DR&ET stays resident in memory and infects COM and EXE files when they are accessed.
DR&ET will occasionally overwrite part of the hard drive on the 13th of any month.
DR&ET contains the following encrypted text, which is never displayed:
(c) 23.5.3945 / DR & ETASCECLHVSPF-ACPRVINWI".
Once detected, the F-Secure security product will automatically disinfect the suspect file by either deleting it or renaming it.
Detailed instructions for F-Secure security products are available in the documentation found in the Downloads section of our Home - Global site.
You may also refer to the Knowledge Base on the F-Secure Community site for further assistance.
Description Created: Mikko Hypponen, F-Secure