Using Diagnostic Startup/Find Malware

Custom / CUSTOM
February 25, 2011 at 11:51:16
Specs: Microsoft Windows XP, 3 GHz / 2045 MB
Trying to help a friend that has been hit by Internet Defender malware. I assume that it would be listed in Startup (in msconfig), but I do not see anything that resembles the name. Never have used Diagnostic Startup before, so need to know if I use Diagnostic Startup and then include each program that I do not recognize and restart, that should give me the name of the program I want to clean out, right, if the program pops up again?

See More: Using Diagnostic Startup/Find Malware

Report •


#1
February 25, 2011 at 16:28:00
Hi,
Try downloading Rkill from this link:
http://download.cnet.com/RKill/3000...
This will stop the process running so you can remove it, DO NOT REBOOT.
Now download Malwarebytes update and run a full scan:
http://www.malwarebytes.org/

Report •

#2
February 25, 2011 at 17:45:49
I'll give that a shot. I tried Malwarebyts and found nothing. Maybe needs updated.

Thanks


Report •

#3
February 25, 2011 at 19:35:39
Just a follow up, but when I tried to download RKill from CNET, McAfee finds a trojan, Artemis, attached to the file, so I have not downloaded it and still trying to find somewhere else to try the download and so far I have not had any luck.

Report •

Related Solutions

#4
February 25, 2011 at 19:40:20
This is whats known as a false positive. I have had BullGuard AV double check to confirm. What Rkill does is very similar to a virus, but it is not.

Report •

#5
February 25, 2011 at 19:47:26
http://www.bleepingcomputer.com/for...
Bleepingcomputer.com were the makers of Rkill this will explain how it works etc, and provides a few different ways of downloading it. You should see the same false positive when you download them.

Report •


Ask Question