Browsers, E-mail, & Web Apps forum

General discussion

TROJAN:Win32/Winwebsec-Looks like official Windows Security

I accidently became a sucker and reacted to a pop up "Security Warning"that looked like an official Windows security warning. I've tried downloading Microsoft Malaware yesterday, though it identified the virus it could not remove it. The suggestion was to try and find another virus detection program. I already have Zone Labs, Zone Alarm Security Suite, and it has not been able to detect it. It is very invasive and keeps popping up with a Security warning window about every 3 minutes. How can I get rid of this thing?

Discussion is locked
You are posting a reply to: TROJAN:Win32/Winwebsec-Looks like official Windows Security
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: TROJAN:Win32/Winwebsec-Looks like official Windows Security
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
I'll advise you to try the following programns

In reply to: TROJAN:Win32/Winwebsec-Looks like official Windows Security

Firstly there's Malwarebytes' Anti-Malware which tends to be one of the best programns for this sort of it off the following link:
The second one is super anti-spyware...ideally you should have both programns on your computer because they do work well together....a plus side is there both free and don't take too much space can download it off the following link:
scan you local disk with both programns and they should be able to get rid of it...I'll like to hear back from you if unsuccessful because there are a few other things to do...

Collapse -
Resolution to Trojan Rogue Virus

In reply to: I'll advise you to try the following programns

Well--Zone Alarm finally found it! I reset my preferances to a deep, complete system scan(8.5 hrs) and sure enough there it was. Thanks for any of you who responded.

Collapse -
Feedback on the steps to remove trojan in on my XP computer

In reply to: I'll advise you to try the following programns

I followed your instructions to download both software programs. I ran them both and the problem is all set. Thank you very much!!!

Collapse -
Win32/Winwebsec removal

In reply to: TROJAN:Win32/Winwebsec-Looks like official Windows Security

I got a headsup from defender that this had gotten into computer. I have an antivirus but it had apparently been disabled. Defender said it had been removed....not so. This can appear in your program data file on C/ as a string of numbers.dll eg 2745311199.dll. You will probably find it in the computers start-up directory as a new addition. It will be stared up everytime you start the computer. I just went to program data and deleted it. I am not that computer savvy but I am nosey around my own computer and found that a backdoor virus had been put in too. Which among other things is a keylogger and can take over desktop etc. This was Tr/Crypt.xpack.gen. This was hidden inside something called ctfnon.exe a bogus file in the windows file. I only found this after I had uninstalled and re-installed a new version of my antivirus program. Done with great difficulty I might add because the trojan kept interfering with accessing the download of the new version. I had almost totally lost control of my computer. The scary thing is that on later checking with logs etc. is that microsoft was the only one doing things in my computer then and was downloading and doing updates even though all updates have been switched off and they are able to do this with internet wireless turned off. I have saved some of the logs and printed them out because it looks as if they have done this via defender.

Any thoughts?

Collapse -

In reply to: Win32/Winwebsec removal

Hey Susie,

I got this same virus the other day. AND I FIXED IT.

All you need to do is turn the computer off by Holding the Button, and then, on the reboot, when it asks you if you want to start windows normally, DO NOT. open it in safe mode. Also, disconnect the internet. Now, Search SYSTEM RESTORE and a wizard should pop up. it will guide you through the steps to restoring it to an earlier date. Now, this is important. Pick a date BEFORE YOU GOT THE VIRUS. it is better to pick a date a couple days before. now, click through to do the rest. It should take about 15-25 mins. Now, login normal. THen, go to windows security essentials from, and run a FULL SCAN. it should pop up as a severe thing, called WinWebSec (but you already knew that). Click the delete button, and then continue the scan. I am doing this right now, and it seems to be working. all my documents are still there, and the wallpaper is back to normal.

Hope this helped!!! Please tell me how it goes!!!

Collapse -
"Windows security" Virus

In reply to: READ THIS


I did exactly what you said yesterday and today it was back. You may need to run malwarebytes or spybot and see if it has really gone. It's more persistent than headlice!!!

Collapse -
still has folders

In reply to: "Windows security" Virus

I did a system restore and the folders are still there. You cant delete them because they are "running." Im not tech savvy enough to delete them... I changed the file that opens one of them to paint, dont know if that will work or not...

Popular Forums

Computer Newbies 10,686 discussions
Computer Help 54,365 discussions
Laptops 21,181 discussions
Networking & Wireless 16,313 discussions
Phones 17,137 discussions
Security 31,287 discussions
TVs & Home Theaters 22,101 discussions
Windows 7 8,164 discussions
Windows 10 2,657 discussions


Best Black Friday Deals

CNET editors are busy culling the list and highlighting what we think are the best deals out there this holiday season.