| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 14662 | 2002-01-15 04:29:00 | MimeExplot virus and/ or mail.dat | Guest (0) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 31286 | 2002-01-15 04:29:00 | I have InoculateIt PE as my virus checker. After a recent check of my system I received the following notification of a virus that the programme had detected but neither deleted nor cleaned: C:\WINDOWS\Temporary Internet Files\Content.IE5\YJSSD9AC\mail.dat (HTML.MimeExploit virus). This virus was also present in two other Temporary Internet/ ... /mail.dat files. I then ran McAfee over my machine but received no warning message, even though it is still there according to InoculateIT. Can I safely delete (a) the Temporary Internet Folder, or (b) the affected file? I have been unable to find out anything about mail.dat. When I first attempted to delete it I received a warning message indicating it may be unwise to do so (I cannot remember the wording) and so I left it alone. Interestingly enough I cannot find this file listed in Windows Explorer although I can see it in InoculateIT. I am running Windows ME. I have deleted the Temporary Internet files in Tools: Internet Options but there still seem to be many files in Windows Temporary Internet Files. Are they different? Thanks in advance for any assistance. |
Guest (0) | ||
| 31287 | 2002-01-15 05:19:00 | Hello Alan, I've never heard of mail.dat either, however you can safely delete the files in temp. internet folders, dont delete the folder. go to control panel, internet options, general tab, click delete files, if there is an option to delete cookies click that also.If there is no option to clear cookies, you can clear these manualy. from the Temp. internet folder, which is found in your windows folder. Also while you are there, you might like to clear the cookies folder, and the Temp folder. good luck, Bob |
Guest (0) | ||
| 31288 | 2002-01-15 05:31:00 | I suggest you got to an anti virus website and run a remote scan from there. The site should have the latest and most up to date scanners etc. The one I use is www.symantec.com They also have comprehensive removal instructions if their AV tool cant remove it....not all viruses can be removed by AV programs due to the complexity of the virus. | Guest (0) | ||
| 31289 | 2002-01-16 20:24:00 | Hi folks - thanks for your help. I ran Trend's House Call over my system - nothing detected. I then downloaded and ran the latest upgrade of InoculateIT again with the result that the virus was still there. I have since done some further research and came up with the following information: 'HTML.MimeExploit is a generic detection of web pages or e-mail messages which attempt to exploit the 'Incorrect MIME Header' vulnerability in Internet Explorer. This does not necessarily mean that a virus has been found. It merely means that HTML code was found which attempts to open an executable attachment without the user's express permission. This is usually done inside e-mail messages, and is used by Viruses such as Win32.Nimda, Win32.Aliz and Win32.Badtrans.29020 (aka Win32.Badtrans.B), so that the virus is started as soon as the message is opened in Microsoft Outlook or Outlook Express. For more information on this vulnerability, including a patch to fix it, please visit: www.microsoft.com If this patch has already been applied, warnings of this virus may be safely ignored.' I will now follow this advice and stop worrying about it! P.S. Even though I deleted 'all' of the Temporary Internet Files including cookies there still remain many 'hidden' files. Any ideas on these and how/whether I should get rid of them. The infamous mail.dat is one of these files (all have access dates prior to when I bought the computer new. Once again, many thanks. |
Guest (0) | ||
| 31290 | 2002-04-29 12:22:00 | Well it is becoming more prolific all the time. I run VET anti virus software and it detected the HTML.MimeExploit virus but wouldn't delete it. Ran the security patch from Microsoft but it is still there. Interestingly the patch only goes up to IE5.5 not IE6. Maybe they think it doesnt have th security vulnerability yet itmust because thats what I use and I have the virus. These viruses are becoming more disturbing all the time. One thing I found is that the virus lurks at this part - C:\WINDOWS\Temporary Internet Files\Content.IE5\O08FQMCO\wbkA222.TMP (HTML.MimeExploit virus) but when I go to to try and delete it I cannot view the Content.IE5 folder. Any ideas ? |
Guest (0) | ||
| 1 | |||||