How to Detect & Remove W32.Mydoom.AX@mm
What's W32.Mydoom.AX@mm?
W32.Mydoom.AX@mm is a mass-mailing worm that may use its own SMTP engine to send emails to infect other computers. When W32.Mydoom.AX@mm infects your computer, it may gather email addresses from your Windows Address Book and email these people attachments infected with W32.Mydoom.AX@mm. Once your system is infected, W32.Mydoom.AX@mm may automatically download a trojan onto your PC.
W32.Mydoom.AX@mm’s file attachment may have an extension of .bat, .cmd, .com, .exe, .pif, .scr, or .zip, and the infected message may have one of the following subjects:
hi
error
status
test
report
delivery failed
Message could not be delivered
Mail System Error - Returned Mail
Delivery reports about your e-mail
Returned mail: see transcript for details
Returned mail: Data format error delivered.
The email’s content may be:
would like to {inform you{ that{:|,}|}|let you know {that|the following}{.|:|,}}|||||}
{We have {detected|found|received reports} that y|Y}our {e{-|}mail |}account {has been|was} used to send a {large|huge} amount of {{unsolicited{
commercial|}|junk} e{-|}mail|spam}{ messages|} during {this|the {last|recent}} week.
{We suspect that|Probably,|Most likely|Obviously,} your computer {had been|was} {compromised|infected{ by a recent v{iru}s|}} and now {run|contain}s a
{trojan{ed|}|hidden} proxy server.
{Please|We recommend {that you|you to}} follow {our |the |}instruction{s|} {in the {attachment|attached {text |}file} |}in order to keep your computer safe.
{{Virtually|Sincerely} yours|Best {wishe|regard}s|Have a nice day},
{[recipient's email domain] {user |technical |}support team.|The [recipient's email domain] {support |}team.}
{The|This|Your} message was{ undeliverable| not delivered} due to the following reason{(s)|}:
Your message {was not|could not be} delivered because the destination {computer|server} was
{not |un}reachable within the allowed queue period. The amount of time
a message is queued before it is returned depends on local configura-
tion parameters.
Most likely there is a network problem that prevented delivery, but
it is also possible that the computer is turned off, or does not
have a mail system running right now.
Your message {was not|could not be} delivered within [random number] days:
{{{Mail s|S}erver}|Host} [host used to send the email]} is not responding.
The following recipients {did|could} not receive this message:
[[recipient's email address]]
Please reply to postmaster@{[sender's email domain]|[recipient's email domain]}
if you feel this message to be in error.
The original message was received at [current time]{
| }from {[sender's email domain] ]|{[host used to send the email]]|]}}
—– The following addresses had permanent fatal errors —–
{[[recipient's email address]]|[recipient's email address]}
{—– Transcript of {the ||}session follows —–
… while talking to {host |{mail |}server ||||}{[recipient's email domain].|[host used to send the email]]}:
{]]] MAIL F{rom|ROM}:[From address of mail]
[[[ 50$d {[From address of mail]… |}{Refused|{Access d|D}enied|{User|Domain|Address} {unknown|blacklisted}}|554 [[recipient's email address]]… {Mail quota
exceeded|Message is too
large}
554 [[recipient's email address]]… Service unavailable|550 5.1.2 [[recipient's email address]]… Host unknown (Name server: host not found)|554 {5.0.0
|}Service unavailable; ] blocked using {relays.osirusoft.com|bl.spamcop.net}{, reason: Blocked|}
Session aborted{, reason: lost connection|}|]]] RCPT To:[[recipient's email address]]
[[[ 550 {MAILBOX NOT FOUND|5.1.1 [[recipient's email address]]… {User unknown|Invalid recipient|Not known here}}|]]] DATA
{[[[ 400-aturner; %MAIL-E-OPENOUT, error opening !AS as output
|}{[[[ 400-aturner; -RMS-E-CRE, ACP file create failed
|}{[[[ 400-aturner; -SYSTEM-F-EXDISKQUOTA, disk quota exceeded
|}[[[ 400}|}
The original message was included as an attachment.
{{The|Your} m|M}essage could not be delivered
Do I Have W32.Mydoom.AX@mm?
You can search your computer manually, but it might take hours to find W32.Mydoom.AX@mm's hidden files. To save time, I recommend you automatically scan your PC for W32.Mydoom.AX@mm and other spyware. Why not? It's free.
Free W32.Mydoom.AX@mm Scan, with SpyHunter
You can easily detect W32.Mydoom.AX@mm with SpyHunter's FREE spyware scanner. And if you're really infected with W32.Mydoom.AX@mm, you can buy the full version of SpyHunter to remove W32.Mydoom.AX@mm and other spyware. Or you can use my instructions below and remove W32.Mydoom.AX@mm for free.
