Malware

How to remove “Doina.11044 (B)”?

Malware Removal

The Doina.11044 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Doina.11044 (B) virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify proxy settings
  • Uses suspicious command line tools or Windows utilities

How to determine Doina.11044 (B)?



File Info:

name: 2F7D06B997202BE80754.mlw
path: /opt/CAPEv2/storage/binaries/b3a8efb23422e2a50ba316ba4d78389e8fbf2b35b7412cb86d8b99a6a72a2d14
crc32: B7BD396C
md5: 2f7d06b997202be8075468bb57b5ace4
sha1: 16451935c1c7cf9ff5d039b998b17d77d12209b0
sha256: b3a8efb23422e2a50ba316ba4d78389e8fbf2b35b7412cb86d8b99a6a72a2d14
sha512: d4b9413ce85b8fc5e2ae578f28fda89e0ba1b7525639242349f7b2b1a6a4fd21f621710e816008cc9b06dbd9e863cf1bf1f8b09d444fdfe5b37f8da317542a54
ssdeep: 12288:25CL6D5pqNW/i+1ZC58J5HXMsS1KDvlgWbF/zQGEMRj1XLOMylbwjJE:28c5YNei+1ZC58vH8sSMv+WFzQa1bdFE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T145F423156362C5B9F05629746276EA31CA9E25700BBE90F3EFC30CA9687C0D2B775B13
sha3_384: c325381b9407b22fe35b338fc68f8d93c450e1723c117b71d5d2fa4635e74afbe3aa4e243f837767c3157f0a25192be9
ep_bytes: 558bec81ec20020000688a7f00006800
timestamp: 2010-07-18 00:22:09


Version Info:

0: [No Data]

Doina.11044 (B) also known as:

BkavW32.AIDetect.malware1
MicroWorld-eScanGen:Variant.Doina.11044
ClamAVWin.Trojan.Agent2-2210
FireEyeGeneric.mg.2f7d06b997202be8
CAT-QuickHealTrojan.Small.BP
McAfeeDownloader-BVN.b
CylanceUnsafe
VIPREGen:Variant.Doina.11044
SangforVirus_Suspicious.Win32.Sality.bh
K7AntiVirusTrojan-Downloader ( 0017bc961 )
K7GWTrojan-Downloader ( 0017bc961 )
Cybereasonmalicious.997202
BaiduWin32.Backdoor.Agent.n
CyrenW32/Agent.HV.gen!Eldorado
SymantecTrojan Horse
Elasticmalicious (high confidence)
ESET-NOD32multiple detections
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Agent.dcbd
BitDefenderGen:Variant.Doina.11044
NANO-AntivirusTrojan.Win32.Agent.bpjxm
AvastWin32:Geral [Trj]
RisingWorm.Citeary!1.D880 (CLASSIC)
Ad-AwareGen:Variant.Doina.11044
SophosML/PE-A
ComodoTrojWare.Win32.PSW.GamePass.B@2mkvnt
DrWebTrojan.MulDrop4.47359
ZillyaDownloader.Agent.Win32.78496
TrendMicroTROJ_FAKEAV.SMB1
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.bc
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Doina.11044 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Doina.11044
JiangminTrojanDownloader.Agent.cfpn
AviraWORM/Citeary.dou
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASBOL.AE0
MicrosoftWorm:Win32/Citeary.E
GoogleDetected
AhnLab-V3Trojan/Win32.Agent.R125686
ALYacGen:Variant.Doina.11044
TACHYONTrojan-Dropper/W32.Agent.761856.AJ
VBA32BScope.Trojan.Agent
MalwarebytesTrojan.KillAV
TrendMicro-HouseCallTROJ_FAKEAV.SMB1
TencentTrojan-Dropper.Win32.Agent.zbf
YandexTrojan.GenAsa!JtW9G6xrVn8
IkarusWorm.Win32.Citeary
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Agent.QFO!tr
BitDefenderThetaAI:Packer.7CA3F33D1E
AVGWin32:Geral [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Doina.11044 (B)?

Doina.11044 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment