SOLVED Kill persistent malware processes before running your security software


Nibiru2012

Quick Scotty, beam me up!
VIP Member
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
From: The Windows Club 6-7-2010

Sometimes persistent virus, spyware or malware processes will not allow a security software to run or to effect a complete removal of the infection, since these processes are themselves up and running on your Windows computer.


RKill is a easy to use tool that kills known processes that stop the use of normal anti-malware applications.

RKill just kills processes, imports a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools. Then it kills Explorer.exe so it will restart and enable some of the Registry changes. When done, RKill will then create a log listing all processes that were terminated while the program was running.

After running , it will display a log which will show the malware processes it has killed.


Now you should not reboot your computer as any malware processes that are set to start automatically, will just start up again.

Instead, after running RKill you should scan your computer using your malware removal tool of choice.

This will ensure a more complete removal of the malware which may have infected your Windows computer.

For download link & details visit BleepingComputer.

NOTE: It is HIGHLY recommended that you download RKILL when you need as it is updated on a daily basis at the BleepingComputer website, but does not have a auto update feature.
So download it when you need it so it will have the latest info.
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Catilley1092 will probably like this post! :D
 
Last edited by a moderator:
Ad

Advertisements

Kalario

Aquarius
VIP Member
Joined
Dec 15, 2009
Messages
590
Reaction score
68
Thanks Nibs...very informative. I am postmarking it for future use.
 

TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,319
Reaction score
1,584
Many of these malware programs protect themselves, when you stop one process another one watching restarts it. Is this effective against multiple programs at one time?
 

Nibiru2012

Quick Scotty, beam me up!
VIP Member
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
According to the BleepingComputer website, it does work on multiple processes running at once.

Check it out, it is a very interesting website and has a lot of information.

Here's a screenshot:

 

catilley1092

Win 7/Linux Mint Lover
VIP Member
Joined
Nov 13, 2009
Messages
3,507
Reaction score
563
It also states that you may have to be persistent, starting the program several times to purge the malware. The tool appears to be worth having, I'll download it to my laptop and try it out on that first.
 

Veedaz

~
VIP Member
Joined
Sep 1, 2009
Messages
1,988
Reaction score
374
RKill looks interesting, will download and see what it can do on a test PC :) thanks Nibiru.
 

yodap

No longer shovelling
VIP Member
Joined
Mar 30, 2009
Messages
1,430
Reaction score
340
Thanks again, Nibs,
Keeping the info in my "anti bad stuff folder thingy"
 

Veedaz

~
VIP Member
Joined
Sep 1, 2009
Messages
1,988
Reaction score
374
RKill works very well !, we have a test computer in the workshop (core 2 duo, 3 gig ram, twin HDDs, and ATI Asus 4830 GPU, Windows 7 Pro - 32-bit) after deliberately turning off Avast and visiting some very strange web sites and downloading all sorts of cr*p the test computer (now called TC) had a few infections / things running, within about one hour (scans with RKill and Avast) TC was %100 clean. So to conclude we will be keeping RKill on hand .... it Works ! :beer:
 
Ad

Advertisements

TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,319
Reaction score
1,584
I have added a link to this thread from our freeware database because this is a good application for everyone to keep on a flash drive somewhere "just in case". You will need to update your copy periodically because this is updated when new processes are discovered. If at all possible, use an uninfected machine to retrieve it the day you actually need it.
 
Last edited:

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top