Home / malware Virus:Win32/Parite.B
First posted on 19 June 2009.
Source: SecurityHomeAliases :
Virus:Win32/Parite.B is also known as Also Known As:Win32/Pinfi.A (CA), Win32/Parite.B (Kaspersky), W32/Pate.b (McAfee), W32.Pinfi (Symantec), PE_PARITE.A (Trend Micro).
Explanation :
Win32/Parite is a polymorphic file infecting virus that infects all portable EXE and SCR files found on local and shared network drives.
Symptoms
The presence of registry subkey HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerPINF may be indication of a Win32/Parite infection.
The Win32/Parite virus is a polymorphic file infector. When run on a system, Win32/Parite takes the following actions:Drops a dynamic link library (DLL) to the Windows Temp directory, composing the name based on the current system time at the time of infection, using the format <3 letters><4 hex characters>.tmp Injects the DLL into the explorer.exe process and modifies the registry to point to that DLL: Adds Subkey: PINFTo key: HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerInfects all portable EXE and SCR files found on local and shared network drives. Last update 19 June 2009
