Stopping rogue services so you can clean Malware, Spyware and Trojans

IT

Stopping rogue services so you can clean Malware, Spyware and Trojans

While attempting to clean one of the many variants of fake Anti Virus suites, I had problems with the standard cleaning tools such as MalwareBytes and HijackThis cleaning the infection while in Safe Mode, I really needed to be in Normal mode to clean the infection. Of course, booting into Normal mode allowed the rogue software to plant its feet upon Windows loading and stop cleaning procedures.

Here is a great tool that I found that stops the rogue services while you are in Normal mode so you can run cleaning tools. The tool is called rkill.exe and it is a DOS based tool that once started, will scan for rogue services and stop them. I ran the rkill.exe and the AV Security Suite (the true threat) flagged it as a threat, so I ended up having to run one of the other .exe called eXplorer to stop the services.  There are 2 other variants of the same rkill.exe, one called iExplore.exe and the other eXplorer.exe, these are basically just renamed versions of rkill.exe in case the infection flags the rkill.exe as a threat.

This is a great tool for general Malware, Spyware, Trojan removal that allows you to keep the machine in Normal mode while cleaning for infections.

More About the Author

Darien Smith

Systems Engineer
Finding computer memory information with a command Here is a handy command to find out computer memory details from a command prompt so you don’t have to open up the computer. Go ...
Disabling Windows 7 Virtual Store After a recent MS update, I had a user that ran into issues with a legacy application saving all the documents created into a new ...

See more from this author →

Subscribe to our newsletter

  • I understand that InterWorks will use the data provided for the purpose of communication and the administration my request. InterWorks will never disclose or sell any personal data except where required to do so by law. Finally, I understand that future communications related topics and events may be sent from InterWorks, but I can opt-out at any time.
  • This field is for validation purposes and should be left unchanged.

InterWorks uses cookies to allow us to better understand how the site is used. By continuing to use this site, you consent to this policy. Review Policy OK

×

Interworks GmbH
Ratinger Straße 9
40213 Düsseldorf
Germany
Geschäftsführer: Mel Stephenson

Kontaktaufnahme: markus@interworks.eu
Telefon: +49 (0)211 5408 5301

Amtsgericht Düsseldorf HRB 79752
UstldNr: DE 313 353 072