Results 1 to 9 of 9

Thread: Huytebesy4ko redirect....

  1. #1
    Senior Member
    Join Date
    Dec 2002
    Location
    Fresnoooo
    Posts
    327

    Angry Huytebesy4ko redirect....

    Uhg. I've got a staff member who has IE7 and no matter what link she clicks on it redirects her to another site. Down in the info bar it always has redirect http:huytebesy4ko.net - I did a virus check and found over 500 infected files which happily have been deleted/quarentined. gone through the registry, but haven't been able to find the annoying virus. Any help? (Normally I would format the system, but the lady freaked and began crying) I'll format if I have to, but would prefer not being on her **** list.

    -- thanks.
    Because I am a woman, I must make unusual efforts to succeed. If I fail, no one will say, "She doesn't have what it takes"; They will say, "Women don't have what it takes".
    Clare Boothe Luce

  2. #2
    Senior Member
    Join Date
    Mar 2004
    Location
    Colorado
    Posts
    421
    Not really a good time for emotion...Don't risk your job or the network.
    Grab critical data and wipe it.

  3. #3
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Do you have Spybot S&D? The Immunize feature and a full scan would probably help since not onyl will it scan for stuff an AV product sometimes misses (Not as much of an issue today with AV companies also giving out Spyware and cookie detection options, but still a thought) and the Immunize will also go to the hosts file and make it a bit more locked down, and of course it locks down IE, Firefox, and Opera so that this kind of thing is harder to get infected with if it's an infection.

    You could also have them use Opera with Spybot so that they're not as likely to infect themselves. If they complain about your efforts, tell a boss what they did and how they're a huge risk to the network, and that you could clean it up, that way you've got the CYA principles down.

    If all else fails, all users appreciate a disk format

  4. #4
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Quote Originally Posted by techtech View Post
    Uhg. I've got a staff member who has IE7 and no matter what link she clicks on it redirects her to another site. Down in the info bar it always has redirect http:huytebesy4ko.net - I did a virus check and found over 500 infected files which happily have been deleted/quarentined. gone through the registry, but haven't been able to find the annoying virus. Any help? (Normally I would format the system, but the lady freaked and began crying) I'll format if I have to, but would prefer not being on her **** list.

    -- thanks.
    Being a Business PC - and as much as it pains me: ss2chef hit the nail..
    the business network and data is more critical than the time cost of format and clean install:
    there were tutorials here stepping through the procedure to image an installation. this give you a half hour turn-around on a system recovery - Also having all data on a server or on a separate partition of the HDD eases the pain of such an operation - and enable the ability for regular updated images of the OS and apps

    As for cleaning: You have a browser hijack, as simple as changed DNS settings, Spybot is OK for lite infections. BUT in this type of situation I use a tool called Combofix (you need to talk a trained consultant ), then follow with either Superantispyware or Malwarebytes to clean the mess.. then depending on the results there are numerous tools to complete the task.
    As there is a chance of RAT (Trojan infection) I normally monitor an infected PC's network activity in case of a still hidden infection.. (That is why We recommend the Clean install)
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  5. #5
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I've never heard of Combofix, but I'm assuming there is a huge ballpark of these things I haven't since I don't really use Windows very often. What did you mean by the consultant part?

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Hmmmmm,

    What did you mean by the consultant part?
    Basically Combofix is quite a specialist tool and you need to understand it to use it safely, and effectively. In a way it is a bit like HijackThis! log interpretation

    In this situation I feel that save, reformat and reinstall is the only recommendable option.

    A variety of other approaches might include using Linux/Unix bootable media and rat hunting/saving. Otherwise just install a new "C" drive and slave the existing one..............kill the OS and browser on the old drive

    I like Malwarebytes as a general cleaner...........make sure to update it and run it in safe mode

    This does not sound as if it is "that bad", although I would say that if you found 500 instances of malware, then the box has been pretty much exposed?

