Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Changes background
  • Connects to the internet without permission
  • Installs itself without permissions
  • Shows commercial adverts
  • Slow Computer
  • Slow internet connection

DDoS:Win32/Dofoil.A

Another malicious Trojan has been detected, and it is called DDoS:Win32/Dofoil.A. This highly secretive and destructive program is now known to have infiltrated thousands of computers, and the main invasion way is none other but spam emails! DDoS:Win32/Dofoil.A’s creators have cleverly decided to send spam emails, using the very well know American Airlines name, tricking incautious Windows users with the following message:

Hello
FLIGHT NUMBER A924
ELECTRONIC 240193019
DATE & TIME / JANUARY 19, 2012, 12:52 AM
ARRIVING / Washington
TOTAL PRICE / 243.25 USD
Your bought ticket is attached to the letter as a scan document.
You can print your ticket.
Thank you
American Airlines

Once you open up a zip file attached, DDoS:Win32/Dofoil.A is allowed into your system, and your computer’s security is at high risk! So, if you have opened such or similar email attachments, your system is running much slower than usual and access to Task Manager or registry Editor seems to be removed, DDoS:Win32/Dofoil.A is definitely inside, and you should not hesitate to delete this treacherous infection.

DDoS:Win32/Dofoil.A, also known by various alias names, like Trojan.Win32.Diple!IK or Win32:Malware-gen, is managed through remote servers and has the ability to perform DDoS (distributed denial of service) attacks, used to spread the infection to additional computers. DDoS:Win32/Dofoil.A Trojan is built of various files, with randomly generated file names (e.g. 2EC795.exe, 9A9D63.exe, AA3DA6.exe) and smss.exe, which is responsible for all your system’s issues! Smss.exe can remove your privileges to control system’s processes via Registry Editor and Task Manager tools. This executable can also add and delete products in your Registry, modify file protection system’s services, record data from autoexec.bat file, connect to the Internet, use your email accounts to spread the infection, and redirect your searches to different web sites. This DDoS:Win32/Dofoil.A executable is also responsible for tampering with your system’s security tool Firewall.

It will not be easy to detect and remove DDoS:Win32/Dofoil.A from your system, because of removed privileges to Windows tools and inexistence of malware’s interface. However, you can trust legal security applications to delete the Trojan for you. Simply be aware that outdated security tools will not have enough information to recognize and delete DDoS:Win32/Dofoil.A; therefore, you should only install up-to-date software!

Download Spyware Removal Tool to Remove* DDoS:Win32/Dofoil.A
  • Quick & tested solution for DDoS:Win32/Dofoil.A removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove DDoS:Win32/Dofoil.A

Files associated with DDoS:Win32/Dofoil.A infection:

16F747.exe
eCalendar.exe
503186.exe
E602DF.exe
mini-KMS_Activator_v1.2_Office2010_VL_ENG.exe
9A9D63.exe
msmsgs.exe
NetMailTmp.bin
90434F.exe
61B329.exe
d05b45.exe
302F8D.exe
AA3DA6.exe
E3BB7F.exe
smss.exe
Nobetci.exe
TeamViewer.exe
WirelessNetView.exe
9CB732.exe
503186.exe
AA3DA6.exe
2EC795.exe
90434F.exe
16F747.exe
9A9D63.exe
smss.exe
E6CB3B.exe
9CB732.exe
oskb.exe
6BE020.exe
2EC795.exe
TOTALCMD.EXE

DDoS:Win32/Dofoil.A processes to kill:

E3BB7F.exe
oskb.exe
302F8D.exe
AA3DA6.exe
6BE020.exe
61B329.exe
WirelessNetView.exe
9CB732.exe
503186.exe
AA3DA6.exe
2EC795.exe
90434F.exe
16F747.exe
9A9D63.exe
smss.exe
smss.exe
mini-KMS_Activator_v1.2_Office2010_VL_ENG.exe
16F747.exe
E6CB3B.exe
9A9D63.exe
d05b45.exe
Nobetci.exe
503186.exe
TeamViewer.exe
eCalendar.exe
E602DF.exe
msmsgs.exe
90434F.exe
9CB732.exe
2EC795.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.