- February 7, 2001
- February 13, 2007 11:53:30 AM
- Worm, Macro
To recover from this infection you need to:
- Edit the registry \Run key to remove the values that refer to littledavinia.
- Scan for viruses and delete infected files.
- Replace overwritten files.
See the following sections for detailed instructions.
To edit the registry:
: We strongly recommend that you back up the system registry before making any changes. Incorrect changes to the registry could result in permanent data loss or corrupted files. Please make sure you modify only the keys specified. Please see the document How to back up the Windows registry
To scan for viruses and delete infected files:
- Click Start, and click Run. The Run dialog box appears.
- Type regedit and then click OK. The Registry Editor opens.
- Navigate to the following subkey:
- In the right pane, look for the following values:
- Select one, press Delete, and then click Yes to confirm. Repeat for the other one.
- Click Registry, and click Exit to save the changes and close the Registry Editor.
To replace overwritten files:
- Start Norton AntiVirus (NAV), and make sure that it is set to scan all files.
- Run a full system scan.
- Delete any files that are detected as infected with Davinia.B.
Files that have been overwritten must be restored from backup, or in the case of program files, reinstalled. If Norton Utilities is installed and the Norton Protected Recycle Bin is enabled, you may be able to recover files using the restore function.
Note: On May 14, 2015, modifications will be made to the threat write-ups to streamline the content. The Threat Assessment section will no longer be published as this section is no longer relevant to today's threat landscape. The Risk Level will continue to be the main threat risk assessment indicator.
Writeup By: Douglas Knowles