MHTML REDIR.EXPLOIT!!!!

MHTML.Redir Exploit

HELP ME PLEASE!!!!!!,

I have a meesage from norton coming up saying "detected Mhtml.Redir Exploit" and it keeps on coming up. i need someone to help me remove the virus

 

Re: MHTML.Redir Exploit

Hi ham-ham.

Welcome to Wilders.

Take a look here,

https://www.wilderssecurity.com/showthread.php?p=358449#post358449

See if it helps.


snowbound

 

Re: MHTML.Redir Exploit

Ive looked there before but it doesnt tell me how to get rid of it only protection against it.

ham-ham

 

Re: MHTML.Redir Exploit

What O/S are u running? Is it completely up to date?


snowbound

 

Re: MHTML.Redir Exploit

im running windows xp home

and it wasnt up to date because for some reason i cant install sp2

 

Re: MHTML.Redir Exploit

May I know what happens when you install WinXP SP2?

 

Re: MHTML.Redir Exploit

i go on windows update and it does the whole instaling thing then at the end it says "windows was unsuccesfully installed"

 

Re: MHTML.Redir Exploit

Oh wow..maybe you should get the free CD and then try...If I had another name for that exploit maybe I could help you.

 

Re: MHTML.Redir Exploit

Do u have this patch,

http://www.microsoft.com/downloads/results.aspx?freetext=837009&productID=&DisplayLang=en

I think it covers that exploit.



snowbound

 

Re: MHTML.Redir Exploit

ok, i will try those things and ill let you know what happens

 

Re: MHTML.Redir Exploit

the cd will take a while but are these all ways to prevent it from coming on your computer because i already have it and i need a way to get it off!!!

 

Re: MHTML.Redir Exploit

What is the exact file name this exploit is being found in?



snowbound

 

Re: MHTML.Redir Exploit

C:\WINDOWS\TEMP\TMP1B7.Tmp is an example of one of them. then it just changes. its like it keeps on makeing copys and copys

 

Re: MHTML.Redir Exploit

also sometimes it apears in a program files directory

 

Re: MHTML.Redir Exploit

U need to empty your temp files.



snowbound

 

Re: MHTML.Redir Exploit

When i go in there there is nothing

 

Re: MHTML.Redir Exploit

Maybe you should install this patch ham-ham:

http://www.softwarepatch.com/windows/xptvmedia.html

Microsoft's description: '[The TV Media] application prevents successful installation of Windows XP Service Packs, critical security updates and other system file updates. This update should be applied to your system to enable safe installation of these updates now and in the future.'

 

Re: MHTML.Redir Exploit

ok thanks

 

Re: MHTML.Redir Exploit

its stll not working..............

 

Re: MHTML.Redir Exploit

Then I'm sorry for wasting ur time...Well, I'll see what is to be done...Does the name of this Exploit appear as MHTML.Redir.gen or is the exact name different?

 

Re: MHTML.Redir Exploit

no it is as exactly as ive named this thread

 

Re: MHTML.Redir Exploit

I see. You may have to wait while I search it up...sorry for the inconvienience..

 

Re: MHTML.Redir Exploit

From what I have read, you should be able to download and run CCleaner from here: http://www.ccleaner.com/ then follow the comprehensive steps found in General Cleaning.

If these steps do not resolve your situation, you will need to download and run “Hijack This” found here and post your log at one of the forums found at A-SAP. The two bigger forums for HijackThis log processing, (meaning they process more log threads each day than most others) are: SpywareInfo.com and CastleCops.com. Be sure to read their posting policy in the links at their log review forum sections prior to posting.

The steps mentioned in General Cleaning use software that ought to be part of your security, as an absolute minimum.

Once your system is clean, you may want to take a look HERE. As well there are discussions HERE and even more HERE.

Hope this helps...

Let us know how you go.

Cheers

 

Re: MHTML.Redir Exploit

Well I got this information:

http://securityresponse.symantec.com/avcenter/venc/data/mhtmlredir.exploit.html

According to them, you got to download this patch:

http://www.microsoft.com/technet/security/bulletin/ms04-013.mspx

Then you have to scan using your Norton AntiVirus and DELETE all files detected as infected.

Good luck removing that virus!

Regards,
Firecat

 

Re: MHTML.Redir Exploit

Ham-Ham please read my post #13 here:- https://www.wilderssecurity.com/showthread.php?p=358449#post358449

Follow the routine given and you should be free of this thing.

Please note it is only an exploit, it can't harm you if your AV is blocking it. If Norton finds it, it will pop up a message saying it cannot repair the file in question - that is nothing to worry about; just so long as your AV stops it from exploiting the vulnerability on your unpatched system.