MHTML REDIR.EXPLOIT!!!!

Discussion in 'malware problems & news' started by ham-ham, Feb 12, 2005.

Thread Status:
Not open for further replies.
  1. ham-ham

    ham-ham Guest

    MHTML.Redir Exploit

    HELP ME PLEASE!!!!!!,

    I have a meesage from norton coming up saying "detected Mhtml.Redir Exploit" and it keeps on coming up. i need someone to help me remove the virus
     
  2. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  3. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    Ive looked there before but it doesnt tell me how to get rid of it only protection against it.

    ham-ham
     
  4. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Re: MHTML.Redir Exploit

    What O/S are u running? Is it completely up to date?


    snowbound
     
  5. han-ham

    han-ham Guest

    Re: MHTML.Redir Exploit

    im running windows xp home

    and it wasnt up to date because for some reason i cant install sp2
     
  6. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Re: MHTML.Redir Exploit

    May I know what happens when you install WinXP SP2?
     
  7. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    i go on windows update and it does the whole instaling thing then at the end it says "windows was unsuccesfully installed"
     
  8. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Re: MHTML.Redir Exploit

    Oh wow..maybe you should get the free CD and then try...If I had another name for that exploit maybe I could help you.
     
  9. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
  10. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    ok, i will try those things and ill let you know what happens
     
  11. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    the cd will take a while but are these all ways to prevent it from coming on your computer because i already have it and i need a way to get it off!!!
     
  12. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Re: MHTML.Redir Exploit

    What is the exact file name this exploit is being found in?



    snowbound
     
  13. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    C:\WINDOWS\TEMP\TMP1B7.Tmp is an example of one of them. then it just changes. its like it keeps on makeing copys and copys
     
  14. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    also sometimes it apears in a program files directory
     
  15. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
    Re: MHTML.Redir Exploit

    U need to empty your temp files.



    snowbound
     
  16. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    When i go in there there is nothing
     
  17. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Re: MHTML.Redir Exploit

    Maybe you should install this patch ham-ham:

    http://www.softwarepatch.com/windows/xptvmedia.html

    Microsoft's description: '[The TV Media] application prevents successful installation of Windows XP Service Packs, critical security updates and other system file updates. This update should be applied to your system to enable safe installation of these updates now and in the future.'
     
  18. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    ok thanks
     
  19. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    its stll not working..............
     
  20. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Re: MHTML.Redir Exploit

    Then I'm sorry for wasting ur time...Well, I'll see what is to be done...Does the name of this Exploit appear as MHTML.Redir.gen or is the exact name different?
     
  21. ham-ham

    ham-ham Guest

    Re: MHTML.Redir Exploit

    no it is as exactly as ive named this thread
     
  22. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
    Re: MHTML.Redir Exploit

    I see. You may have to wait while I search it up...sorry for the inconvienience..
     
  23. Blackspear

    Blackspear Global Moderator

    Joined:
    Dec 2, 2002
    Posts:
    15,115
    Location:
    Gold Coast, Queensland, Australia
    Re: MHTML.Redir Exploit

    From what I have read, you should be able to download and run CCleaner from here: http://www.ccleaner.com/ then follow the comprehensive steps found in General Cleaning.

    If these steps do not resolve your situation, you will need to download and run “Hijack This” found here and post your log at one of the forums found at A-SAP. The two bigger forums for HijackThis log processing, (meaning they process more log threads each day than most others) are: SpywareInfo.com and CastleCops.com. Be sure to read their posting policy in the links at their log review forum sections prior to posting.

    The steps mentioned in General Cleaning use software that ought to be part of your security, as an absolute minimum.

    Once your system is clean, you may want to take a look HERE. As well there are discussions HERE and even more HERE.

    Hope this helps...

    Let us know how you go.

    Cheers :D
     
  24. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    7,927
    Location:
    The land of no identity :D
  25. TopperID

    TopperID Registered Member

    Joined:
    Oct 1, 2004
    Posts:
    1,527
    Location:
    London
    Re: MHTML.Redir Exploit

    Ham-Ham please read my post #13 here:- https://www.wilderssecurity.com/showthread.php?p=358449#post358449

    Follow the routine given and you should be free of this thing.

    Please note it is only an exploit, it can't harm you if your AV is blocking it. If Norton finds it, it will pop up a message saying it cannot repair the file in question - that is nothing to worry about; just so long as your AV stops it from exploiting the vulnerability on your unpatched system.
     
Thread Status:
Not open for further replies.