- Changes background
- Connects to the internet without permission
- Installs itself without permissions
- Shows commercial adverts
- Slow Computer
- Slow internet connection
Another malicious Trojan has been detected, and it is called DDoS:Win32/Dofoil.A. This highly secretive and destructive program is now known to have infiltrated thousands of computers, and the main invasion way is none other but spam emails! DDoS:Win32/Dofoil.A’s creators have cleverly decided to send spam emails, using the very well know American Airlines name, tricking incautious Windows users with the following message:
Once you open up a zip file attached, DDoS:Win32/Dofoil.A is allowed into your system, and your computer’s security is at high risk! So, if you have opened such or similar email attachments, your system is running much slower than usual and access to Task Manager or registry Editor seems to be removed, DDoS:Win32/Dofoil.A is definitely inside, and you should not hesitate to delete this treacherous infection.
DDoS:Win32/Dofoil.A, also known by various alias names, like Trojan.Win32.Diple!IK or Win32:Malware-gen, is managed through remote servers and has the ability to perform DDoS (distributed denial of service) attacks, used to spread the infection to additional computers. DDoS:Win32/Dofoil.A Trojan is built of various files, with randomly generated file names (e.g. 2EC795.exe, 9A9D63.exe, AA3DA6.exe) and smss.exe, which is responsible for all your system’s issues! Smss.exe can remove your privileges to control system’s processes via Registry Editor and Task Manager tools. This executable can also add and delete products in your Registry, modify file protection system’s services, record data from autoexec.bat file, connect to the Internet, use your email accounts to spread the infection, and redirect your searches to different web sites. This DDoS:Win32/Dofoil.A executable is also responsible for tampering with your system’s security tool Firewall.
It will not be easy to detect and remove DDoS:Win32/Dofoil.A from your system, because of removed privileges to Windows tools and inexistence of malware’s interface. However, you can trust legal security applications to delete the Trojan for you. Simply be aware that outdated security tools will not have enough information to recognize and delete DDoS:Win32/Dofoil.A; therefore, you should only install up-to-date software!