Yesterday I posted on problem my brother had; his wife clicked "something" and he got a whole crapwad full of spyware and trojans. With help from the forum, he eradicated everything off his machine.
The only problem he notices is that his firewall keeps coming up and asking for permission for the above file to use the internet. Since it is in Windows Prefetch, I was hesitant to tell him to delete it without knowing what it IS. Does anyone know??
I'm thinking I will have him reformat this machine just to be on the safe side, but I would like to know what this file is just out of rabit curiosity if nothing else, and if anyone happens to know, I'd appreciate the info.
#1. "RE: "mimtmled.exe" in Windows Prefetch: what is it?" In response to Jenna (Reply # 0)
You can safely delete everything in the C:\Windoes\Prefetch\ directory. The desktop will load a little slower after the first boot, but after that, it will load normally. There shouldn't be any executables in the Prefetch directory, as far as I know.
#2. "RE: "mimtmled.exe" in Windows Prefetch: what is it?" In response to Darren (Reply # 1)
Awesome, thanks! I've always wondered what that folder was for in the first place. If there aren't supposed to be any .exe's in there, I'm going to go check mine, too.
#4. "RE: "mimtmled.exe" in Windows Prefetch: what is it?" In response to Shelly (Reply # 3)
Let's hope that isn't as effective as "Allow Index Service to index this disk for fast file searching" on hard drives... LOL!!
Anyway, I just got an email from my brother saying that he thinks the mimtmled.exe file has something to do with Mcafee Firewall. He deleted the file, and now apparently it (mimtmled.exe) wants to access the internet constantly even though he deleted it.
I had him check msconfig, and there is no mention of that file in startup, so I'm not sure what the hell is going on with this weird file. I could find no mention of it on Google, but I'm not surprised particularly since it's an .exe file, but I tried nonetheless.
#5. "RE: "mimtmled.exe" in Windows Prefetch: what is it?" In response to Jenna (Reply # 0) Tue Nov-08-05 05:09 PM by WhitPhil
If it is referenced in Prefetch, it means the that program has run at least once. (most likely you do not have show all files set, so the PF extension is not being displayed)
Deleting the PF file does nothing, other than force Windows to rebuild it the next time that program executes.
If it is still asking for permission to access the net, it is living on the PC somewhere.
Install HiJackThis and post back the LOG file that it creates.
And/or run an Online AV test to confirm that it isn't viral.
