McAfee > Theat Center > Virus Detail Page

Overview

This is a virus detection. Viruses are programs that self-replicate recursively, meaning that infected systems spread the virus to other systems, which then propagate the virus further. While many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.

Aliases

• W32/Mimail-K (Sophos)

• W32/Mimail-M (Sophos)

• W32/Mimail.f@MM

• W32/Mimail.g@MM

• W32/Mimail.h@MM

Characteristics

This is a generic detection, designed to proactively detect new, undiscovered variants of the W32/Mimail@MM worm.  This detection was first included in the 4301 DAT release, and proactively detected the W32/Mimail.e@MM variant, as well as the .f, .g, .h, .j , and .m  variants.

McAfee products are most effective when configured to scan compressed executables (a default option). This is especially true where generic detections are considered.

Symptoms

Vary.  This is a generic detection.  Therefore, it is not possible to state specific symptoms.

Method of Infection

This worm spreads via email.

Removal

All Users:
Use specified engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants

N/A

All Information

Overview -

This is a virus detection. Viruses are programs that self-replicate recursively, meaning that infected systems spread the virus to other systems, which then propagate the virus further. While many viruses contain a destructive payload, it's quite common for viruses to do nothing more than spread from one system to another.

Aliases

• W32/Mimail-K (Sophos)

• W32/Mimail-M (Sophos)

• W32/Mimail.f@MM

• W32/Mimail.g@MM

• W32/Mimail.h@MM

Characteristics

Characteristics -

This is a generic detection, designed to proactively detect new, undiscovered variants of the W32/Mimail@MM worm.  This detection was first included in the 4301 DAT release, and proactively detected the W32/Mimail.e@MM variant, as well as the .f, .g, .h, .j , and .m  variants.

McAfee products are most effective when configured to scan compressed executables (a default option). This is especially true where generic detections are considered.

Symptoms

Symptoms -

Vary.  This is a generic detection.  Therefore, it is not possible to state specific symptoms.

Method of Infection

Method of Infection -

This worm spreads via email.

Removal -

Removal -

All Users:
Use specified engine and DAT files for detection and removal.

Modifications made to the system Registry and/or INI files for the purposes of hooking system startup, will be successfully removed if cleaning with the recommended engine and DAT combination (or higher).

Additional Windows ME/XP removal considerations

Variants

Variants -

N/A