Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Mydoom.M
Threat Level Damage Distribution

Is my computer infected by Mydoom.M?

First of all, check if you have received an e-mail message with the characteristics described in the section Means of transmission.

In order to make absolutely sure that Mydoom.M has not affected your computer, you have the following options:

1. Carry out a full scan of your computer using Panda Antivirus, after checking that it is updated. If it isn't and you are a registered Panda Security client, update it by clicking here.
2. Check the computer with Panda ActiveScan, Panda Security's free, online scanner, which will quickly detect any possible viruses.

How to remove Mydoom.M? 

Above all, if you have received a message with any of the characteristics described in the section Means of transmission, do not run the attached file and delete the message, making sure that you also delete it from the Deleted Items folder.

If Panda Antivirus or Panda ActiveScan detects Mydoom.M during the scan, it will automatically offer you the option of deleting it. Do this by following the program's instructions.

Finally, restore the original configuration of your computer by following the instructions below:

• Delete the entries that Mydoom.M has created in the Windows Registry:
  
  HKEY_LOCAL_MACHINE\ Software\ Microsoft\ Windows\ CurrentVersion\ Run
  Traybar = %windir%\ lsass.exe
  where %windir% is the Windows directory.
  
  HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ Run
  Traybar = %windir%\ lsass.exe
  
  HKEY_CURRENT_USER\ Software\ Microsoft\ Windows\ CurrentVersion\ POSIX
  
  HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows\ CurrentVersion\ POSIX
• Restart the computer.
• In order to make sure that Mydoom.M is completely eliminated from your computer, carry out a full scan of your computer using Panda Antivirus or Panda ActiveScan.

Additional notes:

• For instructions on how to modify the Windows Registry, click here.
• After deleting this malware by following the specified steps, if your computer runs Windows Millennium, click here to find out how to eliminate it from the _Restore folder.
• After deleting this malware by following the specified steps, if your computer runs Windows XP, click here to find out how to eliminate it from the _Restore folder.

How can I protect my computer from Mydoom.M? 

In order to keep your computer protected, bear the following tips in mind:

• If you have filtering tools installed, configure them to reject messages with the characteristics described in the section Means of transmission. If, in spite of doing this, you receive the message that contains the virus: do not open it, do not run the attached file and delete it, making sure that you also delete it from the Deleted Items folder.
• Be particularly careful with the files you receive through P2P file sharing programs. Do not open them without first checking that they are virus-free.
• Install a good antivirus in your computer. Click here to get the Panda antivirus solution that best suits your needs.
• Keep your antivirus updated. If automatic updates are available, configure your antivirus to use them.
• Keep your permanent antivirus protection enabled at all times.
• Bear in mind that this worm can reach the computer in a file with a CMD extension. Check that these files are included in the list of extensions that your Panda product scans.

For more detailed information about how to protect your computer against viruses and other threats, click here.