Click on screenshot to zoom
Danger level 7
Type: Trojans
Common infection symptoms:
  • Changes background
  • Connects to the internet without permission
  • Installs itself without permissions
  • Shows commercial adverts
  • Slow Computer
  • Slow internet connection

DDoS:Win32/Dofoil.A

Another malicious Trojan has been detected, and it is called DDoS:Win32/Dofoil.A. This highly secretive and destructive program is now known to have infiltrated thousands of computers, and the main invasion way is none other but spam emails! DDoS:Win32/Dofoil.A’s creators have cleverly decided to send spam emails, using the very well know American Airlines name, tricking incautious Windows users with the following message:

Hello
FLIGHT NUMBER A924
ELECTRONIC 240193019
DATE & TIME / JANUARY 19, 2012, 12:52 AM
ARRIVING / Washington
TOTAL PRICE / 243.25 USD
Your bought ticket is attached to the letter as a scan document.
You can print your ticket.
Thank you
American Airlines

Once you open up a zip file attached, DDoS:Win32/Dofoil.A is allowed into your system, and your computer’s security is at high risk! So, if you have opened such or similar email attachments, your system is running much slower than usual and access to Task Manager or registry Editor seems to be removed, DDoS:Win32/Dofoil.A is definitely inside, and you should not hesitate to delete this treacherous infection.

DDoS:Win32/Dofoil.A, also known by various alias names, like Trojan.Win32.Diple!IK or Win32:Malware-gen, is managed through remote servers and has the ability to perform DDoS (distributed denial of service) attacks, used to spread the infection to additional computers. DDoS:Win32/Dofoil.A Trojan is built of various files, with randomly generated file names (e.g. 2EC795.exe, 9A9D63.exe, AA3DA6.exe) and smss.exe, which is responsible for all your system’s issues! Smss.exe can remove your privileges to control system’s processes via Registry Editor and Task Manager tools. This executable can also add and delete products in your Registry, modify file protection system’s services, record data from autoexec.bat file, connect to the Internet, use your email accounts to spread the infection, and redirect your searches to different web sites. This DDoS:Win32/Dofoil.A executable is also responsible for tampering with your system’s security tool Firewall.

It will not be easy to detect and remove DDoS:Win32/Dofoil.A from your system, because of removed privileges to Windows tools and inexistence of malware’s interface. However, you can trust legal security applications to delete the Trojan for you. Simply be aware that outdated security tools will not have enough information to recognize and delete DDoS:Win32/Dofoil.A; therefore, you should only install up-to-date software!

Download Spyware Removal Tool to Remove* DDoS:Win32/Dofoil.A
  • Quick & tested solution for DDoS:Win32/Dofoil.A removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove DDoS:Win32/Dofoil.A

Files associated with DDoS:Win32/Dofoil.A infection:

msmsgs.exe
90434F.exe
Nobetci.exe
503186.exe
TOTALCMD.EXE
2EC795.exe
302F8D.exe
6BE020.exe
E3BB7F.exe
9CB732.exe
503186.exe
AA3DA6.exe
2EC795.exe
90434F.exe
16F747.exe
9A9D63.exe
smss.exe
mini-KMS_Activator_v1.2_Office2010_VL_ENG.exe
AA3DA6.exe
WirelessNetView.exe
eCalendar.exe
oskb.exe
9CB732.exe
61B329.exe
16F747.exe
E602DF.exe
smss.exe
d05b45.exe
NetMailTmp.bin
E6CB3B.exe
TeamViewer.exe
9A9D63.exe

DDoS:Win32/Dofoil.A processes to kill:

9CB732.exe
WirelessNetView.exe
E602DF.exe
msmsgs.exe
smss.exe
AA3DA6.exe
Nobetci.exe
E6CB3B.exe
E3BB7F.exe
mini-KMS_Activator_v1.2_Office2010_VL_ENG.exe
9A9D63.exe
TeamViewer.exe
oskb.exe
2EC795.exe
503186.exe
6BE020.exe
16F747.exe
90434F.exe
61B329.exe
302F8D.exe
d05b45.exe
9CB732.exe
503186.exe
AA3DA6.exe
2EC795.exe
90434F.exe
16F747.exe
9A9D63.exe
smss.exe
eCalendar.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.