On Thursday my laptop became infected with a horrible trojan virus and I simply cannot get rid of it.
Its called: Win32: Downloader NUA Trj
What it does:
WILL NOT let me into safe mode atall
Won NOT let me open certain programs like IE
Every 15 Seconds or so or if I try to open a program I will get Avast popping up saying “Trojan Horse Blocked” its not always in the same place though, it moves from program to program, (I’ve tried to find it but can never locate it)
Opening some programs like VLC results in this error message “error 0xc0000005”
What I did about it:
Plenty of boot scans, sometimes Avast finds it, sometimes not
ran Malware Bytes, Superantispyware, and Spybot search and destroy several times (they like avast were all updated before they ran) again sometimes they found the virus sometimes not.
I have also ran the AVG recovery disc but that didn’t seem to do anything.
Uninstalled and reinstalled Avast to simply check I didn’t have a fake version running. That too produced no effect
I do have another pc to work from so if you want to suggest something I should download I can. I’m figuring getting into safe mode might be the key but when I try the computer comes up with a blue error message and then powers off again. Whats equally weird is I have disconnected from the internet and avast still pops up telling me its blocked the Trojan Horse.
I hope you guys can help and any help is much appreciated.
I will follow MCafee’s instructions. Avast is “blocking” it, not sure if that means its being quanrantined. I assume it is because its not causing me more issues.
Thanks for your help, I will reply again as soon as the MBR clean has finished.
They frown on anyone giving malware removal advice in this forum other than one of the Avast malware specialists; Essexboy, Jeff, or Oldman. So your going to have to wait till one of them respond.
[*]Double-click to run TDSSKiller.exe
[*]Press Change Parameters
[*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
[*]Click on the Start Scan button
[*]Only if Malicious objects are found then ensure Cure is selected
[*]Then click Continue > Reboot now
[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
[*]Copy and paste the log in your next reply
[*]A report will be created in your root directory, (usually C:\ folder) in the form of “TDSSKiller.[Version][Date][Time]_log.txt”. Please attach its contents on your next reply.
Do not give a misreprentation of the facts here. To set things straight- in malware removal routines only qualified removal experts that has been trained officially and sufficiently, like indeed essexboy, oldman, jeffce and some others here, are allowed to guide in and through malware cleansing routines that should be guided in this way.
These officially qualified removal experts have no connection to avast, they are volunteers and users of the avast programs like the others here, but they have been trained through various special online anti-malware universities or boot-camps and are members of Unite for instance, the membership of which organization is a webwide guarantee that the person is a qualified removal expert, and knows what he/she is doing.
This to prevent that untrained users may do more damage than good. The other side of the coin is natuarally that the malware removal experts here will build up a gigantic expertise with all the different sorts of malware that has to be cleansed. Just like others here build up expertise in cold reconnaisance anaysis of malware through url-scanning methods (Asyn, Pondus, spg Scott, !Donovan, etc.),
Ok attached is the TDSS Killer Log. Just to add after I ran this my CD Drive has now dissapeared! Said something about lower registries moved. Any ideas how I can get it back?
I have the exact same trojan and have no idea how to get rid of it It seems to be moving around my computer, avast is picking it up but can’t pin it down
Apart from formatting I have no clue how to get rid of this thing, it has already destroyed some files and programs
Hi pennylane909 could you run aswMBR and OTL as per this thread and start your own topic… As soon as you have posted I will have a look see http://forum.avast.com/index.php?topic=53253.0