Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Happili redirect virus only in Firefox


  • Please log in to reply
3 replies to this topic

#1 John1234321nhoJ

John1234321nhoJ

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 09 April 2012 - 11:28 PM

I've done a lot of research before posting in here. I've removed the trojan exe and dll that were associated with this virus and scans from all sorts of scanners come up clean. The redirect only happens in Firefox and I remember reading somewhere that it's a hidden Firefox plugin in the registry somewhere. If anyone knows how to remove it directly let me know. Making me download 10 different virus scanners and post logs means you don't know actually know the specifics of what is causing this and you're just making me jump through hoops hoping that one of those random virus cleaning tools fixes the problem for you. A correct answer to this question would look like this: "look in XXXX registry folder and find an entry that looks like this: YYYYY. That's the the malicious hidden plugin that's redirecting random Google searches only in Firefox. Remove that." You see how that answer was direct? That's a real answer to this problem, not "run all of these 15 different scanners and post logs." That means you don't actually know the details of the Happili infection.

Edited by hamluis, 10 April 2012 - 05:01 AM.
Moved from Win 7 to Am i Infected.


BC AdBot (Login to Remove)

 


#2 hamluis

hamluis

    Moderator


  • Moderator
  • 55,388 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:10:05 PM

Posted 10 April 2012 - 04:59 AM

<<The redirect only happens in Firefox...>>

Have you tried...simply uninstalling Firefox...and reinstalling it?

I don't know much about malware but it seems unlikely to me that malware targets only a given browser. If such premise is valid, removing the browser and reinstalling it...should eliminate the troublesome files.

As for your apparent disdain for dealing with suspected malware issues via scans and malware removal tools...if you have better ideas about such, I suggest that you execute them, rather than disparaging the efforts of those who may be properly trained to deal with malware issues.

Louis

#3 John1234321nhoJ

John1234321nhoJ
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 10 April 2012 - 08:18 AM

reinstalling Firefox would mean I'd have to find and copy my profile folder so it could be replaced once the new installation is finished. I may potentially lose saved passwords etc. Because I need to keep my profile folder, I may not be getting rid of it because it may reside in my profile folder somehow. So all of that trouble could end up being for nothing. I need someone expert enough to know the details of how this redirect operates so he can tell me how to surgically remove it. I've already cleaned the initial trojan. I'm just left with this mysterious, intermittent, browser redirect. Need someone smart in here.

#4 John1234321nhoJ

John1234321nhoJ
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:10:05 PM

Posted 10 April 2012 - 02:20 PM

That's what I figured. Easy to tell someone to run 10 different scans. Hard to actually be experienced enough to know a browser redirect bug works and how to remove it.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users