I'm a big fan of SpyHunter. Here's why: SpyHunter offers live support on the phone, and if SpyHunter doesn't automatically remove W32.Mydoom.AX@mm, you can get a custom fix for your computer.
How to Remove W32.Mydoom.AX@mm
Your best protection against W32.Mydoom.AX@mm is to remove W32.Mydoom.AX@mm processes, registry keys, DLLs, and other files ASAP.
Get Rid of W32.Mydoom.AX@mm Manually
Manual removal of any spyware can be difficult. When you manually remove W32.Mydoom.AX@mm, you have to fiddle with your registry and risk destroying your PC. It's highly recommended you use an automatic spyware scanner to make sure you're infected with W32.Mydoom.AX@mm. Also, I recommend you backup your system any time before editing your registry.
To remove W32.Mydoom.AX@mm manually, you need to delete W32.Mydoom.AX@mm files. Not sure how to delete W32.Mydoom.AX@mm files? Click here, and I'll tell you. Otherwise, go ahead and...
Remove W32.Mydoom.AX@mm processes:
# %Windir%\services.exe
Unregister W32.Mydoom.AX@mm registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Daemon
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Daemon
Delete W32.Mydoom.AX@mm DLLs:
Stop W32.Mydoom.AX@mm files:
askmon.exe
Note: In any files I mention above, "%System%" is a variable referring to your PC's System folder. Maybe you renamed it, but by default your System folder is "C:\Windows\System32" on Windows XP, "C:\Winnt\System32" on Windows NT/2000," or "C:\Windows\System" on Windows 95/98/Me.
"%Program_Files%", "%ProgramFiles%", or "%Profile%" is a variable referring to a folder in your PC where applications that aren't a part of your PC's operating system are installed by default. You may have changed this folder's name or moved it, but if you didn't touch it, find the folder as "C:\Program Files". If you're having trouble finding this folder, you can locate it by looking up registry value "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir".
Also, "%UserProfile%" is a variable referring to your current user's profile folder. If you're using Windows NT/2000/XP, by default this is "C:\Documents and Settings\[CURRENT USER]” (e.g., “C:\Documents and Settings\JoeSmith”).
W32.Mydoom.AX@mm changed your homepage?
Click Windows Start menu > Control Panel > Internet Options. Next, under Home Page, select the General > Use Default. Type in the URL you want as your home page (e.g., “http://www.homepage.com”). Then select Apply > OK. You’ll want to open a fresh web page and make sure that your new default home page pops up.
Recommendation:
To save time and avoid risking destroying your computer, I highly recommend you use a spyware scanner, such as SpyHunter, to detect W32.Mydoom.AX@mm and other spyware, adware, trojans, viruses, keyloggers, and more that can be hidden in your PC. It’s also recommended before you manually remove W32.Mydoom.AX@mm you backup your system.
Free W32.Mydoom.AX@mm Scan, with SpyHunter
Automatically detect W32.Mydoom.AX@mm and other spyware on your PC with SpyHunter’s FREE spyware scan.
How Do I Remove W32.Mydoom.AX@mm Files?
Need help figuring out how to delete files, DLLs, and registry keys? While there’s some risk involved, and you should only manually remove W32.Mydoom.AX@mm files if you’re comfortable and confident editing your system, you’ll find it’s fairly easy to delete W32.Mydoom.AX@mm files in Windows.
How to delete W32.Mydoom.AX@mm files in Windows XP and Vista:
- Click your Windows Start menu, and from “Search,” click “For Files and Folders…“
- A speech bubble will pop up asking you, “What do you want to search for?” Click “All files and folders.”
- Type any file name in the search box, and select “Local Hard Drives.”
- Click “Search.” Once the file is found, delete it.
How to stop W32.Mydoom.AX@mm processes:
- Click the Start menu, select Run.
- Type taskmgr.exe into the the Run command box, and click “OK.” You can also launch the Task Manager by pressing keys ALT + CTRL + DELETE or CTRL + Shift + ESC.
- Click Processes tab, and find W32.Mydoom.AX@mm processes.
- Once you’ve found the W32.Mydoom.AX@mm processes, right-click them and select “End Process” to kill W32.Mydoom.AX@mm.
How to remove W32.Mydoom.AX@mm registry keys:
Your Windows registry is the core of your Windows operating system, storing information about user settings, system preferences, and software, including which applications automatically launch at start up. Because of this, spyware, malware, and adware will often bury their own files into your Windows registry so that they automatically launch every time your start up your PC.
