Win32/Parrot.A

Win32/Parrot.A represents a combination of a satellite virus and a worm for IRC client mIRC.  When the virus is run it creates the file parrot.scr in the root directory of the disk C: and files msg.vbs, winstart.bat, parrot.scr, parrot.mp3 and hello.mp3 in the directory where the operating system Window is installed.  In the directory where the IRC client mIRC is installed, the virus creates the file script.ini.
When executed it plays the file parrot.mp3 and from the speakers the text: "Hi there, I'm Parrot, the talking virus, written by Gigabyte" is heard.  The file winstart.bat created by the virus causes the following text to be displayed  at each start of Windows:

You're infected with Parrot, the talking virus,
by Gigabyte/Metaphase

The virus creates the key in the system registry in HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\RunOnce with the value set to msg.vbs.  It creates another key in HKEY_LOCAL_MACHINE\Software\Microsoft\CurrentVersion\Run and sets its value to hello.mp3.
The abovementioned modifications in the system registry cause that at the first start after the infection the following window is displayed:

At the same time the text present in the window can be heard from the speakers.  Unlike the window, this text will be heard also at each following start of the Windows.
The virus attacks executable files by copying them into a file with the same name but with the extension .prt.  The virus substitutes the original file by its copy.  It is also able to spread through mIRC.  When an infected user joins an IRC channel the virus sends its copy to all users of that channel.

PROTECT YOUR COMPUTER!
ESETs NOD32 antivirus software provides comprehensive, easy-to-use, and affordable protection from todays and tomorrows threats. We put the malware expert inside the software, so you don’t have to become one.

DOWNLOAD ESET NOD32 ANTI VIRUS SOFTWARE