PDA

View Full Version : W32/parite Virus



jay_1958
02-11-2003, 09:34 PM
Hi guys just to warn you that there is a nasty virus called W32/Parite Virus sitting in

a file called The Sims Living Large
and The-Sims-with livin large-Standalone

Sims Living Large.zip.exe 182.283k description niiiice working copy

W32/Parite-B
Aliases
W32.Pinfi W32/Pate-B

Type
Win32 executable file virus

Detection
Detected by Sophos Anti-Virus since November 2001.

Description
Once W32/Parite-B has been executed it will remain in memory, infecting every PE and SCR file on every drive and network share.

The main viral code will be dropped to a randomly named TMP file in the Windows temp directory. The file is 172Kb in size.

sorry my file is outta my comp now as AVG got it straight away and stooopid me did not get the user of the file or the IP

anyways searched for it just now and two users have the file

stephnecker@fileshare hers is called The-Sims-with livin large-Standalone
dark_delirium@kazaa The Sims Living Large

I tired to message them to no avail

The Great Dude
02-11-2003, 09:41 PM
Ok, well that shows how sometimes you take risks. Make sure you have a good AV Scanner to reduce the risk.

Knuckles187
02-11-2003, 11:49 PM
heh thanx for this my g.f downloaded this one and wouldve got stung.. nice one

sillimander
02-12-2003, 05:50 PM
I noticed there seems to be even more viri than normal in kazza files. I've found PE_HANTANER in a bunch of different downloads lately. One was a plug in pack for Winamp, one was Partition Magic and yesterday it was in a Sim City 4000 file.

Yesterday it caught it and said it cleaned it so I kept downloading but when the file finished it was sized wrong and wouldn't work. Any one know if it's fixable or should I trash it?

PE_HANTANER is a pain to get rid of if you get it. It will also infect your restore points in XP and you have to cut of restore to clear them out or the anivirus scanner will keep finding it in your volumn files. I had that problem when I actually caught it from that stupid winamp file.(I was running an older antivirus at the time and had done an online "housecall" which found it) I updated to PC-Cillin 2003 and it seems to be good at catching things before I download them.

I wish people wouldn't spread viri, I just don't understand the pleasure they get from screwing people over. I'll just never get it.

jay_1958
02-12-2003, 08:11 PM
To be Honest I would bin the file....I would not even try to fix it.
I downloaded hantaner today also in a Sims exp pack.
I use AVG and its been a saviour so far

I think that there are peeps out there purposely infecting these files but I also think that alot of the users are not using AV...why I don't know and hence they do not know they have a virus until they execute it and then its too late.

Also they continue to keep the exe as they do not know where it came from in the beginning.
I work as a tech support and there are soo many people out there using Kazaa and do not know what they are doing or what can happenand have no AV protection.

kaysarrah!

sillimander
02-13-2003, 07:07 AM
I have an idea. You kazaa-lite dudes should make a forum called "Virus and Trojan Warnings". That way we can post warnings in one place so users can keep a head's up when a bad file hits the network. We all know that even those of us that use Anti-Virus prog's still have some rare ones that squeak by. All of the AV prog's occasionally miss stuff that another brand will catch. By coordinating reports we might be able to keep ahead of the losers that enjoy ruining all our fun.

jetje
02-13-2003, 12:08 PM
If you need info updates on viri just subscribe to a newsletter about it for the Dutch virusalert.nl (http://www.virusalert.nl) but think all countries have one. btw don't agree on scanners missing much. If you update on regular base they hardly miss any. The things they seem to think off different are most times the bogus viri, like used in jokes.