IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Blekko Virus Hijacked My Home Pages, Rootkit Virus?
RtBt
post 14.05.2012 13:07
Post #1


Advanced Member I
***

Group: Members
Posts: 60
Joined: 11.02.2008




I thought I was downloading a PDF Manual for a home appliance and I inadvertently downloaded a virus that changed my Home Page in all three browser to mystart.com. I think it's the Blekko [spelling?] virsu which stopped me from manually resetting the home pages. So far, I edited the registry and removed every mention of Blekko and got my home pages restored. But something tells me the next time I reboot the problem will return.

What suggestions, if any, do you have which will enable me to get rid of this virus?

Thanks
Go to the top of the page
 
+Quote Post
richbuff
post 14.05.2012 13:34
Post #2


Are You Kidding?
*****************

Group: Moderators
Posts: 1000080
Joined: 14.06.2007




Settings > Advanced settings (cardboard box icon) > Threats and exclusions > Detection types > Settings > enable Other > ok>ok, and do a scan.
After that, please uninstall any and all junk toolbars > reboot, and uninstall/disable any and all junk browser add-ons, then remove any and all junk search providers in your browsers, then change your home page.

If still no go after that, please see the first Important topic of the Virus section of this forum.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
Berny
post 14.05.2012 20:37
Post #3


Forum Elite
**************

Group: Moderators
Posts: 11366
Joined: 30.10.2007




QUOTE(RtBt @ 14.05.2012 11:07) *
changed my Home Page in all three browser


In addition to Richbuff's suggestions
please also check if your HOSTS file hasn't been modified.

A Hosts file can control all the browsers that are installed on your system !

If this is the case you will have to reset your Hosts file back to the default values.

This post has been edited by Berny: 14.05.2012 20:44
Go to the top of the page
 
+Quote Post
RtBt
post 15.05.2012 01:58
Post #4


Advanced Member I
***

Group: Members
Posts: 60
Joined: 11.02.2008




QUOTE(Berny @ 14.05.2012 19:37) *
In addition to Richbuff's suggestions
please also check if your HOSTS file hasn't been modified.

A Hosts file can control all the browsers that are installed on your system !

If this is the case you will have to reset your Hosts file back to the default values.


Berny, thanks for the advice. I searched the Registry and there must have been around 50 entries with the word Host or Hosts. I didn't see anything unusual or suspicious.

It's been another 24 hours and all three browsers seem to be working properly again.

Thanks guys for your help. I'm hoping this is the end of a problem caused by my fatigue and stupidity over the weekend.
Go to the top of the page
 
+Quote Post
Berny
post 15.05.2012 11:32
Post #5


Forum Elite
**************

Group: Moderators
Posts: 11366
Joined: 30.10.2007




Hello,

Hosts file is located under "C:\windows\system32\drivers\etc"
Please check following MS FAQ concerning Hosts file http://support.microsoft.com/kb/972034

If any further issue please submit a Gsi log.
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 24.10.2014 15:15