The Straight Dope

Go Back   Straight Dope Message Board > Main > General Questions

Reply
 
Thread Tools Display Modes
  #1  
Old 06-02-2012, 05:23 PM
TheChileanBlob TheChileanBlob is offline
Guest
 
Join Date: Dec 2008
Blekko virus

Guys, please help me. I have the Blekko virus, which is some kind of search hijacker. I got it, ironically enough, from Cnet's download of the Revo uninstaller. I've run Malwarebytes and Avast. I've done a system restore back to 5/31 (just got virus today). Though for sure everything was ok but no, it's still there. I've googled it (you wouldn't believe how hard it was just to GET to Google) but I'm paranoid now that any cure I find will be some other evil thing. I trust you guys.
Reply With Quote
Advertisements  
  #2  
Old 06-02-2012, 11:53 PM
TheChileanBlob TheChileanBlob is offline
Guest
 
Join Date: Dec 2008
Bumping...

Here's the Wikipedia talk page about Blekko. The article itself is supposedly a normal article about Blekko, an alternative to Google, but the talk page is all one guy saying "How come my edits keep getting reverted when I've said that Blekko is malware?" and the other guy going "how dare you malign Blekko! You can't point to a single peer-reviewed journal article that says Blekko is a virus! All your anecdotal evidence showing that people have had Blekko downloaded without their knowledge through CNet is unsubstantiated! This is completely against the rules of Wikipedia!"

Anyway, I set the default search engine back to Google and "x"ed Blekko off of the list. Is that enough?
Reply With Quote
  #3  
Old 06-03-2012, 12:13 AM
Crazyhorse Crazyhorse is offline
Guest
 
Join Date: Sep 2008
You might want to check the HOSTS file (Windows/system32/drivers/etc/HOSTS) It can be opened in notepad. If it has a bunch of entries you didn't make you can reset it to the Windows defaults. Instructions for doing that can be found here. I'm not sure if that is a complete solution but it is the most basic way something might be hijacking your requests. If you or an administrator of the system have edited the file for whatever reasons those changes will be lost so make a backup of it if you aren't sure.
Reply With Quote
  #4  
Old 06-03-2012, 12:29 AM
Flyer Flyer is offline
Guest
 
Join Date: Feb 2012
There's a considerable amount of contradictory information about Blekko. However, most of the sites I found which claimed that it's a virus are written in suspiciously broken English. My best guess is that it's some sort of overly-aggressive but semi-legitimate program, rather than actual malware.

In addition to checking your HOSTS file, some of the information on this site might help you.
http://forums.avg.com/us-en/avg-foru...=204213&type=0
Reply With Quote
  #5  
Old 06-03-2012, 04:15 PM
clairobscur clairobscur is offline
Charter Member
 
Join Date: Aug 2001
Location: Paris
Posts: 14,059
Quote:
Originally Posted by Flyer View Post

In addition to checking your HOSTS file, some of the information on this site might help you.
http://forums.avg.com/us-en/avg-foru...=204213&type=0

This link states that just reverting the homepage to its original setting is enough to get rid of the issue.

And also that it might a scam intended to have people buy a fix for something that actually doesn't cause any damage apart from changing your browser's settings.

Last edited by clairobscur; 06-03-2012 at 04:18 PM..
Reply With Quote
  #6  
Old 09-24-2012, 10:52 PM
Jamicat Jamicat is offline
Guest
 
Join Date: Dec 2008
rrr...i just got this thing >:

Bastards

It doesn't show up anywhere to remove it...How can they call themselves a legitimate company?

HATE AND STABBY >:

Last edited by Jamicat; 09-24-2012 at 10:54 PM..
Reply With Quote
  #7  
Old 09-25-2012, 07:40 PM
Jamicat Jamicat is offline
Guest
 
Join Date: Dec 2008
http://support.mozilla.org/en-US/questions/854441

Apparently the Ad-Aware Security 2.2 Add-On is the culprit...Disable it.
Reply With Quote
  #8  
Old 09-25-2012, 08:08 PM
drachillix drachillix is online now
Guest
 
Join Date: Jun 2000
Quote:
Originally Posted by Flyer View Post
My best guess is that it's some sort of overly-aggressive but semi-legitimate program, rather than actual malware.
IAAComputer Tech

Blekko search is a legit, but spread via a scummy method. They are paying C-net to bundle this. Lots of things including acrobat reader (mcaffee scan and chrome), java (ask toolbar) are doing this kind of thing.

Worse case scenarios, go to browser settings ---> internet options ---> advanced ---> reset.

This will clear all user customizations to the browser including most toolbars

Also going to settings ---> general ---> button marked settings under search ---. select blekko if present and near the lower right corner hit the button marked delete to remove is from search options.

If for some reason its still not letting go contact me, I will set up a remote session and pull it out, no charge if limited to blekko removal only

www.pcsearchandrescue.com

Last edited by drachillix; 09-25-2012 at 08:10 PM..
Reply With Quote
  #9  
Old 09-25-2012, 11:31 PM
Jamicat Jamicat is offline
Guest
 
Join Date: Dec 2008
There were no references to it anywhere I looked on my comp.

It was attached to another program that was running.

Which made it hard to locate.

I found no posts for the references of the .dll/.exe associated with it.

Kinda silly way to market your product...posing as a VIRUS.
Reply With Quote
  #10  
Old 09-26-2012, 10:22 AM
Ionizer Ionizer is offline
Guest
 
Join Date: Jan 2010
Quote:
Originally Posted by drachillix View Post
IAAComputer Tech

Blekko search is a legit, but spread via a scummy method. They are paying C-net to bundle this. Lots of things including acrobat reader (mcaffee scan and chrome), java (ask toolbar) are doing this kind of thing.

Worse case scenarios, go to browser settings ---> internet options ---> advanced ---> reset.

This will clear all user customizations to the browser including most toolbars

Also going to settings ---> general ---> button marked settings under search ---. select blekko if present and near the lower right corner hit the button marked delete to remove is from search options.

If for some reason its still not letting go contact me, I will set up a remote session and pull it out, no charge if limited to blekko removal only

www.pcsearchandrescue.com
I just wanted to say publicly what a great thing to do for the Dopers. You shall always remain at top of my list for any time I need (more) PC stuff/info (!!!).

I learned a short while back, (from BigT, iirc?) that CNET had 'bundled' this kind of crap into its regular downloads, and I have not even gone to that site since. Calling it scummy, imho, is an understatement

Again - thanks for the help you give 'round these parts!
Reply With Quote
  #11  
Old 10-03-2012, 10:24 AM
drachillix drachillix is online now
Guest
 
Join Date: Jun 2000
Quote:
Originally Posted by Ionizer View Post
Again - thanks for the help you give 'round these parts!
a good excuse to post a link to my site from something with this much traffic is totally worth it.
Reply With Quote
Reply



Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 11:05 PM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.

Send questions for Cecil Adams to: cecil@chicagoreader.com

Send comments about this website to: webmaster@straightdope.com

Terms of Use / Privacy Policy

Advertise on the Straight Dope!
(Your direct line to thousands of the smartest, hippest people on the planet, plus a few total dipsticks.)

Publishers - interested in subscribing to the Straight Dope?
Write to: sdsubscriptions@chicagoreader.com.

Copyright 2013 Sun-Times Media, LLC.