cancel
Showing results for 
Search instead for 
Did you mean: 
mcuserdkb
Level 7

Frequent "generic dx!gpo" trojan detected

I am for the past few days getting popups from McAfee on-access scan that te subject trojan is detected and removed in my local settings/temp WinXP folder. It may be coincident with this or related, but I've had to hard restart (hold the power key down) several times when my system gets unresponsive.

What is this trojan and what can/should I do beyond what my active McAfee virus protection is doing for me? Thanks!

0 Kudos
15 Replies
mcuserdkb
Level 7

Re: Frequent "generic dx!gpo" trojan detected

For some more information, I rebooted maybe 45m ago and now have a McAfee VirusScan alert popup with 4 instances of this - 942.exe, dcreavers3_abb...[long hex title ending in [1]].exe, 361.exe, and DCREAVERS3_....EXE (looks like the first name but in all caps). The numeric files are in my documents and settings\name\local settings\temp folder, and the dcreavers files are in ... \local settings\temporary internet files\content.ie5\.... . I've started moving to Mozilla Firefox but did have an IE window open earlier.

0 Kudos
SamSwift
Level 12

Re: Frequent "generic dx!gpo" trojan detected

Have you run a full scan of your machine as yet? If not can you do this and respond back with the results please?

Sam

0 Kudos
mcuserdkb
Level 7

Re: Frequent "generic dx!gpo" trojan detected

Good idea! I haven't but will and will then post here. I just got another popup about the same trojan detected - but no IE open.

0 Kudos
mcuserdkb
Level 7

Re: Frequent "generic dx!gpo" trojan detected

The scan took almost 12 h but reports "Nothing found". But I got the trojan detected popup several more times during the scan.

0 Kudos
SamSwift
Level 12

Re: Frequent "generic dx!gpo" trojan detected

Hi,

Can you try running stinger with Artemis enabled please - http://community.mcafee.com/message/26869#26869

I'll have a look over the report file for you once it's complete.

Sam

0 Kudos
mcuserdkb
Level 7

Re: Frequent "generic dx!gpo" trojan detected

Thanks. Which version should I use?

0 Kudos
SamSwift
Level 12

Re: Frequent "generic dx!gpo" trojan detected

0 Kudos
mcuserdkb
Level 7

Re: Frequent "generic dx!gpo" trojan detected

Here is the report:

McAfee® Stinger Version 10.0.1.624 built on Jul  6 2009

Copyright © 2009 McAfee, Inc. All Rights Reserved.

Virus data file v1000 created on Jul 6 2009.

Ready to scan for 897 viruses, trojans and variants.

Scan initiated on Thu Nov 12 03:50:26 2009

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\418.exe

     Found the Artemis!C5417B462480 trojan !!!

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\608.exe

     Found the Artemis!C5417B462480 trojan !!!

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\868.exe

     Found the Artemis!C5417B462480 trojan !!!

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\913.exe

     Found the Artemis!C5417B462480 trojan !!!

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\945.exe

     Found the Artemis!C5417B462480 trojan !!!

C:\Documents and Settings\Dilip Barman\Local Settings\Temp\setup~1\Dialog.bin

     Found the Artemis!16E1F0F08333 trojan !!!

C:\RECYCLER\S-1-5-21-5171247027-5945487639-424583274-1088\rundll32.exe

     Found the Artemis!1C4E7247FB76 trojan !!!

  Number of clean files: 532590

  Number of Trojans: 7

0 Kudos
SamSwift
Level 12

Re: Frequent "generic dx!gpo" trojan detected

Hi,

Looks good. Can you run it again with 'repair' selected please and the sensitivity level set to medium?

Thanks,

Sam

0 Kudos