, Win32.Pinfi.A, PE_PARITE.A, W32/Parite-A, Win32/Parite.A
Type:
Memory-resident polymorphic file infector
Affects:
EXE and SCR files on Windows 32-bit platforms
Discovered:
October 15, 2001
Description:
There are two viruses involved with a Parite infection. Parite.A drops Parite.B as a dll to the Windows Temp directory, designating a filename based on the current system time (at infection).
The filename has the following format:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PINF
Parite.B then infects the EXPLORER.EXE process, allowing it to remain resident in memory, after which Parite.B proceeds to infect all EXE and SCR files found on local and shared network drives. These files will be infected with Parite.A.
Vendor Descriptions:
Parite virus
Also known as:
Pinfi, Pate, Win32.Parite.a, W32/Pate.a, W32.Pinfi, Win32.Pinfi.A, PE_PARITE.A, W32/Parite-A, Win32/Parite.A
Type:
Memory-resident polymorphic file infector
Affects:
EXE and SCR files on Windows 32-bit platforms
Discovered:
October 15, 2001
Description:
There are two viruses involved with a Parite infection. Parite.A drops Parite.B as a dll to the Windows Temp directory, designating a filename based on the current system time (at infection).
The filename has the following format:
- [3 letters][4 hex characters].tmp
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\PINF
Parite.B then infects the EXPLORER.EXE process, allowing it to remain resident in memory, after which Parite.B proceeds to infect all EXE and SCR files found on local and shared network drives. These files will be infected with Parite.A.
Vendor Descriptions: