Instructions to Effectively Remove W32.Mydoom.E

One of my friends' computer was infected by W32.Mydoom.E yesterday. He complained that the infection had greatly decreased his computer performance and further affected his work efficiency. "Why you just run your antivirus program to remove the Trojan horse immediately?" I asked him. "It didn't help." He said sadly. So, why doesn't an antivirus program help to remove the threat? I looked up information about W32.Mydoom.E on the Internet and know why. This Trojan horse is crafted with rootkit technique and is not easy to be detected and removed by a common antivirus program. The followings contain some details about this threat, the guide to clean it up and tips to avoid it.

Know about W32.Mydoom.E

W32.Mydoom.E virus is nasty and dangerous Trojan horse to infect windows computer. Once it gets on targeted computer, it will definitely do evil activities to create numerous harmful changes and system errors. It roots into system to corrupt and disable key system file, process, registry and start-up item even replace or delete directly these crucial stuff things. So the system will get many infected .exe files like dllhose.exe running and taking up massive CPU, and those .exe files cannot be removed. However, due to the dllhose.exe, your computer will slow down soon. W32.Mydoom.E Trojan is very aggressive and infectious, because it may have the ability to change, replace antivirus' key running files or even disable your security tool and impersonate itself to be the antivirus you use usually. It can also delete files or compromise any programs running on the infected computer, thus you even cannot find the files, folders or programs in the original place. Desktop of the infected computer may be flood with many strange shortcuts which even cannot be deleted. Background of the desktop, icons or any other setting may be changed. This W32.Mydoom.E virus takes up all rest system capacity and Internet resource. So once you open many programs at the same time, computer will get stuck and even crashes down soon. And the web browser is running very slow. To avoid more damages in system, you're strongly suggested to remove W32.Mydoom.E virus as soon as you find it on computer.

Some Issues from W32.Mydoom.E

Once activated on your computers, W32.Mydoom.E will insert its malicious codes deep into the system, which makes it difficult for your antivirus program to detect and remove it. Also, it will try to delete some key files of the antivirus program or terminate its related process, so that it can perform a series of harmful activities in the infected system smoothly. Besides, this Trojan horse will add start-up entries to the Windows registry in order to run automatically whenever the system boots up. When running in the background of the system, this Trojan horse will do lots of harmful things, such as deleting important system files, arbitrarily modifying all types of settings, downloading many malicious files and malware to the infected computer, and even installing key logger to record what you type on the keyboard.

HOW DOES W32.Mydoom.E VIRUS GET INSIDE THE SYSTEM?

W32.Mydoom.E virus is created by those remote hackers who want to spread that virus to targeted computer and then get into victims' computer to steal victims' personal data for illegal profits. Therefore, in order to let this virus get into more computer, the hackers will keep adding this virus into malicious site which is also easily controlled by them, or inserting the virus into shareware or free software from unlicensed resources, or bundling the virus into those spam email attachment to lure people to open and so on. So if you accidentally visit those malicious sites, you are strongly suggested to close it at once, as this W32.Mydoom.E virus may drop on your computer immediately you open the site. Besides, you are advised to download software or program from legitimate and safe sites and to select advanced installation to download and install the software you need. So you can know clear what apps will be installed simultaneously into computer, and if that app is unwanted even malicious, please block it at once. In a word, if you surf on the Internet, please pay attention to what you do online carefully. Don't click on anything suspicious.

Tips: To effectively delete the Trojan horse from your PC, you need to have experience of dealing with processes, files, and registry entries. Namely, it requires you to have high level of troubleshooting skills to remove the Trojan horse. However, not everyone is a computer geek. This is why some malware removal tools are created. To ensure a complete and safe removal of W32.Mydoom.E, novice computer users need to resort to a reliable removal tool.

Steps to Manually Remove W32.Mydoom.E

Step 1: If you computer is on now, you should reboot it and tap the key F8 constantly until the Windows Advanced Options Menu comes up. Then use the up and down arrow keys to highlight "Safe Mode with Networking" and press Enter to proceed.

Step 2: Press CTRL+ALT+DEL at the same time to open the Windows Task Manager. Go to "Processes" and find out the processes of W32.Mydoom.E and stop them from running in the background.

Step 3: Open Folder Options by clicking the Start button > Control Panel > Folder Options. Click the View tab. Under Advanced settings, tick "Show hidden files and folders", uncheck "Hide protected operating system files (Recommended)" and then click OK. This will show all hidden files and folders.

Step 4: Open My Computer and go to the local hard disk C. Find out and remove the following malicious files.

%windir%\System32\.

%AllUsersProfile%\[random symbols]\*.lnk

C:\WINDOWS\System32\Drivers\[random name].sys

Step 5: Click Start and then Run. When the dialog box shows up, you should type "regedit" in it. Then press Enter to open the Registry Editor. Eliminate all the related registry entries from your registry.

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\[random symbols]

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\[random]

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\DisallowRun

HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run Regedit32

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\Current\Winlogon\"Shell" = "[random].exe"

Warm Adivce

W32.Mydoom.E has been a big headache to many PC users worldwide. This Trojan horse will take every chance to slip into the targeted computers. For example, it will pretend to be an interesting application and mislead users into downloading and installing it on their machines. Once installed on your PC, this Trojan horse will start doing many malicious things, causing various problems such as system crash, PC performance degradation, slowdown in network speed, annoying pop-ups, and even identify theft. To fix the problems, you have to quickly get rid of this nasty Trojan horse. Above you have introduced two ways to deal with this threat and you can choose one of them according to your own situation.