Protecting over 200 million PCs, Macs, & Mobiles – more than any other antivirus

May 27th, 2011

Friendship and an immortal virus

Yes, an immortal virus seems to exist … at least in comparison to the usual life cycle of malware. While there are lots of malware families with very short half-life, there are only few with a long life. Parite (aka Pinfi) – a real long-playing evergreen – is one of them. Parite will reach the 10-year milestone this October. Gosh! Ten years! Can you remember what your computer looked like ten years ago? Ten years is an eternity in the world of IT. Just try to list what has changed and evolved during this period. There’s the obvious evolution of Windows and antivirus software for starters. But, despite all these changes, Parite is still with us.

This is surprising. Here are five reasons why Parite should have vanished:

  1. Parite has no major distribution/update network
  2. Parite is trivial
  3. Parite is well known and well detected
  4. The vast majority of AV engines (including us) is able to fully cure the infection (either during a regular scan or with a dedicated stand-alone removal tool)
  5. People tend to reinstall their OS from time to time and set up the computer freed from malware

But, there are still tens of Parite submissions in our reporting system every day – and they are definitely not false positives. I believe that Parite is spread only by file exchanges between friends (if we don’t count spreading through net-shares in local networks). And this is where the individual user must make his or her decision: “Should I trust my friend that the file is clean (and subsequently report it as a false positive) or should I trust my antivirus app?”. Parite will be immortal as long as the first group of users do not change their minds. And I’ll have to tell Parite a “happy birthday” instead of “R.I.P” in October.

  1. May 28th, 2011 at 16:37 | #1

    It’s mostly because of ppl who say they don’t need antivirus. File infectors aren’t something you can spot by yourself. You simply have to check the code in-depth.

    I think large number of it is from old backups of stuff from the past. I still have some CD’s from around 1998-1999 with stuff i recorded back then. If ppl do the same and they have Parite in it and still think they know it better by not using any AV, well you get that.

    Though it makes me wonder if Microsoft Malware Removal tool detects Parite. Because in that case it would get cleaned by Windows itself. Unless users know it better again and dont even download and run this tool from Windows Update…

  2. May 28th, 2011 at 18:30 | #2

    @RejZoR
    Many users of illegal Windows copies simply don’t use WinUpdate imho. And besides, maybe, they think that they know everything better than an AV program.

  3. Tech
    May 30th, 2011 at 13:23 | #3

    Nice reading

  4. Aethec
    May 30th, 2011 at 22:23 | #4

    Many people still think that viruses are for dummies.

  5. May 31st, 2011 at 06:36 | #5

    Hi Michal,

    Nice article and celebration for this Parite variants…

    cheers,

  6. marcelo.petal
    May 31st, 2011 at 14:16 | #6

    infect myself with a variant of Parite few days ha …
    they engaged in one of my programs,(1 RAR with 200 programs totally 1gb)
    rar 200 1gb with other programs that I had the season
    I started with iT, the RAR had over 4 years ..
    I was still with the avira stopped …
    more depending on the proliferation of virus removal
    wait …
    on a partition of 90GB I had originally 40GB
    busy. The peculiarity of the equal and engage 180kb
    infected file, 180kb their malicious code, my hd
    was accusing little space …
    avira as i had 191mb of ram sometimes he activated
    sometimes not, Avira idle consumes 70.000kb, avast with
    its two processes going from 7,000kb to 20,000kb max .. idle
    (google traductor sux)
    hugs from brazil…
    marcelo.petal@gmail.com

  7. marcelo.petal
    May 31st, 2011 at 14:17 | #7

    parite archivied in the olds cds and backup, and he never die with this…

  8. June 10th, 2011 at 12:42 | #8

    Was not know much about Partie so thankful to you to let know about this kind of virus. So was wondering how can I save my file from this Partie virus? Does AVAST help me in this?

  9. June 10th, 2011 at 14:09 | #9

    @Used cubicles Miami
    As mentioned in the article – almost all AV engines (including us) detect and clean Parite very well.

  10. desislava velcheva
    June 10th, 2011 at 17:34 | #10

    you are the best avast!

  11. June 13th, 2011 at 08:04 | #11

    @Michal Krejdl
    Maybe a FUD encoded version of it distributed in cracks that tell you to switch of your AV ?

  12. June 17th, 2011 at 08:27 | #12

    The Immortality Virus didn’t come to me in a burst of inspiration.

  13. shre54321
    June 23rd, 2011 at 07:26 | #13

    avast! has been by loyal antivirus…..
    it protected me against the JS-Redirector trojan when i clicked on some search related link on google though i was taken to the infected site avast! found it before the site could load and aborted the connection….thanks for protecting us avast!

Comments are closed.