Happili Trojan: Need Assistance With Complete Removal

Norton Security | Norton Internet Security
1

Hello - yesterday (9/26) I was browsing (ie) doing researching as I have done for weeks on end and suddenly my browser became slow, unstable and unresponsive.  I have been watching lots of videos on youtube for several days in a row so I figured a deletion of temp files, etc. and a reboot would sove the problems.  When my system started back up, it was incredibly slow and after logging in to windows (7) it got stuck on the black screen just before loading the desktop and it would never load after waiting more than 30 minutes.  I restarted in safe mode, did a malwarebytes scan and discovered the happili trojan.  After doing some research it seems that despite malwarebytes having said it was quar. and removed, my computer is still running incredibly slow and many times unresponsive.  I am able to start in safe mode with network capabilities which takes forever, hence my accessing this web page but still cannot start up in regular mode.  I've tried a couple of things to rid of it pasted below, but the first option did not detect anything and the second said it only worked with 32bit systems, which i have no clue what that means because I thought that's what I have. 

 

Two things I tried to resolve: (update 402pm...edited message to remove hyperlinks and just type in text the name of the two solutions I tried. Sorry for the links)

Kaspersky TDSSKiller (detected nothing)

Webroot antiZeroaccess (received message saying it only worked with 32b systems)

 

I am finding after researching here and other areas that help is very specific to users so I decided to register here and post my issue begging for assistance. :-)  I used to work for Symantec and know that it's one of the most secure/reputible places to go for help.  I should mention however, I do NOT have Norton antivirus.  I have Avast... but scan with malwarebytes on a regular basis.  Not sure if that will still allow me to get help but I'm hoping so.  

 

Quick question: is this virus transmitted via web browser exclusively or can it be sent over a program as well such as paltalk? FYI, I do use paltalk often but NEVER accept files from anyone but I do understand that my system may still be vulnerable due to the audio and web cam capabilities, the latter I haven't done in weeks.

 

Below please find the log from my scan in malwarebytes last night.  As you can see it took over 4 hours to do a full scan, which has NEVER happened.  I anxiously await your reply and thank you in advance!

 

Jenn

 

 

Maylwarebytes Log 9/26/12

 

Malwarebytes Anti-Malware 1.65.0.1400
removed malwarebytes link

Database version: v2012.09.11.09

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Jenn :: WONDERMOMMA [administrator]

9/26/2012 8:20:33 PM
mbam-log-2012-09-26 (20-20-33).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 428762
Time elapsed: 4 hour(s), 12 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Jenn\AppData\Local\Temp\0.026535462446340086 (Trojan.Happili) -> Quarantined and deleted successfully.

(end)

 

 

2
WonderMomma wrote:

 

 

Two things I tried to resolve: (update 402pm...edited message to remove hyperlinks and just type in text the name of the two solutions I tried. Sorry for the links)

Kaspersky TDSSKiller (detected nothing)

Webroot antiZeroaccess (received message saying it only worked with 32b systems)

 

   I used to work for Symantec and know that it's one of the most secure/reputible places to go for help.  I should mention however, I do NOT have Norton antivirus.  I have Avast... but scan with malwarebytes on a regular basis.  Not sure if that will still allow me to get help but I'm hoping so.  

 


 

Jenn


 

 

Since you don't have a Norton product,  but Avast,  you will need to visit http://forum.avast.com/ and seek help.  As you used to work for Symantec you should know that Norton Community is for Norton product support.

 

Dave

3

Well, I was and executive admin for a VP of channel/bus. development at Symantec about 6 years ago, so in an administrative support role, no, I had no idea that this community forum was strictly for norton product holders.  Since I've gotten help from norton tools online before, just from searching the web, I thought perhaps you all  may be able to help me regardless of my AV software.  unfortunately, my computer is extremely unstable and i just wanted to try to get help as directly and securely as possible as it takes 5 minutes for pages to load whenever i refresh or go onto any website or when i try to load ANY programs in windows. 

 

anyway, thanks anyway.  i will try the site you suggested.  i hope they won't refuse me because i only have the free version.  :-/  if i get really desperate, i may have to DL a trial of norton and coming back here. regardless i will be monitoring my thread... just in case someone decides to help.  

 

many thanks

jenn

4

Another option is to visit one of the malware removal sites.

 

http://www.bleepingcomputer.com/

 

http://www.geekstogo.com/forum/

 

http://www.cybertechhelp.com/forums/

 

http://forums.whatthetech.com/index.php?

5

Found the new thread for the product

 

http://forum.avast.com/index.php?topic=106315.msg845534#msg845534

 

Quads

6

Hello - yesterday (9/26) I was browsing (ie) doing researching as I have done for weeks on end and suddenly my browser became slow, unstable and unresponsive.  I have been watching lots of videos on youtube for several days in a row so I figured a deletion of temp files, etc. and a reboot would sove the problems.  When my system started back up, it was incredibly slow and after logging in to windows (7) it got stuck on the black screen just before loading the desktop and it would never load after waiting more than 30 minutes.  I restarted in safe mode, did a malwarebytes scan and discovered the happili trojan.  After doing some research it seems that despite malwarebytes having said it was quar. and removed, my computer is still running incredibly slow and many times unresponsive.  I am able to start in safe mode with network capabilities which takes forever, hence my accessing this web page but still cannot start up in regular mode.  I've tried a couple of things to rid of it pasted below, but the first option did not detect anything and the second said it only worked with 32bit systems, which i have no clue what that means because I thought that's what I have. 

 

Two things I tried to resolve: (update 402pm...edited message to remove hyperlinks and just type in text the name of the two solutions I tried. Sorry for the links)

Kaspersky TDSSKiller (detected nothing)

Webroot antiZeroaccess (received message saying it only worked with 32b systems)

 

I am finding after researching here and other areas that help is very specific to users so I decided to register here and post my issue begging for assistance. :-)  I used to work for Symantec and know that it's one of the most secure/reputible places to go for help.  I should mention however, I do NOT have Norton antivirus.  I have Avast... but scan with malwarebytes on a regular basis.  Not sure if that will still allow me to get help but I'm hoping so.  

 

Quick question: is this virus transmitted via web browser exclusively or can it be sent over a program as well such as paltalk? FYI, I do use paltalk often but NEVER accept files from anyone but I do understand that my system may still be vulnerable due to the audio and web cam capabilities, the latter I haven't done in weeks.

 

Below please find the log from my scan in malwarebytes last night.  As you can see it took over 4 hours to do a full scan, which has NEVER happened.  I anxiously await your reply and thank you in advance!

 

Jenn

 

 

Maylwarebytes Log 9/26/12

 

Malwarebytes Anti-Malware 1.65.0.1400
removed malwarebytes link

Database version: v2012.09.11.09

Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Jenn :: WONDERMOMMA [administrator]

9/26/2012 8:20:33 PM
mbam-log-2012-09-26 (20-20-33).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 428762
Time elapsed: 4 hour(s), 12 minute(s), 26 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Users\Jenn\AppData\Local\Temp\0.026535462446340086 (Trojan.Happili) -> Quarantined and deleted successfully.

(end)