Options
I-Worm.Novarg (Mydoom) removal tool
Here's a removal tool for getting rid of that big bad virus Mydoom. If you think you've got it, then this is the tool you want.
[blockquote]I-Worm.Novarg a.k.a. Mydoom is a worm that has caused serious epidemic. The worm distributes itself via e-mail and Kazaa network.
The utility will automatically check your computer for Novarg a.k.a. Mydoom and clean it if the worm is found. [/blockquote][link=http://www.majorgeeks.com/download4119.html]Download[/link] (697KB) - [link=http://www.short-media.com/comment.php?799]Related news[/link]
[blockquote]I-Worm.Novarg a.k.a. Mydoom is a worm that has caused serious epidemic. The worm distributes itself via e-mail and Kazaa network.
The utility will automatically check your computer for Novarg a.k.a. Mydoom and clean it if the worm is found. [/blockquote][link=http://www.majorgeeks.com/download4119.html]Download[/link] (697KB) - [link=http://www.short-media.com/comment.php?799]Related news[/link]
0
Comments
The reason for a dedicated Novarg tool is this-- Novarg, it now appears, blocks access to AV mfr update serving boxes and sites if allowed to sit on a computer and worm around on the computer (it will act on the registry and mod it if allowed to stay on computer). IF it is detected on entry into the box, it can be killed before this happens. BUT, if you have a computer that suddenly cannot go to your AV mfr's site and get updates, use this tool to check for that virus. My sources for this bit of info include Kaspersky, Trend Micro, and eWeek and TechRepublic.
Kaspersky, watching for those boxes with both MyDoom.a and MyDoom.b (novarg) has noticed that almost all boxes with MyDoom.a have MyDoom.b also, and it is known that MyDoom.a has trojan properites that let an unauthorized person push things. They strongly think that this indicates that MyDoom.b is being downloaded by MyDoom.a infected boxes, and also suspect that MyDoom.b is being pushed onto the web by MyDoom.a infected boxes in emails. Thus, MyDoom.b can get onto your computer two ways, which is why this thing is an epidemic proportion virus.
If you got hit with MyDoom.a or you did not have a def set for MyDoom in your AV when it first attacked your box, please grab and run this tool. The baby Kaspersky Labs MyDoom remover I uploaded will remove the viruses stated, themselves, but it was released before the reg mod part of MyDoom.b's behavior was known and probably will not reverse or remove the registry entries that the MyDoom.b will put on the Window's box's registry if not caught right as it enters the box. This tool above will do that and was coded especially to do that.
What else makes this important??? Within 24 hours of Kaspersky Labs being aware of the MyDoom.a, they KNEW of 600,000 infected boxes with MyDoom.a on them. They found the Mydoom.b which is enough different that other AV mfrs are calling it Novarg. On Feb. 1, MyDoom.b is scheduled to run a DDOS attack on http://www.microsoft.com and http://www.sco.com/ and if the traffic load from possibly a million boxes does not strain your surfing, I do not know what will as all that traffic plus trojan access via Kazaa ports will busy out the internet for lots of folks. I would run this tool just to keep your box from being one of those involved, and the more that do this the fewer the boxes making junk traffic for servers to cope with will exist. Once you have run this tool, get the latest defs for your AV software, and run it in a paranoid mode for a few weeks. Heuristics enabled, all files scanned, archives scanned.
Strongly recommend it for your AV removal toolkit.
John.