virus removal

  • Thread starter Thread starter -D-
  • Start date Start date
D

-D-

I just did an online virus scan from symantec and found two viruses on my
PC.

js.seeker
vbs.startpage

Are there any online fixes for these two viruses? I assume that if I
deleted the files that they would just come back? Or, is there a way to
remove the viruses manually? From what I read, it altered some registry
keys.

Thanks in advance for any help.
-D-
 
I just did an online virus scan from symantec and found two viruses on my
PC.

js.seeker
vbs.startpage

Are there any online fixes for these two viruses? I assume that if I
deleted the files that they would just come back? Or, is there a way to
remove the viruses manually? From what I read, it altered some registry
keys.

Thanks in advance for any help.
-D-
Click to expand...
Get Spybot search & destroy - d/l read info, update & run
http://www.safer-networking.org/index.php?page=download

as well as hijack this - d/l read info, run, & post results so you don't
mess your pc up worse than it is now.
http://mjc1.com/mirror/hjt/

the trojan has hijacked your browser. Look at your phone bill to make
sure a dialer program wasn't calling "expensive internet companies"

& get an Anti-Virus Program
AVG is free & works real well
http://www.grisoft.com/us/us_index.php
 
Get Spybot search & destroy - d/l read info, update & run
http://www.safer-networking.org/index.php?page=download

as well as hijack this - d/l read info, run, & post results so you don't
mess your pc up worse than it is now.
http://mjc1.com/mirror/hjt/

the trojan has hijacked your browser. Look at your phone bill to make
sure a dialer program wasn't calling "expensive internet companies"

& get an Anti-Virus Program
AVG is free & works real well
http://www.grisoft.com/us/us_index.php
Click to expand...
It's a bit early & forgot, that if you are on Win Xp, you'll need to
make sure that you show all files & programs, turn off system restore,
run the spybot s&d on all accounts, & then turn syst. restore back on
when it is gone.
 
snip
It's a bit early & forgot, that if you are on Win Xp, you'll need to
make sure that you show all files & programs, turn off system restore,
run the spybot s&d on all accounts, & then turn syst. restore back on
when it is gone.
Click to expand...

how do you run spybot on all user accounts?
we have 3 and it only checks the active one.
Thanks
 
-D- said:
I just did an online virus scan from symantec and found two viruses on my
PC.

js.seeker
vbs.startpage
Click to expand...

It would also be helpful to know the filenames involved as well
as the location in which the affected files were found.

It would be a shame to jump though hoops for inactive
malware in temp or restore directories.
Are there any online fixes for these two viruses?
Click to expand...

It would be best to submit the files in question to other
scans to eliminate the possibility (likelihood) of a false
positive detection from an online scan. Even if these are
positively the malware that the scan says they are, it
doesn't mean they are now or ever were a threat.
I assume that if I deleted the files that they would just come back?
Click to expand...

....or worse.
Or, is there a way to remove the viruses manually?
Click to expand...

Many (worms) can be removed manually by following the
manual removal instructions provided by the various AV
vendors' websites.
From what I read, it altered some registry keys.
Click to expand...

If you read the descriptions of the malware, sometimes you can
look for the registry keys it mentions to help you to determine
if anything actually installed ~ if you are able to determine that
the malware files were never actually executed (installed), then
you may be able to just delete the detected file(s) and be done
with it.
Thanks in advance for any help.
Click to expand...

Others have given you links to some good tools to have even
if this turns out to not need them.
 
The filenames for each virus is as follows:

The JS.Seeker file and directory path: WINNT\update12.js

The VBS.Startpage file and directory path: WINNT\update911.js

Both of these were affecting my PC with the symptoms described in the virus
summaries from the AV websites:

It was causing my browser homepage to get reset to your-search.cc and also
when I search on the web, I get directed to your-search.cc instead of the
actual search link. The threat level of these trojan viruses were labeled
low and it has been more of an annoyance than anything. I just reset my
homepage, but after a couple of hours, wham, back to your-search.cc...same
thing when web searching.

I checked several online scans and the viruses were consistently detected.
I downloaded Symantec's trial AV Professional software package. That turned
out to be worthless. I scanned with the trial version and no viruses showed
up, yet the online scan from Symantec's website showed the viruses. Plus,
the symptoms are still occurring on my PC. So, the viruses are still at
work. Is this typical of an AV software package to do? I wanted to test
the trial version before buying it, but it didn't even detect the viruses.
So, Norton is off the table. I also noticed that it slowed my PC down to a
crawl. I could barely launch Windows Explorer without it taking several
minutes. Is that normal or is Norton a system hog?

I've run SpyBot and it found some registry problems that I corrected, but I
don't believe it has cleaned the viruses off my system.

If it is all possible to manually clean the viruses off my PC, then I would
certainly prefer to do that. If not, is there a good AV software package
you can recommend that will clean these viruses off my PC?

Thank you for your help. I appreciate it.
-D-
 
-D- said:
I just did an online virus scan from symantec and found two viruses
on my PC.

js.seeker
Click to expand...

"Install the Microsoft patch
This worm takes advantage of a known Microsoft Outlook/Outlook Express
security hole. Microsoft has provided a patch for this security hole at
http://www.microsoft.com/technet/security/bulletin/MS99-032.asp"

vbs.startpage
Click to expand...

"The VBS.StartPage Trojan horse alters the Microsoft Internet Explorer
default home page without permission. The Trojan horse arrives as a file
with the .vbs extension.
When VBS.StartPage is executed, it makes changes to the registry key:

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page

Update the virus definitions.
Run a full system scan and delete all the files detected as VBS.StartPage.
Reset your Internet Explorer home page.

Are there any online fixes for these two viruses? I assume that if I
deleted the files that they would just come back? Or, is there a way
to remove the viruses manually? From what I read, it altered some
registry keys.

Thanks in advance for any help.
-D-
Click to expand...
hope it helps
-max
--
'When you have a degree-you don't know everything-just a degree'-Dr
Miles Munroe This message is virus free as far I can tell
Change nomail.afraid.org to hotmail.com so you can reply
(nomail.afraid.org has been set up specifically for
use in Usenet. Feel free to use it yourself.)
 
-D- said:
The filenames for each virus is as follows:

The JS.Seeker file and directory path: WINNT\update12.js

The VBS.Startpage file and directory path: WINNT\update911.js

Both of these were affecting my PC with the symptoms described in the virus
summaries from the AV websites:
Click to expand...

I think that the best (easiest) way would be to use an anti-virus/
virus removal program to clean it up. Most AVs should be able
to deal with these two.

The use of "HijackThis", as someone else has suggested, should
be informative as well as helpful.

....and you evidently need the "Scriptlet TypeLib/Eyedog" patch
(among others) from Microsoft. Pay a visit "windowsupdate"
and get some critical updates.
 
Back
Top