astrodav
2009-11-24, 04:50
I caught most likely the VERY nastiest bug that I have had in my many years of computing. It causes most every link to redirect to some page starting with "h**p://huytebesy4ko.net". I'm pretty decent at manually killing these things when they get past my anti-virus or anti-spyware. But this one has me COMPLETELY whipped.
It slipped past my anti-virus TWICE....once immediately after a complete reformat, as it did with WinPatrol & Spybot. The first time, before the reformat, a completely updated SpyBot wouldn't even detect the thing....anti-virus didn't either.
I always run TeaTimer & the other "extra" thing in SpyBot....SDHelper I think it's called. And the computer had been freshly immunized also. Nothing caught it & it got through to cause havoc. The redirects soon led to lock-outs of any attempt to delete it by a program like SpyBot (as mentioned earlier, SpyBot never saw it, but I kept trying until the virus/spyware/whatever-it-is took over.)
That's when I started a manual process. All I could find in multiple places, including temp.files, program files, docs & sets, registry, etc., were 2 cookies with that huyte.... address. So I deleted those, rebooted, & the thing immediately proceeded to do the exact same thing....control everything.
That's when I reformatted & got it again within minutes. I THINK I know what happened there, but not sure. I run my virtual memory (page file) on a separate partition on the same drive. I didn't reformat that part. So I'm thinking the bug was still on that & then just hopped over to the fresh install.
So I reformatted again...BOTH parts. So far, after about 30 minutes, I'm good. I did change AV programs, since the first had let me down by letting such a dangerous thing through it.
But why won't SpyBot pick this bad cookie up in it's scan? I'm guessing also that it's MORE than just a cookie, since I deleted 2 of those myself. Anyone ever had any experience with this bug? Anyone know a GOOD way to get rid of it? I did several searches & most of them were pretty vague....or were just answered with a link to an anti-spyware program. I did try MalwareBytes, Windows Defender, & Spyware-Doctor or something like that. None of them worked.
If this huytebesy4ko bug is not part of SpyBot's definition files, it REALLY needs to be.
It slipped past my anti-virus TWICE....once immediately after a complete reformat, as it did with WinPatrol & Spybot. The first time, before the reformat, a completely updated SpyBot wouldn't even detect the thing....anti-virus didn't either.
I always run TeaTimer & the other "extra" thing in SpyBot....SDHelper I think it's called. And the computer had been freshly immunized also. Nothing caught it & it got through to cause havoc. The redirects soon led to lock-outs of any attempt to delete it by a program like SpyBot (as mentioned earlier, SpyBot never saw it, but I kept trying until the virus/spyware/whatever-it-is took over.)
That's when I started a manual process. All I could find in multiple places, including temp.files, program files, docs & sets, registry, etc., were 2 cookies with that huyte.... address. So I deleted those, rebooted, & the thing immediately proceeded to do the exact same thing....control everything.
That's when I reformatted & got it again within minutes. I THINK I know what happened there, but not sure. I run my virtual memory (page file) on a separate partition on the same drive. I didn't reformat that part. So I'm thinking the bug was still on that & then just hopped over to the fresh install.
So I reformatted again...BOTH parts. So far, after about 30 minutes, I'm good. I did change AV programs, since the first had let me down by letting such a dangerous thing through it.
But why won't SpyBot pick this bad cookie up in it's scan? I'm guessing also that it's MORE than just a cookie, since I deleted 2 of those myself. Anyone ever had any experience with this bug? Anyone know a GOOD way to get rid of it? I did several searches & most of them were pretty vague....or were just answered with a link to an anti-spyware program. I did try MalwareBytes, Windows Defender, & Spyware-Doctor or something like that. None of them worked.
If this huytebesy4ko bug is not part of SpyBot's definition files, it REALLY needs to be.