Win32/Parite.b

　　Win32/Parite.B
　　病毒码发布日期：Feb 28, 2002
　　别名：W32/Parite-B, Win32.Pinfi.A, Win32/Pinfi.A, Win32.Parite.b, W32.Pinfi, W32/Pate.b.tmp
　　病毒类型：文件型病毒 (File Infector Virus)
　　在外流行：无
　　破坏性：无
　　综合风险等级：低
　　感染报告：低
　　破坏力：低
　　感染力：低
　　语言：English
　　加密：是
　　影响平台：Windows 9X/Me/NT/2000/XP/Vista

描述：

　　This malware is the dropped DLL file of PE_PARITE.A. It infects all *.EXE and *.SCR files in all local and shared network drives. However, it does not execute on its own and needs to be invoked by another application.
　　Win32/Parite.b的病毒程序用C++编写，组成的组件是由汇编程序编写的，感染的文件运行后，直接控制病毒生成文件使其将病毒文件写为临时文件并执行它的感染程序，并在逻辑硬盘和局域网里的共享目录里搜索所有.scr和.exe类型的Win32 PE格式文件进行感染。

解决方案:

　　For Windows 9X/ME systems:
　　Download the ERD (Emergency Rescue Disk) from the following site: http://www.trendmicro.com/pc-cillin/support/edisk.htm
　　Turn off the computer you suspect is infected with a virus. Do not reset or reboot because some viruses may remain intact in the computer's memory.
　　Insert Disk 1 - "Emergency Boot Disk?into your A: drive and turn on the computer.
　　Follow the on-screen prompts.
　　When the scan is complete, remove the disk from your floppy drive and restart your computer.
　　For Windows NT/2K/XP systems:
　　Close all running applications.
　　Open the Trend Micro product you are using or point your browser to HouseCall, Trend Micro's free online virus scanner.
　　The EXPLORER process is infected so we must terminate it before cleaning can be done. To do so, do the followuing:
　　Open task manager by pressing Ctrl-Shift-Esc.
　　Click the Processes tab and click the Explorer.exe. Click the End Process button.
　　(Note: The Windows Startbar and desktop should disappear.)
　　Press Alt-Tab a few times until the window where the Trend Micro product or Housecall is selected. Scan your system with Trend Micro antivirus and clean all files detected as PE_PARITE.A and PE_PARITE.B.
　　The system must be restarted. Press Ctrl-Alt-Del then click Shutdown. When prompted, restart your system.