How to get rid of blekko search engine virus [Solved], Blekko virus... Please help. Options

[vineet]

Hello WTT team,

Apparently my system installed blekko search engine, that some people claim as virus.
I had several pc crash's.. But never thought it due to this virus.

Could you help in removal of thos virus...
Thank you,
Vineet

[jeffce]

Hi and Welcome!! My name is Jeff. I would be more than happy to take a look at your malware results logs and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:

• I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
  
• Please subscribe to this topic, if you haven't already. You can subscribe by clicking the Watch Topic button to the right of your topic title and then choosing the notification method ( Recommended: Inmediate Notification)
  
• The fixes are specific to your problem and should only be used for the issues on this machine.
  
• Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
  
• It's often worth reading through these instructions and printing them for ease of reference.
  
• If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
  
• Please reply to this thread. Do not start a new topic.

IMPORTANT NOTE : Please do not delete anything unless instructed to.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision.
Doing so could make your system inoperable and could require a full reinstall of your OS losing all your programs and data.

Vista and Windows 7 users:
These tools MUST be run from the executable (.exe) every time you run them
with Admin Rights (Right click, choose "Run as Administrator")

Stay with this topic until I give you the all clean post.
----------

• Download OTL to your desktop.
• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
• When the window appears, underneath Output at the top change it to Minimal Output.
• Check the boxes beside LOP Check and Purity Check.
• In Custom Scans/Fixes put the following:
  netsvcs
  /md5start
  consrv.dll
  /md5stop
• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt.
    Note:These logs can be located in the OTL. folder on you C:\ drive if they fail to open automatically.
  • Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time, and post it with your next reply. You may need two posts to fit them both in.

----------

Please download aswMBR to your desktop.

• Double click the aswMBR icon to run it.
• Click the Scan button to start scan.
• When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

Click the image to enlarge it
----------

In your next reply please post both of the logs made by OTL and the log made by aswMBR.exe.

[vineet]

Oopss..

This post has been edited by vineet: May 13 2012, 02:13 AM

[vineet]

Oops..

This post has been edited by vineet: May 13 2012, 02:12 AM

[vineet]

Oopss.

This post has been edited by vineet: May 13 2012, 02:12 AM

[vineet]

Oops..

This post has been edited by vineet: May 13 2012, 02:10 AM

[jeffce]

Hi,

Is this a business/corporate computer? Did you know your system is set up to use a proxy server?

[vineet]

hello jeff...

Yes...decided to have it completely reimaged.
Didnt mean to waste your time...

Please close the topic..

Thank you
Vineet

This post has been edited by vineet: May 13 2012, 02:39 AM

[jeffce]

Ok...thank you for letting me know.

[jeffce]

Since this issue appears to be resolved ... this Topic has been closed. Glad we could be of assistance.

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please follow the instructions here http://forums.whatthetech.com/you_Infected_t106388.html
and start a New Topic.