NEED HELP!!! INFECTED WITH GENERIC DOWNLOADER.X!DXZ....CAN'T OPERATE DESKTOP

Hi Chris,

Well, one more problem. I ran the ComboFix /Uninstall and, although it did remove the ComboFix icon from my Desktop, I received an error message stating that "Windows cannot find 'ComboFix' ". Also, McAfee showed the Artemis..... trojan detected alert again as soon as I ran the CombFix uninstall request. I ran a file search for 'ComboFix' and there were 14 combofix files found. Should I manually delte those 14 files?

I'll wait for your instructions. Thanks.

Hi Sparty,

Please delete the following files from your machine. They are all part of ComboFix.

-Combo-Fix.sys
-nircmd.exe
-pev.exe
-pv.com
-swreg.exe
-grep.exe
-hidec.exe
-sed.exe
-zip.exe
-winstart.bat
-append.dll
-mbr.exe

Do you have the path to that Artemis Trojan that mcafee picked up?

Hi Chris,

Of the files listed above that are part of ComboFix, my search was unable to find Combo-Fix.sys, pv.com, hidec.exe(2 prefetch files associated with that file were found and deleted), winstart.bat and append.dll. The rest of the files were found and deleted along with the 14 files with 'combofix' in their names (logs, text files, prefetch, etc.). Is it a problem that those other files couldn't be located?

Maybe it has something to do with the "Artemis Trojan" siutation. I found the file in the quarantined files of mcafee and it looks like, on 3 seperate occasions, that the combofix.exe file was the culprit that was identified as a possible threat and quarantined. That likely explains why combofix kept disappearing from my desktop. Maybe it explains the other files not being found?? Check out this link from mcafee regarding Artemis http://community.mcafee.com/message/98190

The link in the 1st reply (by the moderator) is particularly interesting. Apparenty, "Artemis is a new technology by McAfee which provides always-on real-time protection that safeguards and secures you from emerging threats."

What do you think, Chris?

Hi Sparty,

I've been talking to the behind the scenes guys about this. We've determined that the Artemis trojan detected by Mcafee was actually ComboFix.

A lot of times tools we use will be detected as Malware because of the way they are developed. Last I checked, one of our post powerful tools wasn't Malware

We've also detemined you're good in terms of the botched ComboFix removal. You got it all manually.

Anything else I can do before this is archived? It's been a pleasure working with you

Sounds good to me, Chris.

Once again, thanks so much for your competent assistance!

Hopefully, I won't be needing the Geek Police in the future.....but if I do, I'll do so with confidence.

Peace!