MSIL/Adware.Dotdo.DJ removal tips

The MSIL/Adware.Dotdo.DJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Adware.Dotdo.DJ virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/Adware.Dotdo.DJ?


File Info:
name: B203C951D22C8ECB950C.mlw
path: /opt/CAPEv2/storage/binaries/09306e0b64b0c495e00a729942ea217d856b841a36d7e6511646d6582bbc269f
crc32: 4E381211
md5: b203c951d22c8ecb950c16a1f59daa61
sha1: 8997fe295349ab5ea1f74e2e94d58a7ffb6f5f03
sha256: 09306e0b64b0c495e00a729942ea217d856b841a36d7e6511646d6582bbc269f
sha512: 106ed6a91d285a5975ed045c00c8dddc484980bd80b0bdd78d6aa020cd2a835b2cda50b1bfc80a7caeb3e2d456ff4a56d87292c27e78ba3edcb6b2b1f575a8fc
ssdeep: 384:fcKrStNxET5aZXEo+HqFIsMIpLdDpTrrrrrrrrr/pzpbl6UN6GvYkx2AU61PdgN3:UeSXCTwEo4szNdD/tx6UkDkxVUvNP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FF0391046E68451BC9626A74CCB6DA782A33BF844B5ECB4B72C3771F29367440B0F693
sha3_384: 79a0d252eaa0f7b53d10634a4657b58e42294a1a7e75bdc252ee14dc29ecd9545cea5085440178d4fd230b60f04df2dd
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-02-17 21:52:09

Version Info:
Translation: 0x0000 0x04b0
CompanyName: quickness
FileDescription: quickness
FileVersion: 5.6.8.195
InternalName: fielders.exe
LegalCopyright:  
OriginalFilename: fielders.exe
ProductName: quickness
ProductVersion: 5.6.8.195
Assembly Version: 5.6.8.195

MSIL/Adware.Dotdo.DJ also known as:

Bkav	W32.AIDetectMalware.CS
MicroWorld-eScan	IL:Trojan.MSILZilla.4883
Skyhigh	PUP-XGS-GR
McAfee	PUP-XGS-GR
Malwarebytes	Generic.Malware/Suspicious
Zillya	Adware.Dotdo.Win32.14775
Sangfor	PUP.Win32.Dotdo.DJ
CrowdStrike	win/grayware_confidence_100% (W)
Alibaba	AdWare:MSIL/Dotdo.d370f824
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Adware.Dotdo.DJ
APEX	Malicious
Kaspersky	not-a-virus:HEUR:AdWare.MSIL.Dotdo.gen
BitDefender	IL:Trojan.MSILZilla.4883
NANO-Antivirus	Riskware.Win32.Dotdo.ezbzeg
Avast	Win32:Adware-gen [Adw]
Tencent	Msil.AdWare.Dotdo.Tzfl
Emsisoft	IL:Trojan.MSILZilla.4883 (B)
F-Secure	Heuristic.HEUR/AGEN.1312860
VIPRE	IL:Trojan.MSILZilla.4883
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.b203c951d22c8ecb
Sophos	Generic Reputation PUA (PUA)
SentinelOne	Static AI – Malicious PE
MAX	malware (ai score=99)
Google	Detected
Avira	HEUR/AGEN.1312860
Kingsoft	malware.kb.c.950
Microsoft	PUA:Win32/Presenoker
Xcitium	ApplicUnwnt@#1ej9fiww74hs1
Arcabit	IL:Trojan.MSILZilla.D1313
ViRobot	Adware.Dotdo.37888.E
ZoneAlarm	not-a-virus:HEUR:AdWare.MSIL.Dotdo.gen
GData	IL:Trojan.MSILZilla.4883
ALYac	IL:Trojan.MSILZilla.4883
Cylance	unsafe
Panda	Trj/GdSda.A
Rising	Trojan.Bitrep!8.F596 (CLOUD)
Yandex	PUA.Dotdo!1OzQtYzZSbk
Ikarus	AdWare.MSIL.Dotdo
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Dotdo.DJ
AVG	Win32:Adware-gen [Adw]
DeepInstinct	MALICIOUS

How to remove MSIL/Adware.Dotdo.DJ?

MSIL/Adware.Dotdo.DJ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X