my-seeker.com/

This site has attached itself to my IE as my home page, my-seeker.com and I can’t nuke it. I picked it up shortly after logging on here the other day. If anyone has any knowledge of this site or how to shake it, your input would be appreciated.

 

tried ad-aware or spybot?

cleared caches and settings?

.. hate to say it but i recommend using firefox or opera

 

Have you run any Malware scans? EG. MalwareBytes anti Malware, Adaware, spybot etc?

 

Download and run Hijackthis (small standalone program) and disable anything that says "IE toolbar" or "my-seeker.com" - easy!

But we're all currently recoiling from "I use IE" and all recommending firefox or opera, as mentioned

 

I ran Hijackthis and this is what it shows, 3 time I deleted it but it won’t die!

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.my-seeker.com

 

Did you try any of the programs i mentioned

 

Yea I tried Ad aware and it’s like it didn’t want to have a bar of it. I’m trying this now got it off another site.
For Internet Explorer: go to Tools> Internet Options> Privacy> Advanced: here check 'Override automatic....' 'Allow session cookies' 'Allow 1st party cookies' & 'Block 3rd Party Cookies'.
See if this makes a difference

 

Well that did jack, trying this now anti Malware

 

Try this in safe mode - after running a spyware scan as recommended. Run the spyware programs in safe mode as well. Another one to try is spyware doctor. Since it's an HCKU entry (only?) it's a registry entry, and I guess it reinserts itself - need a spyware remover that detects it in the registry and/or a registry cleaner as well. Likely you have some other spyware that's responsible for the reinsertion and/or other bad entries. I suggest running a registry/temp file/cookie remover like CCleaner as well.

 

a lot of malware/virus/spyware. ect... is made that after a restart... no matter how many times you use a remover.. it comes back. Sad to say it... but id say do a re-install to be safe...

 

I tried running both the Ccleaner and Stopzilla in safe mode but still this parasite lives. I can say that this is was can’t be deleted, c:\swsetup\vdfupdate\setup.exe after being recognized as maleware, which I don't think is right. I did a recovery yesterday, I'll go again this time I'll delete both back up and recovery drives and start from scratch.

 

With all due respect!

Reinstall is an absoloute last resort! You should try every avenue possible before reinstalling. How are you going to learn to fix issues if every time you get a problem you reinstall.

I have had all sorts of Malware issues and have only once had to reinstall. I'm not saying don't reinstall but make sure you have tried everything you can think of first.

Regards

 

Sometimes, malware can be so persistent that it adds its own code to native Windows OS processes such as WinLogon.exe, svchost.exe, etc... this would be called Rootkit'ing.

Next time, it would be useful to post the full log of HiJack This!'s results, some malware can be really hideous and HiJack This! can blow its cover sometimes, you could delete the setup.exe viral program by using KillBox while on Safe Mode (not guaranteed to work 100% of the time, due to malware replicating itself to the most remote of Windows' Locations, and those copies keeping the Malware alive).

You might want to run a full scan using SpyBot Search And Destroy, along with Avast!, this combo has worked wonders for me on infected computers with persistent malware. (Even Virtumonde, among the most annoying and persistent Spyware I have ever seen.)

If you are going to do a full system scan (after HiJack This!), I suggest you to extract the hard drive from the computer and run the scan from another clean computer, so that the malware cannot continue replicating and "saving" itself.

Update:

OP, you own a HP or Compaq, right?, well, this so called "SWSetup" Folder contains data about the Symantec Antivirus contained for default with HP and Compaq computers, and indeed, the setup.exe installation package is certified by the Symantec Corporation, there is another file into play, called "vdef_update.cva", which is the update database for the Virus Definitions for the Symantec Antivirus, it seems like that your problem with the homepage lies elsewhere, can you please post the results of the HiJack This! full log? Also, it seems like that the contents of the SWSetup folder are protected by a process that HP added to Windows so that they could not be deleted accidentally, nothing to worry about, really.

 

i've never had that evil malware that just won't go away and needed a reinstall. i don't know how you get it. and i surf doubtful websites, download stuff etc. what i would do is use firefox for starters, then clean all the cookies, etc form IE, than scan with spybot and adaware and maybe an antivirus like KIS or bit torrent. that always did it for me

 

sorry meant to say bit defender, it came out torrent 'cause i was thinking that way you can get malware but even so, i didn't get any

 

Yea you’d think surfing a few forums would be safe. But I guess some sites you go to are affiliated with the computer industry and make a living from them.

I tried to nuke my unwelcome friend and run at least 6 different anti Malware programs and alike, but the little guy was putting the hurting on some of them, it would shut them down and wouldn’t let them run.
( Adaware, smithfraudfix and another, I can’t think of it right now) Hijack stopzilla spyware scan ccleaner in safe mode, run ok but did nothing.

Recovery was easier and took just as long, so if I would of gone that way from the start it would of took half as long, but I don’t mind it was kind of fun trying. I have all my important stuff on a 8 gig flash card so I lost nothing worth talking about.

But I have to say, the idea of a recovery and backup drive sounds good on paper but didn’t work for me.