Author Topic: Google Redirect Virus. goes by Happili How do I get rid of it?  (Read 5198 times)

0 Members and 1 Guest are viewing this topic.

deezil

  • Guest
I have tried the combofix the tdskiller and then running avast but my searches on Google are all getting sent to this happili redirect.

Is therea a fix anyone can walk me through here? I have tried running a quick scan and a full scan on my pc and other than some adware avast doesnt pick it up.

Thanks ahead of time.
Deez

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #1 on: April 22, 2012, 12:12:30 AM »
follow the guide and attach logs from malwarebytes / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #2 on: April 22, 2012, 12:53:52 PM »
Could you confirm that this is in Firefox only ?

deezil

  • Guest
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #3 on: April 23, 2012, 10:21:36 PM »
Mine is in IE not Firefox.

Nothing seems to be able to get rid of it.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #4 on: April 23, 2012, 11:11:35 PM »
Could you attach the logs please

techlike99

  • Guest
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #5 on: April 25, 2012, 09:03:03 PM »
It's a system wide infection caused by a rootkit from the ZAccess family, most likely the ZAccess.fxd variant. It doesn't matter which browser you use. Too bad Avast doesn't have a fix for it since it's one of the most wide spread infections at the moment. Please correct me if I'm wrong.

First, use TDSS or ZeroAccess removal tools to remove the core components of this infection. TDSSKilkler is probably the most popular one but sometimes it fails to remove malicious memory modules, so the infection comes back once you restart your PC.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #6 on: April 25, 2012, 09:30:00 PM »
aswMBR and Avast 7 can cure some of the zero access variants, but bear in mind they are changing daily if not hourly

Also some variants have a protection driver, again aswMBR will remove that but TDSSKiller will not

Generally a manual removal is required

So a look at the logs would help

wcordova

  • Guest
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #7 on: May 03, 2012, 06:38:10 PM »
So...the question issue remains unsolved?....does Avast have an update or a tool to completely remove this virus?...is there a step-by-step way to remove it? Any assistance is appreciated.

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37509
  • Not a avast user
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #8 on: May 03, 2012, 06:58:52 PM »
Quote
.is there a step-by-step way to remove it? Any assistance is appreciated.
does this mean you are infected?
if so, see reply #1 here......start your own topic and attach the logs requested

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Google Redirect Virus. goes by Happili How do I get rid of it?
« Reply #9 on: May 03, 2012, 07:19:56 PM »
Generally Happi can be associated with an apparent legitimate file in addition to the MBR infection