Perfect Solution to Remove Worm:Win32/Morto.A - Remove Trojan Horse from Your Computer

My computer was infected by a Trojan called Worm:Win32/Morto.A yesterday. It was detected by my AVG, but it couldn’t be removed by AVG. I also tried several tools to deal with the infection, but had no luck in getting rid of it. I have attempted to use other antivirus programs to resolve this problem, but things ended up unsuccessfully. This virus is so stubborn. How can I remove this Trojan horse effectively? Anyone helps me to get rid of Worm:Win32/Morto.A from my computer?

Friendly Reminder: Please try a professional trojan horse removal tool to remove this trojan horse once you can't remove it through the manual removal guide below.

Description of Worm:Win32/Morto.A

Worm:Win32/Morto.A is deemed as nasty Trojan horse. It is often bundled with third-party freeware from the Internet. The free software contains some deceitful files in its installation folder and many Trojan horses have ability to replace its primitive icon to a very attractive file name and a similar double suffix like TXT.EXE, JPG.EXE, for the purpose of running a Trojan. The trojan virus utilizes the characteristics of Windows operating system to confuse the public by altering its file names. This is because people cannot distinguish the malicious file from a real system file. It is very difficult for people to detect its trait with the naked eye. If a hacker wants to take control over a computer, he would try to trick the user into running the malicious codes of a Trojan horse. Apart from this way, the Trojan tries every possible way whether nasty or proper to camouflage itself and accomplish implanting into target computer. The good method to detect it is to use a helpful antivirus for full system scan. Since antivirus programs tend to recognize a Trojan horse via its feature code, the smart hackers will inject legal code into the Trojan horse so that they can make the it hard for antivirus programs to detect and remove the malicious Trojan horse.

Unlike other computer viruses, this Trojan focuses on spying on the victims’ online activities and attempts to steal the data, such as credit card details, ID number and phone number, rather than simply destroys the files on the compromised machine. In the early time, Trojan virus was created to spy on others’ privacy or used to play a prank on them. However, now Trojan horse aims at stealing the valuable information from the infected machine in order to make illegal profits. But now, Trojan horses are frequently employed to steal useful information on the infected computer. It is not a good idea to leave such a threat on your machine, so you need to remove it as soon as possible to prevent financial loss once you find it.

Note: the manual removal requires users to have sufficient computer knowledge and skills. If you are not sure about the manual removal, use a professional malware cleaning tool instead.

How Hazardous This Trojan horse Is?

1. It allows the creator of the trojan to gain access to your infected computer secretly. 2. It may cause system crash and make your executable programs unable to run. 3. It drops other malicious codes on your computer. 4. It spies on your activities on the computer and collect the sensitive data and information for malicious purposes.

Manually Remove Worm:Win32/Morto.A - Remove Trojan Horse Virus Step by Step

Worm:Win32/Morto.A is a malicious Trojan horse which can install itself into the computer system without your consent and awareness. It removes or overwrites system files, modifies system settings, disables important programs and even brings other malware to your computer. Moreover, this Trojan horse will try to collect your personal information by monitoring your activities. This Trojan should be removed from the infected computer as soon as possible. You can follow the guide below to manually remove this threat from your PC.

