Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Also hit by Happili

03 May 2012   #1

Windows 7 64bit
 
 
Also hit by Happili

Hi,

I was recently browsing on Internet Explorer 8 when I was suddenly being redirected from search engines to obvious malware sites. Looked it up and it's definitely the "Happili virus" as it's colloquially known. I uninstalled IE8 and installed Firefox, and while the problem perisisted, when I disabled the extension Performance Cache 1.0 all redirects immediately ceased. Moreover, I installed IE9 and have had no redirect issues whatsoever. Due to this, I believe my problem is less severe than a clean-install-requiring rootkit, but I don't wish to take any chances and came here to get the right steps to putting this away for good.

My System SpecsSystem Spec
.

03 May 2012   #2

Microsoft Windows 8.1 Pro 64-bit
 
 

Rock, welcome to Sevenforums!

Well, what antivirus software do you have installed? You might also install Malwarebytes to have it remove extra traces, and here is a quick removal tool for you from Microsoft: Microsoft Safety Scanner - Antivirus | Remove Spyware, Malware, Viruses Free
My System SpecsSystem Spec
03 May 2012   #3

Windows 7 64bit
 
 

Currently I have Superantispyware and AVG Free 2012 in addition to Malwarebytes. The former I have turned off for the sake of accomplishing effective fixes, and the latter two I have active.

I had GMER running to scan the other day, but I had to shut my computer down for reasons unrelated to this situation, ending the scan--it took hours for it to run through the registry files, and was still on a single folder therein when the scan ended.

Is there a set of steps that I should follow? Apologies if I am slow to respond as of right now, but no later than 8:30 am EST I should be online to work through the fix process as directed.
My System SpecsSystem Spec
.


04 May 2012   #4

Microsoft Windows 8.1 Pro 64-bit
 
 

Rock,

before you do anything else, let the safety scanner I sent to you previously run either downloaded from the internet or through a USB drive off of another computer (need to download it to the USB drive, then run it on the computer with the virus). Let it run for as long as it needs without stopping it. It can take hours. It will not install anything on your computer.

Then, update malwarebytes and run a full scan with it. You should be clean after that.

For good measure, make sure windows is completely updated through windows update (many updates close security loopholes). Update everything else, such as Java and Adobe flash. Update everything, like a madman, so that everything is secure. Then do this tutorial to fix any problems that may have been caused through the virus: SFC /SCANNOW Command - System File Checker - created by Brink

Then read on -

...From what I hear of tests performed and comments made here on this forum, AVG is one of the worst antiviruses. I would recommend another. Look here for a discussion on it: http://www.sevenforums.com/system-se...nti-virus.html, otherwise I recommend Microsoft Security Essentials ...
*However before you install another Antivirus (Should only have 1 antivirus at a time installed or they will conflict), remove AVG with its removal tool: http://download.avg.com/filedir/util..._2012_2125.exe ...
You do not have to remove AVG if you like it for whatever reason. It is just strongly recommended due to experience (I've personally tested it myself). It is probably better than nothing, however (Though I'm not too sure about that one).

Best of luck! Feel free to ask me anything you aren't sure of, and I'll try my best to answer. Let me know how it goes.
My System SpecsSystem Spec
04 May 2012   #5

Windows 7 64bit
 
 

Thanks for the assistance! I'm running the MS Scanner right now. Presently there is a monolithic file or destination in the Temp Internet Files folder called UOIMPLGB. The window isn't frozen but it's been stuck on this one for quite some time and it's not elapsing time anymore. The other day, when I had GMER running, I ran into this same problem--GMER was stuck on it for upwards of two hours, and I had to give up and go to bed before it was even done with it.

EDIT: Scan has managed to go through that file. Took almost 20 mins but still much faster than GMER was on it.
My System SpecsSystem Spec
04 May 2012   #6

Microsoft Windows 8.1 Pro 64-bit
 
 

Then delete all internet temp files. Under browsing history, select delete internet temp files, hit okay. you may have to go back and uncheck it after.
My System SpecsSystem Spec
04 May 2012   #7

Windows 7 64bit
 
 

Okay, scan is complete. It found a few Java exploiters, and Java has been updated and the malicious files removed. Started up Firefox, turned the Cache back on and no redirects were present.

The files were located under Appdata/Roaming from what I saw.

Thanks a lot for your help!
My System SpecsSystem Spec
04 May 2012   #8

Microsoft Windows 8.1 Pro 64-bit
 
 

You're welcome. Glad it is fixed. Remember that updates are your friend, especially your antivirus

Note that if you do not use Java, it is a very good idea to disable all java add-ons and uninstall it. It has a higher potential of getting viruses.
Some internet games use Java, but not all. The database aspect of Open Office uses Java, but most people do not use it. Not sure if you have any such programs that may need java to function, but most today do not.

cheers
My System SpecsSystem Spec
Reply

 Also hit by Happili




Thread Tools



Similar help and support threads for2: Also hit by Happili
Thread Forum
trojan.happili System Security
Another Happili Virus System Security
Happili Virus System Security
Happili infection System Security
Solved Another happili virus System Security
Happili virus as well System Security
happili virus! anyone? System Security

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 11:27 PM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33