Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus


May 27th, 2011

Friendship and an immortal virus

Yes, an immortal virus seems to exist … at least in comparison to the usual life cycle of malware. While there are lots of malware families with very short half-life, there are only few with a long life. Parite (aka Pinfi) – a real long-playing evergreen – is one of them. Parite will reach the 10-year milestone this October. Gosh! Ten years! Can you remember what your computer looked like ten years ago? Ten years is an eternity in the world of IT. Just try to list what has changed and evolved during this period. There’s the obvious evolution of Windows and antivirus software for starters. But, despite all these changes, Parite is still with us.

This is surprising. Here are five reasons why Parite should have vanished:

  1. Parite has no major distribution/update network
  2. Parite is trivial
  3. Parite is well known and well detected
  4. The vast majority of AV engines (including us) is able to fully cure the infection (either during a regular scan or with a dedicated stand-alone removal tool)
  5. People tend to reinstall their OS from time to time and set up the computer freed from malware

But, there are still tens of Parite submissions in our reporting system every day – and they are definitely not false positives. I believe that Parite is spread only by file exchanges between friends (if we don’t count spreading through net-shares in local networks). And this is where the individual user must make his or her decision: “Should I trust my friend that the file is clean (and subsequently report it as a false positive) or should I trust my antivirus app?”. Parite will be immortal as long as the first group of users do not change their minds. And I’ll have to tell Parite a “happy birthday” instead of “R.I.P” in October.

  • http://www.rejzor.tk RejZoR

    It’s mostly because of ppl who say they don’t need antivirus. File infectors aren’t something you can spot by yourself. You simply have to check the code in-depth.

    I think large number of it is from old backups of stuff from the past. I still have some CD’s from around 1998-1999 with stuff i recorded back then. If ppl do the same and they have Parite in it and still think they know it better by not using any AV, well you get that.

    Though it makes me wonder if Microsoft Malware Removal tool detects Parite. Because in that case it would get cleaned by Windows itself. Unless users know it better again and dont even download and run this tool from Windows Update…

  • http://www.avast.com Michal Krejdl

    @RejZoR
    Many users of illegal Windows copies simply don’t use WinUpdate imho. And besides, maybe, they think that they know everything better than an AV program.

  • Tech

    Nice reading

  • Aethec

    Many people still think that viruses are for dummies.

  • http://www.ppinfotek.com yanto chiang

    Hi Michal,

    Nice article and celebration for this Parite variants…

    cheers,

  • marcelo.petal

    infect myself with a variant of Parite few days ha …
    they engaged in one of my programs,(1 RAR with 200 programs totally 1gb)
    rar 200 1gb with other programs that I had the season
    I started with iT, the RAR had over 4 years ..
    I was still with the avira stopped …
    more depending on the proliferation of virus removal
    wait …
    on a partition of 90GB I had originally 40GB
    busy. The peculiarity of the equal and engage 180kb
    infected file, 180kb their malicious code, my hd
    was accusing little space …
    avira as i had 191mb of ram sometimes he activated
    sometimes not, Avira idle consumes 70.000kb, avast with
    its two processes going from 7,000kb to 20,000kb max .. idle
    (google traductor sux)
    hugs from brazil…
    marcelo.petal@gmail.com

  • marcelo.petal

    parite archivied in the olds cds and backup, and he never die with this…

  • http://www.office-bargains.com Used cubicles Miami

    Was not know much about Partie so thankful to you to let know about this kind of virus. So was wondering how can I save my file from this Partie virus? Does AVAST help me in this?

  • http://www.avast.com Michal Krejdl

    @Used cubicles Miami
    As mentioned in the article – almost all AV engines (including us) detect and clean Parite very well.

  • desislava velcheva

    you are the best avast!

  • http://hacktohell.blogspot.com HackToHell

    @Michal Krejdl
    Maybe a FUD encoded version of it distributed in cracks that tell you to switch of your AV ?

  • http://www.alphaimpactwindows.com replacement windows delray beach

    The Immortality Virus didn’t come to me in a burst of inspiration.

  • shre54321

    avast! has been by loyal antivirus…..
    it protected me against the JS-Redirector trojan when i clicked on some search related link on google though i was taken to the infected site avast! found it before the site could load and aborted the connection….thanks for protecting us avast!