Steelick
2010-05-19, 20:57
Hello, I was please wondering if anybody knows anything about, or could assist me in removing, the malware referred to as "Backdoor:Win32/Nuwar.A". This is what it is detected as under Microsoft Security Essentials. I am running Windows XP Media Center Edition. I am not sure how I got infected, and even though basically everywhere online says it is spread and infected through e-mail, I do not believe this is the case, especially since I do not really ever use e-mail on this computer (especially not Outlook or any e-mail client program). When I restart or log-in to my computer Microsoft Security Essentials is turned off and cannot connect for updates. This also happens with Spybot Search and Destroy, not to mention several other programs I have tried. I read online that the "Nuwar backdoor" looks for programs and windows with certain window titles, such as "viru", "anti", and "spybot",etc. I also noticed a new icon in the system tray that looks similar to a small, green shield. It constantly provides a balloon popup that says my system is infected and that many ".exe" and ".scr" files are not working and being infected as well. When you click the icon it brings up a window that makes it look like the system is being scanned and proceeds with a series of questions asking you what you would like to do. The title that appears in the window of the program with the green shield is, "Antispyware Soft". I tried restarting the computer in safe mode and I tried removing the registry from the startup, but that was not successful. In safemode, I did not notice the green shield icon popping up in the system tray, but I was still not able to accomplish anything here. Every time Microsoft Security Essentials says it has removed Nuwar, but it continues to come back or run in the background (usually under a different process id and/or name). Could anybody please help, or provide some knowledge about this matter? Thanks.