MyDoom belongs to the infamous malware category of Trojan horse viruses. MyDoom is highly dangerous and must be treated with the utmost caution when attempting its removal.
If you have detected MyDoom in your system, it is important that you make sure to remove it as soon as possible. There is no way of knowing for sure at this point what exactly this malicious variant may have been up to on your machine. But one thing is for sure and that is that the longer it stays on your PC, the more damage it can result in for you and your computer.
Trojan horse viruses like MyDoom and Trojan Win32/Casdet rfn are easily the most flexible and versatile malware type of them all as far as their functionality goes. A variant of this kind can be programmed to accomplish a vast variety of different tasks, some of which we will aim to cover within this short post. But the takeaway from this is that this very quality of Trojan horses makes them among the most harmful and dangerous pieces of malicious code you will likely ever come across. Coupled with the fact that most Trojan horse infections run completely symptomless, and you’ve got yourself the perfect recipe for disaster.
This is why Trojans are without doubt the most favorable tool for hackers to work with. And it’s certainly also no coincidence that Trojans like MyDoom are responsible for anywhere between 75% and 90% of all malware attacks that occur on the internet. With this in mind, after you’re done reading here, we would recommend taking action towards removing MyDoom from your computer as soon as possible. Below we have put together a detailed, step-by-step guide that can aid you in this process. And if you’d rather have it handled automatically, then we have a professional malware removal tool available on this page, as well.
What to expect from MyDoom
We won’t cover all of the possible usages of MyDoom , because there’s simply too many of them. But we can list some of the most common ones, so you have at least a rough idea of what you might be faced with at this time.
Trojans have increasingly been used to mine cryptocurrencies on victim users’ computers, which are then sent to the hackers behind the virus. Alternatively, a Trojan like this may also make your computer send out spam or infect other computers with malware. Speaking of which, variants like MyDoom , IBuddy, Idle Buddy can also be used to let in other types of malware into the infected system, usually ransomware.
Other possibilities include data theft for purposes of fraud, identity misuse, blackmail, etc. There are a variety of techniques that the Trojan may employ in order to obtain your sensitive information, too. Like, for example, it may log your keystrokes or straight up hijack your whole traffic and have it pass through the hackers’ servers. That way everything you do on the internet will be known to them and they may do with that information as they please.
Remove MyDoom Virus
If you are looking for a way to uninstall MyDoom you can try this:
- Click on the Start button in the bottom left corner of your Windows OS.
- Go to Control Panel -> Programs and Features -> Uninstall a Program.
- Search for MyDoom and any other unfamiliar programs.
- Uninstall MyDoom as well as other suspicious programs.
Note that this might not get rid of MyDoom completely. For more detailed removal instructions follow the guide below.
If you have a Windows virus, continue with the guide below.
If you have a Mac virus, please use our How to remove Ads on Mac guide.
If you have an Android virus, please use our Android Malware Removal guide.
If you have an iPhone virus, please use our iPhone Virus Removal guide
Some of the steps will likely require you to exit the page. Bookmark it for later reference.
Reboot in Safe Mode (use this guide if you don’t know how to do it).
WARNING! READ CAREFULLY BEFORE PROCEEDING!
Press CTRL + SHIFT + ESC at the same time and go to the Processes Tab. Try to determine which processes are dangerous.
Right click on each of them and select Open File Location. Then scan the files with our free online virus scanner:
After you open their folder, end the processes that are infected, then delete their folders.
Note: If you are sure something is part of the infection – delete it, even if the scanner doesn’t flag it. No anti-virus program can detect all infections.
Hold together the Start Key and R. Type appwiz.cpl –> OK.
You are now in the Control Panel. Look for suspicious entries. Uninstall it/them. If you see a screen like this when you click Uninstall, choose NO:
Type msconfig in the search field and hit enter. A window will pop-up:
Startup —> Uncheck entries that have “Unknown” as Manufacturer or otherwise look suspicious.
- Remember this step – if you have reason to believe a bigger threat (like ransomware) is on your PC, check everything here.
Hold the Start Key and R – copy + paste the following and click OK:
A new file will open. If you are hacked, there will be a bunch of other IPs connected to you at the bottom. Look at the image below:
If there are suspicious IPs below “Localhost” – write to us in the comments.
Type Regedit in the windows search field and press Enter.
Once inside, press CTRL and F together and type the virus’s Name. Right click and delete any entries you find with a similar name. If they don’t show up this way, go manually to these directories and delete/uninstall them:
- HKEY_CURRENT_USER—-Software—–Random Directory. It could be any one of them – ask us if you can’t discern which ones are malicious.
HKEY_CURRENT_USER—-Software—Microsoft—Internet Explorer—-Main—- Random
If the guide doesn’t help, download the anti-virus program we recommended or try our free online virus scanner. Also, you can always ask us in the comments for help!