Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

need happili virus questions answered


  • Please log in to reply
1 reply to this topic

#1 jimdays

jimdays

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 01 May 2012 - 10:48 AM

I wish that someone from Bleeping Computer would respond to these questions. I've got the happili redirect virus. I've tried the latest versions of Tdsskiller, Malwarebytes, Windows Defender, Kaperski Virus removal tool, Tea timer, rkill, unistall and reinstall Foxfire- none of these show that I have a virus. The redirect is quite random, maybe 1 in 10, sometimes much less. It is not very annoying, but I wonder, could the virus become more serious, or give me other problems? I see other people attaching logs from virus scanners, but it seems that at some point, someone might find a single software that will eliminate the virus. Since the experts on Bleeping Computer have looked at various logs, I would like to know (generally) where does the happili virus hide, why is it so hard to detect with the usual virus scanners? Do you think that at some point, the latest Malwarebytes or some other tool, will be able to detect the virus? I have an xp gateway netbook. If I restore windows from the hidden partition on the gateway netbook (or from the DVD restore disk), will that eliminate the virus, or would the virus still be present after restoring the whole drive?
I don't think the virus at present is annoying enough to restore the c drive ( and then have to reinstall some software).
Edit: I'll try the following advice and see what happens: In FireFox it may be the Add ons/Plugins. try disabling them one at a time and see which one was at fault.
Edit: I just disabled all add ons/plugins. There were a lot of them,15 to be exact. (see screenshot)Posted Image
Posted Image
Posted Image
I never installed any add ons/plugins. Apparently Firefox added all this stuff behind my back ( based on the programs already installed on the computer. This is definitely not good, and my intuition tells me that a virus could enter by some back door in Firefox. I'll keep all these add ons/plugs ins disabled for a few weeks and see if I still get the happili redirect. I'll report back with the result.

Edited by jimdays, 01 May 2012 - 10:59 PM.


BC AdBot (Login to Remove)

 


#2 jimdays

jimdays
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:12:32 AM

Posted 06 May 2012 - 08:21 PM

It's been 6 days since I had any Google redirect on Foxfire- since I disabled all Firefox add ons/plug-ins. I would say for people that are having problems with Google redirect with Firefox, disabling add ons/plug-ins (tools>add ons) takes less than a minute and that should stop the redirect problem. Uninstalling/reinstalling Firefox won't solve the redirect problem because uninstalling Firefox doesn't uninstall the add ons/plug-ins, and that is where the virus seems to hang out. Of course, the features related to the add ons/plug-ins won't work as long as they are disabled. The actual offending add-on is probably Shockwave Flash and/or Adobe Acrobat (see above screenshot). Shockwave Flash is also an Adobe product, so both are Adobe products. I don't trust Adobe (just have this bad feeling about Adobe), but I guess the Shockwave plug-in is needed to watch many videos.

Edited by jimdays, 06 May 2012 - 08:34 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users