1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Help with html.mhtmlredir.exploit

Discussion in 'Virus & Other Malware Removal' started by diamant, Oct 14, 2004.

Thread Status:
Not open for further replies.
Advertisement
  1. diamant

    diamant Thread Starter

    Joined:
    Oct 14, 2004
    Messages:
    6
    undefinedI need help to remove the html.mhtmlredir.exploit, please. I have Windows 2000 Professional and Etrust Antivirus. Please help.
     
  2. Chicon

    Chicon

    Joined:
    Jul 29, 2004
    Messages:
    6,650
    Hi diamant,

    I suggest you to download HijackThis from here.
    Extract the zip file into a permanent folder (for example : C:\Program Files\HJT);
    before launching HijackThis, close all open applications;
    run HijackThis : click Scan, click Save log to get a file called hijackthis.log;
    post the whole content of the log file to this thread.
     
  3. diamant

    diamant Thread Starter

    Joined:
    Oct 14, 2004
    Messages:
    6
    Last night I ran HijackThis then Scanned and deleted few log files.. :confused: In the morning I re-installed Windows hoping to clean the computer.. The computer works fine now. I hope the virus is killed.. :confused: What do you think? Thanks a lot ! :)
     
  4. diamant

    diamant Thread Starter

    Joined:
    Oct 14, 2004
    Messages:
    6
    As I know very little about computers, I don't understand how I caught this html.mhtmlredir.exploit virus. I installed EZTrust Antivirus last week.. :confused: I heard about Zone Alarm firewalls. Would this help ? What shall I do in order to not getting with this virus again?

    Also I have a Pocket PC phone (SPH-i 700) that runs windows too. How can I protect my little pocket pc? Please help! Thanks a lot !
     
  5. diamant

    diamant Thread Starter

    Joined:
    Oct 14, 2004
    Messages:
    6
    Hi Chicon,

    I ran the HijackThis again. Below is the hijackthis.log. Is everyhting fine? Thanks a lot!

    Logfile of HijackThis v1.98.2
    Scan saved at 4:07:31 PM, on 10/14/2004
    Platform: Windows 2000 SP1 (WinNT 5.00.2195)
    MSIE: Internet Explorer v5.00 (5.00.2920.0000)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
    C:\PROGRA~1\Iomega\System32\AppServices.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
    C:\WINNT\Explorer.exe
    C:\Program Files\Iomega HotBurn\Autolaunch.exe
    C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
    C:\Program Files\WinZip\WZQKPICK.EXE
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\WINZIP\winzip32.exe
    C:\unzipped\hijackthis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.math.umb.edu
    O3 - Toolbar: @msdxmLC.dll,[email protected],&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [Drag'n'Drop_Autolaunch] "C:\Program Files\Iomega HotBurn\Autolaunch.exe"
    O4 - HKLM\..\Run: [VetTray] C:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
     
  6. FinestRanger

    FinestRanger

    Joined:
    Oct 13, 2003
    Messages:
    2,367
    You were probably infected because of unpatched Windows security holes.

    Open Internet Explorer. Click on "Tools"--"Windows Update". Get all the critical updates ASAP.




    I also highly recommend you install and update SpywareBlaster

    SpywareBlaster tutorial link


    Click here to keep your computer safe and secure on the internet


    Free Anti-virus and Firewall applications (and various other security-related information):

    How did I get infected in the first place?

    Rollin' Rog's "Security Help Tools" thread
     
  7. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/284451

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice