<% if Request.querystring("retry") = "member" or Request.cookies("logged") <> "" then %>

        <%= Request.cookies("logged")%> <%else Response.Redirect "../default.asp" end if %>

         
         

 

Virus Name Risk Assessment
Divvi.a Low
 
Discovery Date Min DAT
12/13/2007 5185
 
Type SubType
Virus Win32
 
Virus Characteristics
  • This parasitic file infector appends its code to the files with an extension ".exe" it finds in the current directory.
    However, it avoids infecting files in the folders with a name starting with "WI" and "wi".

    The malware is also able to spread using autorun techniques, by creating a copy of the infected file (driver_setup.exe) and an autorun.inf file in the root of removable drives (except floppy drives).

    Moreover, the virus checks the date and if the day number in month is equal to "82", it displays the following messagebox



    and attempts to launch a denial of service (DoS) attack against F-Secure.
    Obviously this last payload will not occur, given there are no more than 31 days in a month !
     

    		•
    Symptoms
    • Change in size of executable files.
    • Presence of driver_setup.exe in the root of removable drives.
    Method Of Infection
    W32/Divvi.a is a file infecting virus. Infection starts with manual execution of the binary.
    Removal Instructions
    Use specified engine and DAT files for detection and removal.

    Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

     

         1385 Shabakeh Gostar Eng

    		  

    |      كشخصات نیرنس ما    |     مشدار نیرنس جدید     |