Solved TDSS.e!rootkit Trojan with name XCPT-HOOK1

March 14, 2012 at 16:25:03
Specs: Windows XP
I have a TDSS.e!rootkit Trojan with the name XCPT-HOOK1

I found it using McAfee Virus scan, but it keeps coming back after the virus program deletes it

I get a malwarebytes error code on startup

I get unwanted pop-ups

I get an extortion-ware type program called Internet Security that runs a pseudo virus scan that I can't get rid of and which blocks my task manager from operating

I am also prevented from clicking on links after a google search, because it redirects me to an unwanted page.

Any help on how to get rid of this pest would be greatly appreciated.
Thanks,
Joe


See More: TDSS.e!rootkit Trojan with name XCPT-HOOK1

Report •


#1
March 14, 2012 at 16:32:42
✔ Best Answer
I would suggest you download these progs to a thumbdrive or burn them to CD on another PC and then install them on the problem PC and run them in SAFE mode
1- rkill.exe (will kill the process)
http://www.bleepingcomputer.com/dow...
2- tdss killer (it will quarantine the rootkit)
http://support.kaspersky.com/faq/?q...
3- Malwarebytes (run a full scan and fix all it finds)
http://www.filehippo.com/download_m...
then reboot the pc

Some HELP in posting on Computing.net plus free progs and instructions 7 Golds


Report •

#2
March 14, 2012 at 16:47:39
Thanks, I will give it a try.

Report •

#3
March 14, 2012 at 17:15:30
Sounds good, let us know how you make out with your problem

Some HELP in posting on Computing.net plus free progs and instructions 7 Golds


Report •

Related Solutions

#4
March 15, 2012 at 08:26:09
Maybe you can search "how to manually remove TDSS.e!rootkit" or things like that and then follow the manual removal to get rid of such stubborn infection if your antivirus cannot help.

Report •

#5
March 16, 2012 at 16:16:17
Re #4

When using Google be very careful to ensure it is a legitimate fix and not a scam website. There are many websites around that are simply after selling you their dud program. If unsure get it checked out here or by another reliable forum.

Unfortunately these scam websites just copy whatever you've searched for and repeat the the search string on their website, making you think it is some special purpose fix when it isn't.

The above applies when searching for information about computer files too. About 90% of hits these days try to convince you it is a virus, whether it is or not - similar scam.

Always pop back and let us know the outcome - thanks


Report •

#6
March 18, 2012 at 12:04:19
Thanks, this advice was useful and helpful. The only problem was that I could not use the TDSS Killer program as downloaded, and I had to change the name to a random name and keep it on my flash drive in order to run it. But other than that, these were the combination of programs that solved my problem.

Thanks again!


Report •

#7
March 18, 2012 at 12:14:17
Thanks a bunch for posting back and I'm glad it worked for you! It might help others that have a similar problem

Some HELP in posting on Computing.net plus free progs and instructions 7 Golds


Report •


Ask Question