Showing results for 
Show  only  | Search instead for 
Did you mean: 
Level 7
Report Inappropriate Content
Message 1 of 4

Help! Infected by Generic.dx, Generic!Artemis and Generic Rootkey.w

Hello! I am using Windows XP Pro.

My computer has been invaded by these three trojans: generic!Artemis, generic.dx and generic rootkit.w, or so McAfee Virus Scan tells me.

Most times when I start up - but not every time - the computer is really sluggish for several minutes and then a box pops up saying:

"Generic Host Process for Win32 Services has encountered a problem and needs to close"

(this generally coincides with a box from mcafee detecting the trojan in another file)

I click on "to see what data this error report contains, click here" and it says:

szAppName : svchost.exe szAppVer : 5.1.2600.5512 szModName : ntdll.dll
szModVer : 5.1.2600.5512 offset : 0001b1fa

A couple of minutes later another box pops up saying, "System Shutdown", something about being intiated by NT AUTHORITY\SYSTEM and then, "Windows must now restart because the DCOM Server Process Launsher service terminated unexpectedly"

And a timer counts down from sixty seconds and then the computer restarts.

Here are some of the details from the McAfee detection log (I haven't listed all the files here because there are too many, so I'll just provide one example of each):

Detection name: Generic.dx (Trojan), Generic.dx (Trojan)
File: C:\Windows\system32\drivers\109.exe
Process: C:\windows\system32\svchost.exe
process description: generic host process for win 32 services

Detection Name: Generic!Artemis (Trojan)
File: E:\system volume information\_restore{5E0A6BCC-1246-45C3-BBAA-DBEC343BA767}\RP173\A0131417.exe
Process: C:\Program Fioles\Malwarebytes' Anti-Malware\mbam.exe
Process description: Malwarebytes' Anti-Malware

Detection name: Generic Rootkit.w (Trojan), Generic Rootkit.w (Trojan)
File: C:\Windows\system32\drivers\netsik.sys
Process: C:\Docume~1\Mike\Locals~1\Temp\BN7.tmp
Process description: (as process)

The generic.dx has been repaired and removed from 12 files so far by mcafee

The Generic!Artemis one has been quarantined from 7 files so far

The rootkit.w one has been repaired and removed from three files so far

Please help me!
3 Replies
Level 10
Report Inappropriate Content
Message 2 of 4

RE: Help! Infected by Generic.dx, Generic!Artemis and Generic Rootkey.w

Please try this:

On a friend or family member's computer, download the Malwarebytes installer and update files from the links below, copy them to a CD or flash drive, then transfer the files to the problem machine and use them. If you can't start the computer into "normal" windows, try installing, updating, and running the scans AFTER the computer is started into Safe Mode.. I use the sites below to download the installer file and the manual updater:

Once downloaded and before transferring them to the problem machine, rename the program installer "mbam-setup.exe" file to something else like "Gogetum.exe", then copy the installer file and the update file to a CD or flash drive.. Transfer the file to the problem machine, then install the "Gogetum.exe" file, then run the update to get the program current.. After that, run a full system scan and delete anything it finds.

Malwarebytes Installer Download Link (Clicking on the links below will immediately start the download dialogue window.)

Malwarebytes Manual Updater link

Next, download the SuperAntispyware program and the manual updater from the links below. After running the Malwarebytes tool above, if you still can't download and install it directly from the problem machine, download it on a friend or family member's computer as well. After installing and updating SuperAntispyware, run another full system scan and delete everything it finds as well. As before, you may need to rename the installer file to get the program to install.:


SuperAntispyware Manual Updater

In a few situations, in order for the program to run, it was also necessary to rename the main "mbam.exe" file also after installing it.. It resides in the C:\Programs Files\Malwarebytes Antimalware folder.

Hope this helps.

Level 7
Report Inappropriate Content
Message 3 of 4

RE: Help! Infected by Generic.dx, Generic!Artemis and Generic Rootkey.w

Hi Grif, thanks for your help.

Just wondering, why is it necessary to download Malwarebytes and Superantispyware from a seperate computer? Is it in case my computer infects them during download?
Level 10
Report Inappropriate Content
Message 4 of 4

RE: Help! Infected by Generic.dx, Generic!Artemis and Generic Rootkey.w

Exactly.. Although you can try and see if you're successful, this type of malware can frequently prevent the download, or install, or running of removal tools.. That's also the reason for renaming the installer files BEFORE attempting to install the removal programs on your computer.

Hope this helps.


Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community