W32/Parite.B

This is the virus that I found in my pc. It is the first time I encounter the virus.

I thought it was a new virus, but when I search it on the internet, the virus was created since 2003

It will affects on the MS-Windows folder.

From http://www.fortiguardcenter.com

Visible Symptoms
  • Creation of a .TMP file in the Windows\Temp folder 176,128 bytes in size
  • Increase of EXE or SCR file types by 177Kb
Threat Analysis
  • Virus is 32bit, with a size of 177600 to 177700 bytes
  • Virus writes its code to a file in the Windows\Temp folder in order to execute and infect other files – the created file will be 176,128 bytes and have a .TMP extension
  • Virus then creates a key in the registry –HKEY_CURRENT_USRE\Software\Microsoft\Windows\
    CurrentVersion\Explorer\
    PINF = (HEX value representing the path and filename of the .TMP file created)
  • Virus will infect .EXE or .SCR files on the local system – the infected file will grow in size by a range of 177600 to 177700 bytes
Action
Check the main screen using the web interface for your FortiGate unit to ensure that the latest AV/NIDS database has been downloaded and installed on your system – if required, enable the “Allow Push Update” option

4 thoughts on “W32/Parite.B

  1. Virus.hehehe.tandah nya btempek lam Pc.bik mam racun tengkorak nya.mun jak dpt cmya.hehehe..ktk nulis entry pake B.I mek eply pake klak sawak.hahaha.kmk mdah ajak.

  2. owh aku pernah kenak tok dolok. sik alah buang ada jak nya muncul rah tempat2 lain. last2 tpaksa ku format. virus tok kuat berjangkit.

    virus-virus benci….ehh ya lagu Dewa hehehe

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s