Hi Guys,
My computer has gotten infected with Trojanhorse, the name of it is webcrack4.exe, I've tried scanning my computer several times with Norton Antivirus and it caught 3 trojanhorses but unable to delete it. When I try to press ALT + CTRL + DEL to see the background procesess running on my computer, it says "Task Manager has been disabled by your administrator" Again when I tried scanning later, it caught almost 425 different viruses, I'm not able to delete any of them. My computer is getting more and more infected with this, pleaseeeee help me..........
2007-03-16 22:22:16 · 11 answers · asked by Jikki 1 in Computers & Internet ➔ Security
There is nothing nicer than finding a password cracking program on your computer. You have some serious work ahead of you. You must change every password you use after this Trojan is removed.
Since we have no idea of what infections you have I am going to give you a bunch of info. At the bottom of the below procedure you will see sites for Smitfraud Trojan removal. Go to one and use it. Then do the Vundo Trojan removal.
This is a case where you must do this procedure to ensure it is removed from all areas of your computer. ewido is the best Trojan removing program available. Run your Norton AV after the ewido.
Download and Update Ewido (now called the AVG Antispyware). Do not run:
http://www.ewido.net/en/download/
TEMPORARILY SHOW HIDDEN FILES AND FOLDERS.
1. Click Start, and then click Control Panel.
2. Click Appearance and Themes, and then click Folder Options.
3. On the View tab, under Hidden files and folders, click "Show hidden files and folders", and clear(uncheck) the "Hide protected operating system files" check box.
IMPORTANT: Files are hidden by Windows for a very good reason. It is not wise to experiment with these files. Unfortunately, to successfully remove modern spyware we must turn this protection off temporarily. Please turn the protection back on when you have finished cleaning your system.
EMPTY INTERNET EXPLORER BROWSER CACHE:
1. On the Internet Explorer Tools menu, click Internet Options.
2. On the General tab, in the Temporary Internet Files section, click the Delete Files button. Select the Delete all offline content check box in the confirmation dialogue box that appears, click OK. Click OK again.
RESTART IN SAFE MODE:
To do this you need to hold down or repeatedly tap the F8 key while the computer is booting (when the computer is displaying a black screen with white text). When the boot menu appears, use your keyboard arrows to select "Safe Mode."
Safe Mode can look quite ugly. The color may look bad, and all of your desktop icons will be very large. This is normal.
START THE SCAN WITH YOUR PROGRAM(S).
When the scan and removal are completed REBOOT COMPUTER. This will restart you in normal mode.
RESET HIDDEN FILES AND FOLDERS.
The RESTORE POINTS may be infected with the Malware and cannot be used. Delete the old one(s) and make a new one.
CLEAR OLD RESTORE POINT(S). HERE'S HOW:
1. Click Start, and then click Control Panel.
2. Click Performance and Maintenance, click System, and then click on the System Restore tab.
3. Select the Turn Off System Restore check box, click Apply, then restart your computer.
4. Return to the System Restore Tab and turn System Restore back on.
TO SET A NEW RESTORE POINT:
1. Click the Start button.
2. Point to Programs, then navigate to Accessories, then System Tools, then click System Restore.
3. Choose Create a restore point, and then click Next.
4. In the Restore point description box, type a name for your restore point, and then click Next.
5. Click OK.
NOTE: If you are using Windows XP Service Pack 2 (SP2) and are unable to access the Internet after removing Malware, there is a command that may fix the problem. It works by resetting the winsock catalogue. Click on Start, then Run and type CMD in the box. Click OK. Type "netsh winsock reset" (no quotes)into the DOS window that appears.
ADDITION INFORMATION ABOUT TROJANS:
There are Trojans that fall into the Smitfraud family. Smitfrauds are usually Homepage/Browser Hijackers. A Homepage Hijacker takes you to a website other than what you have set on your computer. A Browser Hijacker directs you to websites other than what you just selected. These require the use of a specialized program for removal. Here are two sites that specialize in removing these:
http://www.internetinspiration.co.uk/roguefix.htm
http://siri.urz.free.fr/Fix/SmitfraudFix_En.php
Another type of Trojan that requires a specialized removal program is Vundo Trojans.
The procedure should fix Vundo-based Winfixer(WinAntiSpyware, WinAntiVirus, Blackworm, Amaena)problems.
Please download Atribune's VundoFix.exe (version 4.2.71 [as of 21 April '06], or later), from
http://www.atribune.org/ccount/click.php?id=4
and save it to your desktop.
Double-click VundoFix.exe to run it.
Put a check next to Run VundoFix as a task.
