Author Topic: JS:seeker- gen  (Read 3484 times)

0 Members and 1 Guest are viewing this topic.

Offline scroll

  • Newbie
  • *
  • Posts: 10
JS:seeker- gen
« on: August 10, 2006, 06:09:33 PM »
Avast found  JS:seeker-gen in a file named memory.dmp (245Mb.)

Avast cannot repair it, and it's too big for the chest.What does the file memory.dmp and can I delete it?

Thanks

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 80996
  • No support PMs thanks
Re: JS:seeker- gen
« Reply #1 on: August 10, 2006, 06:45:30 PM »
a memory dump could contain a virus in memory so may be detectable. I surprised that it is too big for or there isn't enough room in the chest, 245MB is small but you can increase the size of the chest, see image.

avast can only repair certain files/viruses and I would be surprised if this were included. A memory dump is redundant after a reboot so you could opt to delete.
WinXP ProSP3/ Core2Duo E8300/ 4GB Ram/ avast! free 18.5.2342/ Firefox ESR, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ DropMyRights/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 19.2.2364/ WinPatrol+/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro7.11.0/ WinPatrol+/

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31181
  • malware fighter
Re: JS:seeker- gen
« Reply #2 on: August 10, 2006, 09:32:13 PM »
Ho scroll,

Here you can read about JS.seeker.gen and its implications:
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=98882

Through this link you can also find the patch for the Microsoft vulnerability through which you could be infected by this malware.
Always use the latest versions of programs, keep them fully updated, and run all patches. Malware authors reckon people are slack in these routines and so can make more and more victims,

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline scroll

  • Newbie
  • *
  • Posts: 10
Re: JS:seeker- gen
« Reply #3 on: August 10, 2006, 09:38:15 PM »
Thanks DavidR.


When I tried to move the Memory.dmp to the chest, it said not enough room on the DISC, not the chest, but increased the chest limit and tried again anyway, with the same result. And I know my Disc has at least 10GB of memory left.

Have done a bit of research and found JS:Seeker-gen should have made regedit inoperable, as well as changing home page etc. but my system showed none of these symptoms.So wonder if it was a False alarm.

Had trouble installing a windows update the other night, when KB917422 caused a buffer overflow!! This stopped Avast and my Firewall from functioning, and the only way I could get the update to install was by un-installing my firewall (with due care of course). Then re-installing the firewall.

So I'm now wondering if Avast was corrupted by the buffer overflow? Will probably do a re-install just in case!

Thanks again
Stroll

Offline scroll

  • Newbie
  • *
  • Posts: 10
Re: JS:seeker- gen
« Reply #4 on: August 10, 2006, 09:52:13 PM »
Hi Polonus

Thanks for the link, found details of the virus at Trend-Micro and ran a house call, but found nothing.

All my anti-virus, spyware and windows updates are running with the latest versions so fail to see how this virus sneaked in.

Running Avast Home, ewido, Ad-aware, spybot search & destroy,  spyware blaster and Comodo firewall (which seems to be somehow related to the buffer overflow I mentioned in my last post)

Have now deleted the offending file ( Memory.dmp) and ran a thorough scan with Avast and all clear, but still wondering whether to do a clean install of Avast just in case?

Regards
Scroll

Offline polonus

  • Avast Überevangelist
  • Maybe Bot
  • *****
  • Posts: 31181
  • malware fighter
Re: JS:seeker- gen
« Reply #5 on: August 10, 2006, 10:02:31 PM »
Hi Scrool,

As an additional routine I propose you to do the following, it cannot hurt you, and may clean the machine of something
that should not be there:

(NOTE: Be sure to run the scan in Safe mode)

Begin by downloading CCleaner, and specifically choosing the most recent version from here: http://www.ccleaner.com/ccdownload.asp

Then, follow these steps:

1. Close all programs so that you are at your desktop.
2. Double-click on the "My Computer" icon.
3. Select the "Tools" menu and click "Folder Options".
4. After the new window appears select the "View" tab.
5. Place a checkmark in the checkbox labeled "Display the contents of system folders".
6. Under the "Hidden files and folders" section select the radio button labeled "Show hidden files and folders".
7. Remove the checkmark from the checkbox labeled "Hide file extensions for known file types".
8. Remove the checkmark from the checkbox labeled "Hide protected operating system files". 9. Press the "Apply" button and then the "OK" button and shutdown My Computer.
10. Now your computer is configured to show all hidden files.

Now, install the program. Open it, and choose the 'Options' tab. Inside, hit the 'Custom' tab, and add the following folders (Note: Not all of these files are on every computer. If one of these isn't present, skip it):

C:\Windows\Temp
C:\Temp
C:\Documents and Settings\<Every user listed>\Local Settings\Temp
C:\Documents and Settings\<Every user listed>\Local Settings\Temporary Internet Files\Content.IE5
C:\Documents and Settings\<Every user listed>\History
C:\Documents and Settings\<Every user listed>\Cookies
C:\Windows\Prefetch


After doing this, move back to the 'Cleaner' tab, and inside this, be sure your open to the 'Windows' tab. Inside, check the box labeled 'Custom Files and Folders'.

Next, after following all of these steps, you're ready to scan. Run scans in both the 'Cleaner' and 'Issues'. Note: It might take several scans in each to remove all of the junk.

After this you could put an additional  hjt log here.

polonus
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline scroll

  • Newbie
  • *
  • Posts: 10
Re: JS:seeker- gen
« Reply #6 on: August 11, 2006, 11:03:00 AM »
Hi Polonus

Will do the CC scan over the weekend.

Many thanks
Scroll