How to Remove “mshta.exe”

What is mshta.exe?


mshta.exe is a legitimate file that is also known as an interperter for Microsoft Scripting Host. It is responsible for executing html applications and assisting scripts to run in Windows system. It is typically located in c:\windows\system32.
Malware writers create malicious programs and replicate their file names as mshta.exe to spread virus on the internet.
 
Affected Platform: Windows OS


How to check if your computer is infected with mshta.exe malware?


If your PC is infected with mshta.exe, you will start getting unsolicited popups in your browser  or you will automatically be redirected to irrelevant websites. Take the following steps to diagnose your PC for possible mshta.exe malware:
 
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
 
Step 2: If you notice the file located outside the file path c:\windows\system32, then you should run an antivirus scan to get ride of the malware.
 
How to remove mshta.exe malware from system using Comodo Antivirus?
 
Step 1: Download the award-winning Comodo  Free Antivirus.
 
Step 2: Installation configuration frames will be displayed. Select the configuration you would like to apply.
 
Step 3: Select Customize Configuration option and arrange installers, configuration, and file location.
 
Step 4: Restart your PC.

Step 5: It will take some time for the Comodo Internet Security to update the antivirus.
 
Step 6: Proceed with a quick scan that automatically begins after the update.
 
Step 7: If threats are found during the scanning, you will be prompted with an alert screen.
 
Step 8: Comodo Antivirus will remove mshta.exe malware from your computer including all other malware!
2

Malware Entries

First Seen: 05 February 2018 at 12:50 pm
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 Microsoft Corporation Executable 0eac5dfee5c00462
e3ee404ee162f054
e62e6386
593d8ca87a3ffecd
8ce5e4660110feca
TrojWare.Win
32.Spy.Banke
r.Gen
No 6.00.2900.
2180
(xpsp_sp2_
rtm.040803
-2158)
6.00.2900.
2180
197.38.137.225/32 N/A
2 Microsoft Corporation Executable b49cc6b6e8649141
fd72bf602ea5f9be
85555bb4
6421454733147a6e
cc8b751e9e4127a4
Virus.Win32.
Parite.gen
No 8.00.6001.
18702
(longhorn_
ie8_rtm(wm
bla).09030
8-0339)
8.00.6001.
18702
37.142.6.246/32 N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
28

Safe Entries

First Seen: 03 July 2008 at 3:08 pm
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable 313943861b328541
e316eb8d008a73a4
1f3b87b8
b653cc46b2e2f7d0
82da938d5e7736fa
No 8.00.6001.
17184
(longhorn_
ie8_beta1(
wmbla).080
303-1908)
8.00.6001.
17184
United States
2 Microsoft Corporation Executable 0da53ae914161ce8
b1854377412f863a
f9c262da
733c18a23ee25cb2
cf6ef65acd8db866
No 6.00.2900.
2180
(xpsp_sp2_
rtm.040803
-2158)
6.00.2900.
2180
United Kingdom
3 Microsoft Corporation Executable be9caf456573835f
82194ae409db6a16
e7b54e73
36e4f27d35a8dd9f
b86caa81fed6d1df
No 9.00.8112.
20811
(win7_ie9_
LDR(builde
r).150817-
1028)
9.00.8112.
20811
104.48.183.143/32
4 Microsoft Corporation Executable 0da53ae914161ce8
b1854377412f863a
f9c262da
733c18a23ee25cb2
cf6ef65acd8db866
No 6.00.2900.
2180
(xpsp_sp2_
rtm.040803
-2158)
6.00.2900.
2180
United States
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Free Antivirus protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security