Trojan horse Rootkit-Agent.CW fixed

April 5, 2009 at 18:16:54
Specs: Windows XP
I discovered that there was a process running on my machine called xxxxx.exe where xxxxx was my login name, and I was unable to stop this process. I also discovered that the process was running an executable called xxxxx.exe in directory C:\Documents and Settings\xxxxx, and I was unable to delete this file using Windows Explorer. I was however able to rename the xxxxx.exe file, and after rebooting the machine, the process was no longer running. After taking this action, I no longer received any Rootkit-Agent.CW messages.

See More: Trojan horse Rootkit-Agent.CW fixed

Report •

April 5, 2009 at 18:36:41
Rootkits are hidden trojans and are not likely to show up in windows. I suggest you install UnHackMe, which you'll find on google. Reboot, then run a malware scan with Malwarebytes.

Report back when you have done.

andrew at
Rising UK Pc Security @

Report •

April 6, 2009 at 06:26:11
For a rootkit infection, I always reload the machine. Backup your data files to external media and reformat/reinstall the OS.


Report •

April 8, 2009 at 09:06:42
Running XP sp3 Home. I did the same as the o.p. Worked for me. It seems the xxxx.exe (where xxxx = login name) was the parent of the rootkits, as it kept producing them even though I was destroying them with Malwarebytes as soon as they appeared. Their appearance was always signaled automatically by AVG. I couldn't keep doing that, didn't want to reformat just yet, so I googled for solutions. Found this one, and actually deleted the xxxx.exe file and no more rootkit warnings since then. There were also a couple of weird files, one with a very long gibberish name and one with a simple degree sign as its name, in the same folder and were created at the same time as the xxxx.exe file (1030 am CST on 4/6), so I deleted those also. I've run MB and SuperAnti full scans several times since and they turned up nothing. Thanks to the o.p. for taking the time to post.

Report •

Related Solutions

Ask Question