  7. #7
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Ahh, that's what I thought was meant. I'm not to up to date on some of these tools in use right now. I do have Windows here, like on my laptop I have Windows XP loaded right now as I was playing Wolfenstein, but my situation was normally "OK, grab Ad Aware, update it, scan, and use AVG" but now Ad Aware seems to have gone down hill, so I use Spybot S&D, and all the browsers are immunized, and I also have AVG, the newest version, the free one, and that for me is enough because I do the following:

    1. I install patches. I don't let Windows Update even check for them because it's REALLY annoying when you first turn on the computer and need to do something (Especially for a Laptop) and you're sitting there waiting like "OK, what is taking so long??" and then you see that Windows Update is going off, your Anti Virus Software is going off, and then after 5 minutes you see "New Windows Updates Available...New Virus Definition files Available.... New Java Updates Available....New Flash Updates Available.".... And if you're not plugged in, your battery is going to be half dead by the time that crap finishes up and a lot of it is going to need a reboot. When you reboot, it starts again where you need 5 or 10 minutes to sit there waiting because it all runs again to check for more updates. So I turned all of it off.

    Just last night I was playing DooM 2, and kept lagging for some reason, only to find that the Definitions Database was running for a long period of time, and Div X was trying to update too. That drives me nuts, so I turn all of them off and then check for updates manually.

    2. I don't do a lot of web browsing on Windows unless it's well known like Wikipedia, here, and a few other trusted / trust worthy web sites.

    3. My Email has good filters and Spam stuff, so when I actually DO use Windows for email, which isn't often, I'm careful.

    Those things tend to make your machine safe enough that you don't have to look any further than freely available AVG which now also checks for Spyware / Mal Ware, and other threats online, and Spybot which also works enough for my needs.

  8. #8
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Gore my friend,

    I guess I am reading between the lines here, but if you have a work computer with 500 malware on it, you are pretty soon looking for a new job?

    Gotta be an EVP or senior management?

    Time for a new laptop, and let the brats play with the old one until it dies.

    Give her Vista with a limited account, full UAC and a few other little goodies I can think of

    Shouldn't be a problem as she should not be attempting to install software or change settings on a work computer? Hell! if you don't take control then the lunatics will fetch up running the asylum?

    Please check this out:

    http://www.tallemu.com/

    I might also be inclined to go to IE8 and use a different browser And DO save your bookmarks/favourites manually

  9. #9
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by nihil View Post
    Gore my friend,

    I guess I am reading between the lines here, but if you have a work computer with 500 malware on it, you are pretty soon looking for a new job?

    Gotta be an EVP or senior management?

    Time for a new laptop, and let the brats play with the old one until it dies.

    Give her Vista with a limited account, full UAC and a few other little goodies I can think of

    Shouldn't be a problem as she should not be attempting to install software or change settings on a work computer? Hell! if you don't take control then the lunatics will fetch up running the asylum?

    Please check this out:

    http://www.tallemu.com/

    I might also be inclined to go to IE8 and use a different browser And DO save your bookmarks/favourites manually
    Lol, yea, if you have a computer that you use at work and isn't your computer.... And you have THAT much crap on it, I'd assume anyone below manager would be screwed.

    I've thought about it for a long while where users are concerned:

    While the Cat is away the mice will be morons and try to stick their heads in the trap even when there is no Cheese

Similar Threads

  1. GP Folder Redirect problem
    By cheyenne1212 in forum Microsoft Security Discussions
    Replies: 9
    Last Post: July 24th, 2007, 03:30 PM
  2. forum redirect?
    By ba0 in forum Web Development
    Replies: 4
    Last Post: June 13th, 2005, 12:12 PM
  3. redirect port
    By jintao in forum Newbie Security Questions
    Replies: 3
    Last Post: August 23rd, 2003, 12:39 PM
  4. Using Javascript to redirect email address
    By dantesheaven in forum AntiOnline's General Chit Chat
    Replies: 1
    Last Post: July 31st, 2003, 03:54 PM
  5. Redirect
    By hellbringer87 in forum Site Feedback/Questions/Suggestions
    Replies: 1
    Last Post: June 24th, 2002, 05:08 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •