Win32/Dofoil Description

Win32/Dofoil is a harmful Trojan infection that is generated to receive and follow instructions sent from a remote server. Win32/Dofoil will additionally download arbitrary files and execute them for a malicious purpose. Win32/Dofoil is closely connected to a fraudulent security application System Fix and other bogus defragmenters and optimizers. Win32/Dofoil is spread via spam emails that carry malicious attachments. Win32/Dofoil can drop other malware threats. Remove Win32/Dofoil as early as possible.

Type: Trojans

How Can You Detect Win32/Dofoil?

Win32/Dofoil Technical Report

As new Win32/Dofoil details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Win32/Dofoil:

The following fake error message(s) appears for Win32/Dofoil:

iTunes

From: account.sn.5890@itunes.apple.com
Subject: Your iTunes Gift Certificate

Hello,

You have received an Itunes Gift Certificate in the amount of $50
You can find your certificate code in attachment below.

Then you need to open iTunes. Once you verify your account, $50 will be credited to your account.
So you can start buying video, music, games right away.

iTunes Store.

Xerox

Subject: Fwd: Scan from a Xerox W. Pro #16389356

Please open the attached document. It was scanned and sent to you using a Xerox WorkCentre Pro.

Sent by: Guest
Number of Images: 4
Attachment File Type: ZIP [DOC]

WorkCentre Pro Location: machine location not set
Device Name: RXX135OO6MSX6732224

From: pay.damages@irs.gov
Subject: IRS Notification

Tax notice,

There are arrears reckoned on your account over a period of 2010-2011 year. You will find all calculations according to your financial debt, enclosed. You have to sick the debt by the 17 December 2011.

Sincerely,
IRS.

Win32/Dofoil Removal Details

Win32/Dofoil creates the following files in the system:

• New_Password_IN46537.zip
• Invoice_Copy.zip
• Facebook_Password.zip

Important Article Disclaimer