1: Boot up your computer in Safe Mode with Networking:
Method One
1: Press “Windows” and “R” keys together to open the Run box
Use Windows key and R key to boot in Safe Mode on Windows 8
2: Type “msconfig” in the the Run box and click OK
3: Click the Boot tab, then check the box that says “Safe boot” and “Network” under the Boot options section Click OK.
4: Click Restart when it informs that you need to restart your computer.
Method Two
1:Press the “Windows” + “C” keys, and then click Settings.
Win + C keys to open Settings on Win 8
2: Click Power, hold down Shift key on your keyboard and click Restart.
3: Click Troubleshoot button
4: Click Advanced options button
5: Click Startup Settings button
6: Click Restart button enable Safe Mode on Win 8
7: Press 5 on your keyboard to Enable Safe Mode with Networking.
2: Show all hidden files:
On Windows XP
* Close all programs so that you are at your desktop.
* Click on the Start button. This is the small round button with the Windows flag in the lower left corner.
* Click on the Control Panel menu option.
* When the control panel opens click on the Appearance and Personalization link.
* Under the Folder Options category, click on Show Hidden Files or Folders.
* Under the Hidden files and folders section, select the radio button labeled Show hidden files, folders, or drives.
* Remove the checkmark from the checkbox labeled Hide extensions for known file types.
* Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
* Press the Apply button and then the OK button.
On Windows 7 / Vista
* Click and open Libraries
* Under the Folder Options category of Tools , click on Show Hidden Files or Folders.
* Under the Hidden files and folders section, select the radio button labeled Show hidden files, folders, or drives.
* Remove the checkmark from the checkbox labeled Hide extensions for known file types.
* Remove the checkmark from the checkbox labeled Hide protected operating system files (Recommended).
* Press the Apply button and then the OK button
On Windows 8 /8.1
* Click on Windows Explorer ;
* Click on View tab;
* Check the “Hidden Items” box
3: End Worm:Win32/Morto.A associated files
%commondesktopdir%Worm:Win32/Morto.A.lnk
%windows%System32drivers[**Random**].sys
C:WindowsSystem32drivers[Random].sys
%program files%Worm:Win32/Morto.A .lnk
%ProgramFiles%Protected SearchTaskSchedulerCreator.exe
%System%driversUAC[RANDOM CHARACTERS].sys
%Documents and Settings%[UserName]Application Data Worm:Win32/Morto.A
4: Stop Worm:Win32/Morto.A related processes in the Windows Task Manager
On Windows XP
Press Ctrl+Alt+Del keys together to open Windows Task Manager ;
Under the Processes tab, right-click on the processes related with the virus and click End Process
On Windows 7 / Windows Vista
Right-click on Task Bar and click click Task Manager;
Under the Processes tab, right-click on the processes related with the virus and click End Process
On Windows 8 / 8.1
Right-click on Task Bar and click click Task Manager;
Under the Processes tab, right-click on the processes related with the virus and click End Process
5.Open the Registry Editor
Method 1
(Available on Windows XP, Windows 7 /Vista, and Windows 8 /8.1):
Call out “Run” box by pressing “Windows” key + “R” key on your keyboard;
Type “Regedit” into the Run box and click OK to open Registry Editor
Method 2
(Available on Windows 7/ Vista):
Click on Start button to open Start Menu
Type “Regedit” into the search box and click on Regedit to open Registry Editor
6: Delete Registry Entries created by Worm:Win32/Morto.A
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesActiveDesktop “NoChangingWallPaper” = ’1
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesAttachments “SaveZoneInformation” = ’1
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem “DisableTaskMgr” = ’1
HKEY_LOCAL_MACHINEsoftwareclassesurlsearchhook.toolbarurlsearchhook
HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar
HKEY_LOCAL_MACHINESOFTWAREMozillaFirefoxextensions,
HKEY_CURRENT_USERsoftwaremicrosoftinternet explorertoolbarwebbrowser
HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMain “Use FormSuggest” = ‘yes’
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionExplorerAdvanced “ShowSuperHidden” = 0

Note: Of course, it's highly recommended that you should remove trojan horse in a professional way if there are still some similar problems with your computer.

Summary

Worm:Win32/Morto.A is a high-risk computer infection and should be deleted quickly. This Trojan horse usually looks harmless but will do some malicious things when getting installed on the targeted computers. In general, the attacked computer will perform abnormally: slow reaction, hard disk are reading and writing constantly, no response from mouse or keyboard and windows are suddenly closed without hints. Once installed on the computer, the trojan starts to damage the system. The Trojan horse will change system settings and you will be interrupted by lots of constant pop ups. However, it is hard for a common antivirus program to remove it completely since it is designed with the rootkit technique. Manual way should be an effective way to remove nasty virus, but it is recommended for advanced computer users only. Moreover, it's clever for you to set up a professional malware removal tool to detect and remove all the feasilbe infections.