Because your registry is such a key piece of your Windows system, you should always backup your registry before you make any changes to it. Editing your registry can be intimidating if you’re not a computer expert, and when you change or a delete a critical registry key or registry value, there’s a chance you may need to reinstall your entire Windows operating system. Make sure your backup your registry before editing it.
- Select your Windows menu “Start,” and click “Run.” An “Open” field will appear. Type “regedit” and click “OK” to open up your Registry Editor.
- Registry Editor will open as a window with two panes. The left side Registry Editor’s window lets you select various registry keys, and the right side displays the registry values of the registry key you select.
- To find a registry key, such as any W32.Mydoom.AX@mm registry keys, select “Edit,” then select “Find,” and in the search bar type any of W32.Mydoom.AX@mm’s registry keys.
- As soon as W32.Mydoom.AX@mm registry key appears, you can delete the W32.Mydoom.AX@mm registry key by right-clicking it and selecting “Modify,” then clicking “Delete.”
Computer acting funny after you’ve edited your registry and deleted W32.Mydoom.AX@mm registry keys? Just restore your registry with your backup.
How to remove W32.Mydoom.AX@mm DLL files:
Like most any software, spyware, adware, and malware may also use DLL files. DLL is short for “dynamically linked library,” and W32.Mydoom.AX@mm DLL files, like other DLLs, carryout predetermined tasks. To manually delete W32.Mydoom.AX@mm DLL files, you’ll use Regsver32, a Windows tool designed to help you remove DLL and other files.
- First you’ll locate W32.Mydoom.AX@mm DLL files you want to delete. Open your Windows Start menu, then click “Run.” Type “cmd” in Run, and click “OK.”
- To change your current directory, type “cd” in the command box, press your “Space” key, and enter the full directory where the W32.Mydoom.AX@mm DLL file is located. If you’re not sure if the W32.Mydoom.AX@mm DLL file is located in a particular directory, enter “dir” in the command box to display a directory’s contents. To go one directory back, enter “cd ..” in the command box and press “Enter.”
- When you’ve located the W32.Mydoom.AX@mm DLL file you want to remove, type “regsvr32 /u SampleDLLName.dll” (e.g., “regsvr32 /u jl27script.dll”) and press your “Enter” key.
That’s it. If you want to restore W32.Mydoom.AX@mm DLL file you removed, enter “regsvr32 DLLJustDeleted.dll” (e.g., “regsvr32 jl27script.dll”) into your command box, and press your “Enter” key.
How Did I Get W32.Mydoom.AX@mm?
You may be wondering how W32.Mydoom.AX@mm ended up on your PC. If you’re infected with W32.Mydoom.AX@mm or other spyware, your system’s and web browser’s security settings may be set too low, you may not follow safe web browsing and email habits, and you may need to regularly use a good anti-spyware application. Unsafe computer behavior that may lead to your PC having W32.Mydoom.AX@mm includes:
Freeware or Shareware:
Did you download and install shareware or freeware? These low-cost or free software applications may come bundled with spyware, adware, or programs like W32.Mydoom.AX@mm. Sometimes adware is attached to the free software to “pay” developers for the cost of creating the software, and more often spyware is secretly and maliciously attached to free software to harm your computer and steal your personal and financial information.
Peer-to-Peer Software:
Do you use a peer-to-peer (P2P) program or other application with a shared network? When you use these applications, you put your system at risk for unknowingly downloading an infected file, including applications like W32.Mydoom.AX@mm.
Questionable Websites: Did you visit a website that’s of questionable nature? When you visit malicious sites that are fishy and phishy, Trojans, spyware, and adware may be automatically downloaded and installed onto your computer, sometimes including applications like W32.Mydoom.AX@mm.
It’s important to practice safer online habits to prevent being infected with W32.Mydoom.AX@mm . You may want to scan your computer for the latest version of W32.Mydoom.AX@mm and other security threats.
Detect W32.Mydoom.AX@mm & Other Malware
Is your computer infected with malware?
When you’re infected with malware, whether it’s W32.Mydoom.AX@mm, spyware, adware, trojans, rogue anti-spyware, keyloggers, worms, or viruses, there are a few key symptoms you may experience. If you notice one or more of the symptoms listed below, your PC may be infected with W32.Mydoom.AX@mm or other malware. Continue reading below, or click here for a free malware scan.
Slow computer performance: It only takes one or two spyware parasites like W32.Mydoom.AX@mm to cause your computer to slow dramatically. If your PC takes longer than usual to reboot or if your Internet connection is unusually slow, your computer may be infected with malware.
