Identifying the Malware Files
- Scan your computer with your Trend Micro antivirus product.
- Note the path and file name of all files detected as RTKT_XCP.B.
Trend Micro customers need to download the latest virus pattern file before scanning their computer. Other users can use Housecall, the Trend Micro online threat scanner.
Important Windows XP Cleaning Instructions
Users running Windows XP must disable System Restore to allow full scanning of infected computers.
Users running other Windows versions can proceed with the succeeding solution set(s).
Restarting in Safe Mode
This malware has characteristics that require the computer to be restarted in safe mode. Go to this page for instructions on how to restart your computer in safe mode.
Removing Autostart Key from the Registry
This solution deletes registry keys added by this malware. Before performing the steps below, make sure you know how to back up the registry and how to restore it if a problem occurs. Refer to this Microsoft article for more information about modifying your computer's registry.
- Open Registry Editor. Click Start>Run, type REGEDIT, then press Enter.
- In the left panel, double-click the following:
- Still in the left panel, locate and delete the key:
- Close Registry Editor.
Deleting the Malware File(s)
- Right-click Start then click Search... or Find..., depending on the version of Windows you are running.
- In the Named input box, type the name(s) of the file(s) detected earlier.
- In the Look In drop-down list, select My Computer, then press Enter.
- Once located, select the file then press SHIFT+DELETE.
*NOTE: This is a component file that may come with a main component detected by Trend Micro as another malware. It may also be used by several variants of a certain malware family. If your Trend Micro product detects another malware on your system, refer to the manual removal instructions of that detected malware.
Trend Micro offers best-of-breed antivirus and content-security solutions for your
small and medium business,
or home PC.