The virus is a file infector that is composed of two parts: a small stub written in Assembler, appended to the files infected that decrypts the main virus body, also appended to the infected file. The main virus body is a PE file written in Borland C++ that it?s dropped in the Windows\TEMP directory (or whatever location temporary files have on your system).
The virus infects PE files, and searches for files with *.exe and *.scr extensions, on local drives, network drives and network shares on local network. Because the virus appends to every infected file the main body, which is ~180K in size, there should be a visible decrease in free space on your volumes. The virus doesn?t show it?s presence in any way, and does not use email for spreading.
Versions A and B are mostly the same, while version C uses a somewhat tricky method of encrypting the original PE file?s entry point. Infected files have the last section?s name consisting of 3 randomly chosed letters followed by a non-printable character.
If in your exe files the last section name is .jbd or .xgt or something like that, then it?s probably a file infected with Parite.
The virus does not damage the file it infects.