While attempting to clean one of the many variants of fake Anti Virus suites, I had problems with the standard cleaning tools such as MalwareBytes and HijackThis cleaning the infection while in Safe Mode, I really needed to be in Normal mode to clean the infection. Of course, booting into Normal mode allowed the rogue software to plant its feet upon Windows loading and stop cleaning procedures.

Here is a great tool that I found that stops the rogue services while you are in Normal mode so you can run cleaning tools. The tool is called rkill.exe and it is a DOS based tool that once started, will scan for rogue services and stop them. I ran the rkill.exe and the AV Security Suite (the true threat) flagged it as a threat, so I ended up having to run one of the other .exe called eXplorer to stop the services.  There are 2 other variants of the same rkill.exe, one called iExplore.exe and the other eXplorer.exe, these are basically just renamed versions of rkill.exe in case the infection flags the rkill.exe as a threat.

This is a great tool for general Malware, Spyware, Trojan removal that allows you to keep the machine in Normal mode while cleaning for infections.