New desktop shortcuts or switched homepage: Malware like W32.Mydoom.AX@mm may change your Internet settings or redirect your default homepage to another web site. Malware may even add new desktop shortcuts on your PC.
Annoying popups on your PC: Malware may bombard your computer with popup ads, even when you’re not online. Malware may stop your regular Internet activity and track your surfing habits and gather personal information about you, putting your financial and personal information at risk.
Understanding W32.Mydoom.AX@mm & Spyware
If you’re infected with W32.Mydoom.AX@mm and spyware, you should know what you’re fighting. I’ll explain some spyware definitions related to W32.Mydoom.AX@mm.
W32.Mydoom.AX@mm May Be a Worm
What Are Worms?
Worms are virus-like malware (”malicious software”) with destructive codes. Worms are able to mutate, or replace their own code by automatically, which makes worms very dangerous, difficult to find, and hard to delete. Similar to viruses, worms can spread to the other computers by secretly and automatically emailing themselves to other Internet users in your address book. The main difference between worms and viruses is that a worm wil replace your computer files rather than simply inserting their code into your files.
Some worms may also fall under the category of spyware. Spyware is any software or malware used to spy or track your computer activity. While some spyware is legitimately and intentionally installed by parents or employers to monitor Internet activity on a computer, spyware may be installed maliciously. Often spyware may come bundled with downloads of free software or come in the form of a cookie via a website, and this spyware may track your Internet activity or may steal secret account usernames and passwords, credit card numbers, and other personal and financial information.
You may be able to reduce your chances of getting infected by a worm by using a spam-blocking software, such as SpamEater Pro.
W32.Mydoom.AX@mm is also known as: W32/Mydoom.bb@MM, Win32.Mydoom.AU, WORM_MYDOOM.BB, Email-Worm.Win32.Mydoom.am, W32/MyDoom-O
W32.Mydoom.AX@mm-Related Posts
» No related posts
W32.Mydoom.AX@mm's Threat Level Explained
W32.Mydoom.AX@mm Is a Minor Pest 
The parasite isn't a real threat, but W32.Mydoom.AX@mm may track your Internet activities. W32.Mydoom.AX@mm may be easily removed with your Windows system "Add/Remove" function.
W32.Mydoom.AX@mm Is a Pest 
The parasite might profile you web activities and may have installed itself onto your PC via a drive-by download. You can probably manually remove W32.Mydoom.AX@mm yourself.
W32.Mydoom.AX@mm Is a Minor Threat 
The parasite might profile you and other users of your PC, and W32.Mydoom.AX@mm may send this data back to its parent server.
W32.Mydoom.AX@mm Is a Medium Threat 
The parasite might profile you and other users of your PC, and W32.Mydoom.AX@mm may send this data back to its parent server. W32.Mydoom.AX@mm may be impossible to manually remove.
W32.Mydoom.AX@mm Is a Threat 
The parasite might profile you and other users of your PC, and W32.Mydoom.AX@mm may send this data back to its parent server. W32.Mydoom.AX@mm may download and install more malware onto your PC, and W32.Mydoom.AX@mm may be impossible to manually remove.
W32.Mydoom.AX@mm Is a Minor Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. W32.Mydoom.AX@mm may also be difficult to manually remove.
W32.Mydoom.AX@mm Is a Medium Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. W32.Mydoom.AX@mm may download more malware and also be very difficult to manually remove.
W32.Mydoom.AX@mm Is a Danger 
The parasite may profile you, log every keystroke you make, and take snopshots of your computer activity. These logs may be sent to anonymous attacker, and W32.Mydoom.AX@mm may download more malware. W32.Mydoom.AX@mm may be very difficult to manually remove.
W32.Mydoom.AX@mm Is a Major Danger 
The parasite may track all of your computer activity, and W32.Mydoom.AX@mm may allow a hacker to access your PC. W32.Mydoom.AX@mm may pipe more malware into your computer, and may disable your anti-spyware or anti-virus software. W32.Mydoom.AX@mm may be very difficult to manually remove.
W32.Mydoom.AX@mm Is an Extreme Danger 
The parasite may track all of your computer activity, and W32.Mydoom.AX@mm may allow a hacker to control your computer. W32.Mydoom.AX@mm may pipe more malware into your computer, and may disable your anti-spyware or anti-virus software and firewall, and block your access to anti-spyware sites. W32.Mydoom.AX@mm may be very difficult to manually remove.
Comment on "W32.Mydoom.AX@mm" - Your Responses Help Us Get Rid of W32.Mydoom.AX@mm!