Threat Description

Dinamo

Details

Category: Malware
Platform: W32
Aliases: Dinamo

Summary


Dinamo is yet another Russian boot sector virus. It has been found in the wild in Europe and Asia. Reports of Dinamo have been received from Hong Kong, China, Denmark and Finland. The virus infects MBRs and diskette boot records in the normal manner. Dinamo is not a stealth virus.

The virus gives the only visible sign of its presence if it encounters an error while reading the boot sector. Then it will display the following text and beep the speaker three times:

Dinamo(Kiev)-champion !!!  

This text is encrypted with a XOR BDh operation, but the virus is not otherwise encrypted.

Virus will preserve the original partition table in it's correct form, so it can be disinfected with FDISK /MBR on hard disks. SYS works for floppies.



Removal


Automatic action

Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.

More scanning & removal options

More information on scanning or removal options is available in the documentation for your F-Secure security product on the Downloads section of our Home - Global site.

You may also refer to the Knowledge Base on the F-Secure Community site for more information.

Contact Support

For further assistance, F-Secure customers can request support online via the Request support or the Chat forms on our Home - Global site.







Description Details: Mikko Hypponen, F-Secure


SUBMIT A SAMPLE

Suspect a file or URL was wrongly detected? Submit a sample to our Labs for analysis

Submit Now

Give And Get Advice

Give advice. Get advice. Share the knowledge on our free discussion forum.

Learn More