Jump to content
Sign in to follow this  
white_cloud_8

Reg/seeker

Recommended Posts

Hi,

 

This is the first virus I have ever got :woot:. The infected file name is:

 

C:\hp\region\EN_US-ie.reg

 

The virus name is: Reg/Seeker

 

I did a virus scan using my Norton AntiVirus 2003 and it did not find any infected items (a typical scan that I run every week), then I did a quick scan using the PC Pitstop Virus Scan and nothing came up, and, finally on the same page where I did the quick scan I seen McAfee's Free Scan, so I tryed that and scanned my C Drive and was I surprised, I had a virus :blank:. Why didn't both my Norton and the PC Pitstop Virus Scan (quick scan) pick up on it?

Share this post


Link to post
Share on other sites

Jacee, which one of the links you provided should I be looking more closely at because it looks like there are a few variations of this virus (trojan)?

Share this post


Link to post
Share on other sites

'kay thanx :mrgreen:, what is the best method for removing the virus?  :look:

(Quote by MacAfee)

Users may also see a slightly different version of this virus, which is detected as Reg/Seeker. The only difference is that Reg/Seeker resides in a *.reg file rather than a Java script.

 

Click on some of the links in the article by McAfee about removal. This also might be worth a try:

 

http://vil.nai.com/vil/stinger/

 

I came across this removal instruction in another forum:

 

http://reviews.cnet.com/5208-6121-0.html?f...essageID=266505

 

Let us know please.

 

Hawk :beer:

Edited by Hawk

Share this post


Link to post
Share on other sites

Hi,

 

I tryed using Stinger w/Norton AntiVirus turned off and nothing came up :blank:, and, then I turned off system restore and rebooted in safe mode and did a virus scan using Norton (nothing came up), I did the opposite (turned on system restore and rebooted in safe mode and did a virus scan using Norton and nothing came up). Finally, I used McAfee Free Scan (again) and the same infected file came up once again.

 

C:\hp\region\EN_US-ie.reg (infected file name), Reg/Seeker (virus name)

 

 

What other options do I have for removal?

Edited by white_cloud_8

Share this post


Link to post
Share on other sites

Okay, here is how it breaks down:

 

CW Shredder - did not come up with any infected files

 

Windows Security Trojan scan - nothing found

 

X Cleaner - did not come up with the infected file Reg/Seeker, but it came up with a dangerous file called 'realbar' (it was removed)

 

Swat It! - nothing came up

 

 

I really don't know what to do now :mrsgreen::blank: :help:

Edited by white_cloud_8

Share this post


Link to post
Share on other sites

Hi white cloud,

 

When push comes to shove, this may be the best way to go:

 

Create a folder & name it HJT. Put the folder in "My Documents". Download HIJACK THIS from HERE & put in folder in My Documents.

http://radiosplace.com/

 

Do NOT attempt to fix anything yourself please.

 

READ THIS:

http://pcpitstop.ibforums.com/index.php?ac...ST&f=25&t=36065

 

Post log HERE:

http://pcpitstop.ibforums.com/index.php?act=SF&f=25

 

 

Good luck,

 

Hawk :beer:

Edited by Hawk

Share this post


Link to post
Share on other sites

Hey Inp, good link.

 

Thanks...I'll hold on to that one. :mrgreen:

 

Hawk :beer:

Share this post


Link to post
Share on other sites

I can't seem to find the damn file anywhere. :pullhair: I checked HP_PAVILION (C:)>Program Files>Hewlett-Packard, and, I can't see that specific file.

Share this post


Link to post
Share on other sites

I can't seem to find the damn file anywhere. :pullhair: I checked HP_PAVILION (C:)>Program Files>Hewlett-Packard, and, I can't see that specific file.

Hi white cloud,

 

Think you should run the HJT & post a log. Go back a few posts & you will find the info I posted.

 

Regards,

 

Hawk :beer:

Share this post


Link to post
Share on other sites

It's already been done Hawk and it's clean. :)

 

Inp. ;)

Thanks Inp....wasn't aware :blink:

 

 

Hawk :beer:

Share this post


Link to post
Share on other sites

Hi,

 

I did a search with the hidden files/folders shown, and, I typed in C:\hp\region\EN_US-ie.reg and it came up with 'EN US-ie.reg', in folder: C:\hp\region\, size: 1 KB, type: Registration Entries, when I clicked on the file there was a pop up from Registry Editor saying: Are you sure you want to add the information in C:\hp\region\EN_US-ie.reg to the registry? I didn't click yes, but I also didn't find the file in the 'Hewlett-Packard' folder either :erm:.

Share this post


Link to post
Share on other sites

If it's your printer, what happens if you uninstall and delete everything associated with it? Just an idea. Don't do anything yet :woot:

 

:beer:

Share this post


Link to post
Share on other sites

I thought HP might be a printer. Never mind :mrwinky:

 

:beer:

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...