Eng
  1. Skip to navigation
  2. Skip to content
  3. Skip to sidebar


Dinamo


Aliases:


Dinamo

Malware

W32

Summary

Dinamo is yet another Russian boot sector virus. It has been found in the wild in Europe and Asia. Reports of Dinamo have been received from Hong Kong, China, Denmark and Finland. The virus infects MBRs and diskette boot records in the normal manner. Dinamo is not a stealth virus.

The virus gives the only visible sign of its presence if it encounters an error while reading the boot sector. Then it will display the following text and beep the speaker three times:

Dinamo(Kiev)-champion !!!

This text is encrypted with a XOR BDh operation, but the virus is not otherwise encrypted.

Virus will preserve the original partition table in it's correct form, so it can be disinfected with FDISK /MBR on hard disks. SYS works for floppies.



Disinfection & Removal

Automatic Disinfection

Allow F-Secure Anti-Virus to disinfect the relevant files.

For more general information on disinfection, please see Removal Instructions.







Description Created: Mikko Hypponen, F-Secure



Submit a sample




Wondering if a file or URL is malicious? Submit a sample to our Lab for analysis via the Sample Analysis System (SAS)

Give And Get Advice




Give advice. Get advice. Share the knowledge on our free discussion forum.