Hello - please forgive the long post, just want to provide as much detail as possible.
Yesterday (9/26) I was browsing (ie) doing researching as I have done for weeks on end and suddenly my browser became slow, unstable and unresponsive. I have been watching lots of videos on youtube for several days in a row so I figured a deletion of temp files, etc. and a reboot would solve the problems. When my system started back up, it was incredibly slow and after logging in to windows (7) it got stuck on the black screen just before loading the desktop and it would never load after waiting more than 30 minutes. I restarted in safe mode, did a malwarebytes scan and discovered the happili trojan. After doing some research it seems that despite malwarebytes having said it was quar. and removed, my computer is still running incredibly slow and many times unresponsive. I am able to start in safe mode with network capabilities which takes forever, hence my accessing this web page but still cannot start up in regular mode. I’ve tried a couple of things to rid of it pasted below, but the first option did not detect anything and the second said it only worked with 32bit systems, which i have no clue what that means because I thought since I have a 64bit sys it would automatically work.
Two things I tried to resolve:
Kaspersky TDSSKiller (detected nothing)
Webroot antiZeroaccess (received message saying it only worked with 32b systems)
NOTE: I have stopped using ie and have been using chrome since able to be in safe
mode/networking and shockwave is extremely unstable and keeps crashing, so i disabled it in chrome:plugins. Also it may be worth noting that as far as i know, I’ve never had any redirect issues as most have with this trojan. My system has just been very unstable and will NOT load normally. Websites and any applications sometimes take a very long time to load.
Something else that’s been happening for about two weeks… my taskbar would pop up a message stating something about a usb device that i used was not compatible (or something cannot remember exact). what’s strange is that i was not using any usb devices when receiving this message. then about a 1.5 week ago, i plugged in a usb webcam and got a bluescreen crash. i immediately unplugged my laptop and removed the battery. then today, while looking around the community board here, i suddenly got another blue screen crash. did the same thing as before, and upon my next safe mode/networking boot up, i got stuck on the black screen again as if i was booting up normally (immediately after signing in to windows7). I had to remove my battery and upon the 2nd attempt was able to get back on in safe/networking.
I am finding after researching that help is very specific to individual users so I decided to register here and post my issue begging for assistance. I have Avast as my AV software… but scan with malwarebytes on a regular basis.
Quick question: is this virus transmitted via web browser exclusively or can it be sent over a program as well such as paltalk? FYI, I do use paltalk often but NEVER accept files from anyone but I do understand that my system may still be vulnerable due to the audio and web cam capabilities, the latter I haven’t done in weeks.
Below please find the log from my scan in malwarebytes last night. As you can see it took over 4 hours to do a full scan, which has NEVER happened. I anxiously await your reply and thank you in advance!
Jenn
Maylwarebytes Log 9/26/12
Malwarebytes Anti-Malware 1.65.0.1400
removed malwarebytes link
Database version: v2012.09.11.09
Windows 7 Service Pack 1 x64 NTFS (Safe Mode)
Internet Explorer 9.0.8112.16421
Jenn :: WONDERMOMMA [administrator]
9/26/2012 8:20:33 PM
mbam-log-2012-09-26 (20-20-33).txt
Scan type: Full scan (C:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra |
Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 428762
Time elapsed: 4 hour(s), 12 minute(s), 26 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 1
C:\Users\Jenn\AppData\Local\Temp\0.026535462446340086 (Trojan.Happili) → Quarantined and deleted successfully.
(end)