Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Found out I have the trojan Reg/Seeker.......

May 30, 2004 9:17AM PDT

I found out through a free virus scan that the trojan Reg/Seeker has infected two files in this area of my computer. C:\_RESTORE\ARCHIVE\FS18.CAB and then the same as that one, but ends in /FS19.CAB. I run the Windows ME...can anyone tell me how I can get rid of this trojan. I just downloaded the 2004 McAfee VirusScan, but they said I can't delete or quarantine those files. I am thick-headed...so, if you can help, you have to make it easy for me to understand. Thanks in advance!!! snowflakeinpa

Discussion is locked

- Collapse -
Re:Found out I have the trojan Reg/Seeker.......
May 30, 2004 9:48AM PDT

Snowflake,

Here's McAfee's write up about that virus:

Reg/Seeker
http://vil.nai.com/vil/content/v_100108.htm

The infected files appear to be in your System Restore section. But because "Reg/Seeker" can hide elsewhere, please follow the instructions below:

First, temporarily disable System Restore using these instructions:

To disable Windows Me System Restore:

1. Click Start, point to ?Settings?, and then click ?Control Panel?.
2. Double-click the ?System? icon. The System Properties dialog box appears.

NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.

3. Click the ?Performance? tab, and then click ?File System?.
4. Click the ?Troubleshooting? tab, and then check ?Disable System Restore?.

Next, restart the computer into "Safe Mode" using these instructions:

Restart the computer, pressing the F8 key once per second, till it loads a selection screen. Use the up and down arrows to select "Safe Mode", press enter, and the computer will load into a safe mode. It looks like a normal screen but with Safe Mode in each of the four corners. When you?re done, restart the machine and it will boot normally.

AFter that, run a full system scan using your new Virus Scanner. Delete all infected file found. If it comes up negative, then reverse the procedures above to "re-enable" System Restore and restart your computer.

Hope this helps.

Grif

- Collapse -
Re: Found out I have the trojan Reg/Seeker.......
Oct 23, 2004 2:00PM PDT

I was having trouble with my settings on Internet Exployer being changed-like my defaul homepage,connection settings etc. I have bought the McafeeInternet Security Suite 2004 Ver.6.0 and had configured it to scan deep which includes the boot sector. Also had all the update.
It found the trojan Reg/Seeker in the C:\hp\region\EN_US-ie.reg-----and it did delete this trojan.--------Make sure you have all the updates installed and that it is configured properly.
And may I add"I hope and pray that one day all the hackers will get married and have 20 children to keep them busy"--------such a waste of good mental energy that could be used for more useful purposes.....

- Collapse -
Re: Found out I have the trojan Reg/Seeker.......
Nov 30, 2004 10:54PM PST

I had the same viruses as you. In order to take this off, you must go to the control panel. Double click on system icon. Then go to the Performance tab. Click on File System at bottom of window. Then go to Troubleshooting tab. Uncheck System Restore option. When prompted to reboot do so. After rebooting, run any virus scans you have. www.downloads.com has some good ones for free. You might even want to get a free program called Spybot. Which so far I have found to be the most effective spyware program out there(for free anyways). You turn your system restore back on the way you turned it off.. Hope that helps you. Worked for me.

- Collapse -
Re: Found out I have the trojan Reg/Seeker.......
Dec 1, 2004 11:42AM PST

How did you find out you had the trojan Reg/Seeker? I have windows xp and when i try to turn off system restore it says i will lose all of my restore points. Does that matter? Thanks

- Collapse -
Jofan, Use An Antivirus Program...
Dec 2, 2004 12:41AM PST

...plus a spyware removal program or two. If you don't use a reputable progrtam to determine exactly which infection you have, most of it is just "guess work". In your case, try using either, or both of the free online scanners at the links below. They should give you a clue as to your virus issues. (Your problem may be something else entirely though and losing all your restore points will result if you temporarily disable System Restore. See what the links below will do for you.):

Housecall Online Scanner

Panda Online Scanner


Next, download, install, update, then run the free spyware removal programs below:

Ad-Aware">http://www.lavasoftusa.com/support/download/]Ad-Aware