05-13-2012 08:28 AM
I seem to have picked up the Happili infection, so far it doesn't seem to be affecting Explorer or Firefox but does redirect Google searches in Chrome. In addition "happili" is now pinned to the Chrome menu in Programs. Once I experienced a computer slowdown but it seems to be operating at normal speed now.
I have read the "fixed thread" on the forums, should I run and post the aswMBR and OTL scans? I have run the full Norton scan without any results.
I am running Windows 7 x64, Windows and the browsers are up to date with patches. Is there a source of information on how happili is spread? We don't any exotic websites or downloads, and any thumb drives do get scanned by Norton.
Solved! Go to Solution.
05-13-2012 01:31 PM
Uninstall Chrome completely and when it asks about removing all the browsing data, remove all of that to (YES).
Download a fresh copy of Chrome and install it, and see if the redirect happens after a nice new fresh install.
05-13-2012 09:38 PM
So far no redirects, at one point Chrome seemed to be running slowly but is fine now, probably was the internet itself. Will continue to monitor. Any other advice on what actions to prevent a recurrence?
05-13-2012 09:45 PM
Please read carefully and Slowly
Please scan with ESET next Using Internet Explorer
I'd like us to scan your machine with ESET OnlineScan
If you think a log should have been generated then go to C:\Program Files\ESET\ESET Online Scanner\log.txt to find it.
05-14-2012 04:35 PM
The scan found two problems. There wasn't a log file generated, I checked the indicated location and did a search for Eset. I've saved and attached the scan results.
05-14-2012 04:52 PM
Please do not run any tools unless instructed to do so.
Please read every post completely before doing anything.
Please read carefully Read all of this message first
Download Combofix http://www.bleepingcomputer.com/download/anti-viru
Doiwnload the attached CFscript.txt, , For some browsers Right Click the attachment on the forum and select "Save AS" or similar to Download it. See screenshot below.
Now drag the CFScript.txt into the ComboFix.exe
****Note: Do not mouseclick combofix's window while it's running. That may cause it to stall or freeze ****
Note: ComboFix may reset a number of Internet Explorer's settings, including making it the default browser.
Note: Combofix prevents autorun of ALL CDs, floppies and USB devices to assist with malware removal & increase security.
05-14-2012 08:44 PM
Unfortunately I was unable to download the CFscript.txt after downloading combofix, there seems to be a formatting problem with your message, the link is treated as part of the right click menu jpeg. I've attached a snip of that portion of your message.
Unfortunately it looks like I can't attach a png file, hopefully you will see what I see.
05-14-2012 08:48 PM
I have just tried it and right ckicking on the attachment link down the bottom of the message works ansd saves as a text file.
Don't click on the screenshot in the instructions that does save as a .jpg.