You will receive a message saying vundofix will close and re-open in a minute or less. Click OK Note: If VundoFix does not reopen after a minute (or two), then you should skip-over the "Run as a task" step, and continue-on to the following steps to SCAN and REMOVE.
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will shutdown your computer, click OK.
Turn your computer back on.
2007-03-16 23:06:03 · answer #1 · answered by Anonymous · 0⤊ 2⤋
There are a couple of things that you can do. Trying booting in Safe Mode and make a search for the files that show up in you Anti-Virus as infected. Try deleting them all. If this fails, make a backup of all your files (documents, music, videos and etc) and format all partitions on your hard disk. This second option will definitely remove the virus.
Wish you best of luck...I really have pity on you.
2007-03-16 22:29:56 · answer #2 · answered by The Great One 2 · 2⤊ 0⤋
Here is a simple tutorial on how to cleanup your computer. They are real basic steps, but it is a good first step to take and will often clean out 95% of the junk (such as spyware, viruses, etc) off your computer. All the tools used are free of use. Here is the link:
http://www.cleancomputerhelp.com/how-to-cleanup
2007-03-17 17:24:16 · answer #3 · answered by patrick j 2 · 0⤊ 0⤋
Start the computer in safe mode with Internet - then do a free online scan at the link below.
P.S. Turn off system restore before hand.
Good luck.
2007-03-16 22:34:58 · answer #4 · answered by Sly_Old_Mole 7 · 0⤊ 1⤋
sometimes anti virus programs don't get updated often enough to be effective against new viruses. Kim Kommando recommends you have at least two programs (not running at the same time) one paid for and the other one free. And she has several at her web site you can download free or free to try. I suggest you do that to get an up-to-date program.
2007-03-23 11:43:02 · answer #5 · answered by pilot 5 · 0⤊ 0⤋
I had the same one I got a free 30 day scan called prevx killed every thing in about 30 minute scan. when in the site look for the free trial down load.
2007-03-24 12:21:46 · answer #6 · answered by dan h 2 · 0⤊ 0⤋
I would download, install and update AVG Anti-Virus - it's free and can be found here - http://www.vermontpcsolutions.com/tools_anti_virus.html
For more on how to install AVG go here - http://www.vermontpcsolutions.com/how_to_install_avg_anti_virus.html
Then I would temporarily disable System Restore (if you are running Windows XP) - learn how to do this here - http://www.vermontpcsolutions.com/disabling_system_restore.html
Next, start the computer in Safe Mode - (as the comptuer is starting up, keep tapping the F8 key on your keyboard until you see a special start-up menu) - more on how to start in Safe Mode here - http://www.vermontpcsolutions.com/how_to_start_in_safe_mode.html
The run a full system virus scan while in Safe Mode
After the viruses have been detected and removed, restart the comptuer, enable System Restore again and enjoy a virus-free computing experience.
Check out this page for more information on what viruses are - http://www.vermontpcsolutions.com/what_is_a_virus.html, and this page for how to remove them - http://www.vermontpcsolutions.com/how_to_remove_viruses.html
Good Luck!
2007-03-16 22:29:42 · answer #7 · answered by VPC 3 · 1⤊ 2⤋
download avg antivirus free edition and spybot search and destroy dont delete the virus use the quarintine option.you will find both of these products free at hippofile .com.Run the antivirus first then spybot it did the trick for me.Good luck
2007-03-17 02:41:40 · answer #8 · answered by ? 2 · 1⤊ 0⤋
My advice would be, to uninstall Norton since it is useless and install AVG.
.
Download Grisoft AVG 7.5 Anti-Virus,Anti-Malware.(free)
AVG is a collection of anti-virus protection tools that gives you full protection against viruses, worms, Trojans and malware. AVG provides you with all that you need to be completely protected: including a tool for scanning your hard drive and e-mail, as well as a real-time shield to prevent infections.
Top Features
» Provides automatic update functionality
» Its a reliable anti-virus scanning engine
» Provides free Virus Updates for life
» Options to define file name extensions
» Real time protection with resident shield, email scanning
http://free.grisoft.com/doc/5390/lng/us/...
Never have 2 anti-virus on your PC as they will conflict with each other.
To COMPLETELY remove Norton, go to their website and use the remoel tool.
2007-03-16 22:32:36 · answer #9 · answered by G 7 · 0⤊ 2⤋
Complete removal instructions here..
http://www.pestpatrol.com/pest_info/Stomp/w/webcracker_4_0.asp
Use two internet security programs i use McAffe and PestPatrol.
PestPatrol will kill webcracker tht virus has been around for 7 years.
2007-03-16 22:34:04 · answer #10 · answered by sprydle 5 · 1⤊ 0⤋