the MiMail.D Worm?
|MiMail.D is a mass mailing worm that arrives as
a zipped attachment in an email. The zip file contains a virus.The
virus arrives as an email similar to:
From: john@<current domain> (The from
address may be spoofed to appear that it is coming from the current
Subject: don't be late!
Will meet tonight as we agreed, because on Wednesday I don't think I'll
so don't be late. And yes, by the way here is the file you asked for.
It's all written there. See you.
(which contains readnow.doc.scr)
Does MiMail.D Worm Infect My System?
unzipped, it creates a file named cnfrm.exe in the Windows directory
and adds the following registry key to the system.
Does the MiMail.D Worm Do?
computer is infected, the virus checks to see if the system is
connected to the Internet by trying to contact google.com. If it can
contact google, then the worm attempts to gather email addresses from
the infected computer. It grabs addresses from all files on the system,
EXCEPT files that have the following extensions:
addresses are then stored in a file named eml.tmp in the Windows
directory. The worm has its own SMTP engine. For each email address the
worms sends, it will
- Look up
the MX record for the domain name using the DNS server of the current
host. If a DNS server is not found, it will default to 18.104.22.168
the mail server associated with that particular domain.
contact the destination server.
also try to perform a denial of service attack on the following domains:
Can I Remove the MiMail.D worm?
these steps in removing the MiMail.D worm.
Terminate the running program
- Open the
Windows Task Manager by either pressing CTRL+ALT+DEL on Win9x machines
or CTL+Shift+Tab and clicking on the Processes tab on WinNT/2000/XP
the following program, click on it and End Task or End Process
the Registry entries
- Click on
Start, Run, Regedit
- In the
left panel go to
- In the
right panel, right-click and delete the following entry
the Registry Editor
the infected files (for Windows ME and XP
remember to turn
off System Restore before searching for and
deleting these files to remove infected backed up files as well)
Start, point to Find or Search, and then click Files or Folders.
sure that "Look in" is set to (C:\WINDOWS).
- In the
"Named" or "Search for..." box, type, or copy and paste, the file
names: (these are all in the Windows directory)
Find Now or Search Now.
the displayed files.
the computer and run a thorough virus scan using your favorite
Automatic Removal of MiMail.D, download the Symantec
Variations of this virus
Mimail.A Worm Removal
MiMail.J Worm Removal Instructions
Tools for Removing Spyware, Adware, and Malware
Spyware/Adware Removal Help
MSBlast.exe Worm Removal
Welchia (Dllhost.exe and SVCHost.exe) Worm Removal
Uninstall McAfee Instructions
Uninstall Norton Instructions
Uninstall Avast Instructions
Uninstall AVG Instructions
Uninstall Antivir Instructions
Uninstall Panda Instructions
How to Manually Run the Microsoft Malicious Software Removal Tool
Bloodhound.Exploit.6 Virus Removal
MyDoom Virus Removal
MiMail.C Virus Removal
Swen Worm Virus Removal
SoBig.F Worm Removal
Dumaru Virus Removal
BugBear.B Worm Removal
SoBig.E Worm Removal
Pop Up Ad Removal Info
KAK Worm Removal
MiMail.A Worm Removal
W95.MTX Virus Removal
Snow White Virus Removal
BadTrans Trojan Removal
Wininit Virus (Bymer Trojan)
Happy99 Worm Removal
VBS Netlog Worm Removal
Pretty Park Worm Removal
Sasser Worm Virus Removal
Backdoor SDBot.H Trojan Removal
Computer Security Information
Back Orifice Information
PC HELL Main Page
iPadastic - News, Tutorials, Help, Tips, and Hints for the iPad
Download Hoyle Games
including Casino 3D, Card, Board, and Solitaire games.