Divping

· Overview ·
· Origins ·
· Operation ·
· Detection and Removal ·
· Research ·

Overview

Summary:

 Performs ping floods. Installs Proc32.exe, NBIF32.exe, Wininet32.exe, or Procmon.exe to %SystemRoot% or typically C:\WINDOWS. Tries to connect to 205.188.147.54:HTTP. May add itself to HKLM/RUN as BNLITE and or USRpdA. Sometimes identified as Bionet.

Alias:

 Bionet

Category:

Flooder: A program that overloads a connection by any mechanism, such as fast pinging, causing a DoS attack.

Similar Pests:

 Flooder

Origins

Author:

 Prism,

Group:

 the BRiGADE

Date of Origin:

 October, 2003

Operation

Storage Required:
  • Divping: at least 9 KB
    		•

    Detection and Removal

    Automatic Removal:

    PestPatrol detects this.

    PestPatrol removes this.

    Manual Removal:

    		 Follow these steps to remove Divping from your machine. Begin by backing up your registry and your system, and/or setting a Restore Point, to prevent trouble if you make a mistake.
    Remove Files:

    Remove these files (if present) with Windows Explorer:

    Research

    File Analyses:

    More Info:
  • AllTheWeb, AltaVista, AOL Search, Ask Jeeves, Google, HotBot, Lycos, LookSmart, MSN, Yahoo!
    		•

    Research By:
  • PestPatrol's Pest Research Center
    		•

    Last Revised:

    		 October 30, 2004