Exploit-MhtRedir.gen\counter[2].htm

Discussion in 'malware problems & news' started by Atlantic, Apr 5, 2004.

Thread Status:
Not open for further replies.
  1. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    Hi

    First time here, and if I knew what I was looking for, I would have tried to find the info by reading other threads...But, I don't know what I am looking for, so HERE I am!!! :oops:

    Would anyone happen to recognize this trojano_O
    And would anyone happen to know, how/where it came from to end up on my PCo_O

    Thanks in advance :)
     
  2. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    Oh....Suppose I should add, it was one of two trojans that came up on a McAffee scan...the other - very similar in name was:

    Exploit-ByteVerify

    Both were located in

    C:\Documents and Settings\Owner\Local Settings\Temporary Internet Files\Content.IE5
     
  3. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    Sorry I had posted in the wrong forum.

    In reading the thread below mine, I think I've got a little bit better understanding of what this trojan is and infact, have a very good idea EXACTLY where it came from.

    Not to be too much of a pest, but in reading from the other thread, I thought I would try emptying my Temp Internet Files....But, after opening IExplorer, clicking Tools, then Internet Options, I was met with this box
    stating:


    (with a red circle-X)
    Restrictions
    This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator

    ------

    So my question, is WHY would that restriction be there....I AM the only person using this computer. Could it have something to do with the person who installed the trojan, also changing my settings?

    Sorry...if I am asking really stupid questions.
     
  4. TheQuest

    TheQuest Registered Member

    Joined:
    Jun 9, 2003
    Posts:
    2,301
    Location:
    Kent. UK by the sea
    Hi, Atlantic

    Welcomed to Wilder's.[Sadly it on a Trojan forum]

    I am not going to be of much help, have you been to McAffee to help remove them or do a goole on them.

    TheQuest :cool:
     
  5. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
  6. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Hi Atlantic :)

    Do u have Spybot S&D on your computer? ;)

    If u do that alert is caused by checking:Lock IE control panel against opening within IE[current user] in your immunize option. Just uncheck it and your internet options will open again.




    snowbound
     
  7. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Here is a screenshot of that option if u are not sure. :)


    [​IMG]
     
  8. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    Thanks for the Welcome and the Advice!

    I did go to McAffee, and to be honest, the information was too limited for my knowledge base to understand... :oops:

    I was just in the process of trying to log-on to Microsofts help board....but saw that I had replies here.

    Yes, Snow I do have Spybot S&D and I just ran it this afternoon along with Adaware....I neve changed any settings....but I will go now and try to uncheck the whatever it was you just said :)



    (I swear I am NOT blond... ;)
     
  9. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    WooooHooo............It WORKED!!!

    I gotta say, the screen shot was EXCELLENT for showing what I was supposed to do - it really helped.

    Now, if I can just get everything else back on track...

    I am pretty sure both of these trojans along with most if not all of the 10-unwanted "exe" programs installed that McAffee found in the scan, were the result of a smart-alleck on an ezBoard board!

    He is really disgusting....but, knows just enough to have many of the rest of us at his mercy when it comes to trackers and java-scripting.... :mad:

    Sorry...for the mini-rant there...

    Thanks soooo much for the help! Now I think I should go disable system restore and try to delete the trojan that McAffee was unable to clean and I had deleted (but with system restore inabled) Yes?
     
  10. Atlantic

    Atlantic Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    6
    O.k.....Back again

    I just did a search My computer/System Information for both trojans by name. Both searches came up empty.
    So, does that mean the trojans are both gone? Perhaps by deleting my temp internet files, that eliminated any copy of them on my system?

    Here again, I apologize for all the questions....but would anyone know what the purpose or what was gained by the person using these trojanso_O

    Any information and/or even speculation would be appreciated...Thanks!!!
     
Loading...
Thread Status:
Not open for further replies.