Overview
This tool helps to remove the Mydoom.A, Mydoom.B, Mydoom.E, Mydoom.F, Mydoom.G, Mydoom.J, Mydoom.L, Mydoom.O, Zindos.A, Doomjuice.A, and Doomjuice.B worms from infected systems. Once the tool has run—after the End-User License Agreement (EULA) is accepted—it automatically checks for infection and removes any of the targeted worms that are found. If a machine is infected with the Mydoom.B worm, the tool also provides the user with the default version of the hosts file and set the "read-only" attribute for that file. This action enables the user to visit previously-blocked Microsoft and antivirus Web sites.
After running, the tool displays a message describing the outcome of the detection and removal process. The tool can be safely deleted after it has run. Also, the tool creates a log file named doomcln.log in the %WINDIR%debug folder.
Download: Mydoom, Zindos, and Doomjuice Worm Removal Tool
View: More Information About This Download (KB836528)
This tool helps to remove the Mydoom.A, Mydoom.B, Mydoom.E, Mydoom.F, Mydoom.G, Mydoom.J, Mydoom.L, Mydoom.O, Zindos.A, Doomjuice.A, and Doomjuice.B worms from infected systems. Once the tool has run—after the End-User License Agreement (EULA) is accepted—it automatically checks for infection and removes any of the targeted worms that are found. If a machine is infected with the Mydoom.B worm, the tool also provides the user with the default version of the hosts file and set the "read-only" attribute for that file. This action enables the user to visit previously-blocked Microsoft and antivirus Web sites.
After running, the tool displays a message describing the outcome of the detection and removal process. The tool can be safely deleted after it has run. Also, the tool creates a log file named doomcln.log in the %WINDIR%debug folder.
Download: Mydoom, Zindos, and Doomjuice Worm Removal Tool View: More Information About This Download (KB836528)
This tool will not:
Detect or remove any viruses or worms other than Mydoom.A, Mydoom.B, Mydoom.E, Mydoom.F, Mydoom.G, Mydoom.J, Mydoom.L, Mydoom.O, Zindos.A, Doomjuice.A, and Doomjuice.B
Detect or remove future variants of Mydoom, Zindos, or Doomjuice
Prevent a machine from being re-infected with Mydoom if, for example, an infected e-mail attachment is re-executed
Detect or remove malware that exists on a system as a result of the backdoor component created by a Mydoom variant, besides Zindos.A, Doomjuice.A and Doomjuice.B
Delete any e-mail that contains a Mydoom variant
Run on any version of Windows NT 4.0
The user must be an administrator to run this tool.
Release History:
Version 1.0 - Released 2/5/04. Detected and removed Mydoom.A and Mydoom.B. Support for Windows XP and Windows 2000.
Version 2.0 - Released 2/9/04. Added detection/removal for Doomjuice.A and support for Windows 98, Windows ME, and Windows Server 2003.
Version 3.0 - Released 2/11/04. Added detection/removal for Doomjuice.B.
Version 4.0 - Released 7/29/04. Added detection/removal for Mydoom.E, Mydoom.F, Mydoom.G, Mydoom.J, Mydoom.L, Mydoom.O, and Zindos.A.
It is recommended that all users run the current version of the tool even if a previous version was used.
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.