We help IT Professionals succeed at work.

Winxp.exe trojan

kurajesh
kurajesh asked
on
623 Views
Last Modified: 2013-11-22
Hi,

I have a laptop where OS is XP Pro and Iam getting a popup as winxp.exe , detection type trojan, mcafee is the antivirus installed. How can I remove this
Comment
Watch Question

Commented:
It helps if you identify which trojan it is, does mcafee mention it's name?
create, download any offline scanning software. boot it from that cd/dvd fix the virus. reboot pc
kurajeshSenior Systems Analyst

Author

Commented:
detected as BackDoor-CEP!x
Top Expert 2009

Commented:
Try a scan with Malwarebytes http://www.malwarebytes.org/mbam-download.php
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
CERTIFIED EXPERT
Top Expert 2007

Commented:
Combofix should take care of it, that file is in its database. Attach the reulsting log also so we can check it to make sure that it's clean.
Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
(If it doesn't run, re-download and rename before saving to your desktop)

Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
 
If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix 
Sudeep SharmaTechnical Designer
CERTIFIED EXPERT

Commented:
Hi kurajesh,

You would need to be more specific about the name of the Trojan detected. Winxp.exe results is so many results. Even on McAfee website it shows more than 5 results of different variant of viruses which could use winxp.exe.

Like the followings:
http://home.mcafee.com/VirusInfo/VirusProfile.aspx?key=126798#none
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=129510
http://us.mcafee.com/virusInfo/default.asp?id=description&virus_k=127029

More information could be gathered from here:
http://www.threatexpert.com/files/winxp.exe.html
kurajeshSenior Systems Analyst

Author

Commented:
tried this but system is very slow
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.