Know Your Malware: Dinoxi Removal

Dinoxi, also known as Dioxin, is a dangerous worm that spreads through instant messages using the AOL Instant Messenger program. It sends messages containing a certain text and malicious links pointing to infected files to all the users on the AIM contact list. Once a victim clicks on such link, the worm installs itself to the system and displays a message containing swear-words. Then Dinoxi initiates a spreading routine and runs a payload.

The worm opens a back door providing the attacker with unauthorized remote access to a compromised computer. The intruder can control the entire system and steal user sensitive information. Dinoxi also disables essential system tools including the Task Manager, the Registry Editor and the Device Manager, cripples the DOS subsystem, modifies Windows Explorer settings, changes the mouse, display and time format settings. Moreover, the parasite hides everything on the desktop and changes the Internet Explorer default home page. It may also install a recent variant of itself. Dinoxi automatically runs on every Windows startup.

Related files: dioxin.exe, o.exe, windio778.exe

Dinoxi properties:
Allows remote user connection
Changes browser settings
Connects itself to the internet
Hides from the user
Stays resident in background Remove Dinoxi, removal instructions

Linked by shanmuga Monday, 12th December 2005 9:53PM