Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Need help with virus removal

Started by stevenricker , Mar 28 2006 06:24 PM

  • Please log in to reply

#1
stevenricker
Posted 28 March 2006 - 06:24 PM

stevenricker

    New Member

  • Member
  • Pip
  • 2 posts
Help!!

I have gotten the TROJ_VB.XR virus. And it seems to have downloaded another while it was at it.
(TROJ_PURITY.K)

The first one allows pop ups at the top of all web pages, and will even open a browser every 3 to 5 minutes
when you are in another application and bring you to some semi random ad pages.

I have located 3 files that are associated with it. 1 is in the windows folder, called newfrn.exe, another
in the temp folder called NDr~~.tmp.html (where the ~~ is random stuff, it changes it's name)
and one under the program files in a hidden directory called F?nts. That file is also hidden and
called W?crtupd.exe. It makes a call to the internet every so often and try's to use the NDR~ files
to create pop ups.

I have deleted all of them, but they come back. I have used the lastest trend micro scans to try to clean it
up to no avail. I assume it is something in Memory that rewrites the files. Or in the registry that
calls another file I don't know about 1 time, that creates these files. I have tried starting up in
safe mode, then deleting them, but they come back.

Don't know enough about the registry stuff to know what to look for there or not. Afraid to take stuff out of that.

Anyone got any ideas?

Thanks,
Steve Ricker
  • 0

Advertisements

#2
wannabe1
Posted 28 March 2006 - 06:30 PM

wannabe1

    Tech Staff

  • Technician
  • 16,645 posts
Hello stevenricker...

Please go to the Malware Forum and follow the instructions at the top....Especially the Start Here.

That will give you several steps that will help you clean up 70 percent of all problems by yourself...then post a hijackthis log in THAT forum. Be patient, the Malware Forum is a very busy place and a two or three day wait is not unusual. DO NOT REPLY TO OR BUMP YOUR OWN LOG. If it shows a reply it may be overlooked as one that is being worked on.

If you are still having problems after getting a clean bill of health from the malware expert, please return to this thread.

wannabe1
  • 0

#3
stevenricker
Posted 28 March 2006 - 07:21 PM

stevenricker

    New Member

  • Topic Starter
  • Member
  • Pip
  • 2 posts
Thanks.

I will go over to that forum and read up right now.
  • 0
Back to Windows XP, 2000, 2003, NT · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Retired Forums
  3. Windows XP, 2000, 2003, NT

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP