Multiple antimalware developers are now reporting, we are currently being exposed to approximately 70,000 new malware threats EVERY day!
Unfortunately for those of us who have to deal with this onslaught, much of this malware is smart – very smart. So smart in fact, that in many cases malware will recognize that the infected user is attempting to launch an antimalware application, and abort the launch.
At this point, many users give up and resort to more drastic measures, including a disk wipe, reformat, and an OS re-install. Thankfully, there is another option.
Larry Abrams over at BleepingComputer, perhaps the best web site of its type, where free help is available for many computer related problems, including the removal of rogue software, has developed an excellent free tool to deal with this problem.
Here’s how Larry describes RKill –
“RKill is a program developed at BleepingComputer.com that was originally designed for the use in our malware removal guides. It was created so that we could have an easy to use tool that kills known processes that stop the use of our normal anti-malware applications. Simple as that. Nothing fancy. Just kill known malware processes so that anti-malware programs can do their job.”
Graphic courtesy of Bleeping Computer.
If you deal with malware removal on a regular basis, or you’re a “super user”, and I know many of you are, I highly recommend that you add RKill to your antimalware toolbox.
RKill is available at the following download sites:
Note: Because RKill may exhibit behavior similar to the malware it is designed to shut down, your AV may recognize it as malware. This condition is not unusual when dealing with antimalware specialty tools. RKill is a safe application.
Before using RKill get more complete instructions here.
If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.
Nice info Bill.
Downloaded….
Hey Marcus,
I gave this a bit of a workout, and it seems to work well. It did however, shut down Immunet Protect, one of my AV solutions, based on its behavior. No big deal though, it just did what it’s designed to do.
Bill
Another one that’s over my head Bill. But I’m learning as I go, so I’ll download this one.
Liam
Hey Liam,
That’s very cool! Learning is a process – one step at a time.
Bill
Hey Bill,
Have been using it for so many months and it’s really a cool tool.. My friend’s often ask me for malware help..
Regards!
Hey Ranjan,
I’m not surprised to here that – you’re always on top of things. Your friends are lucky to have you.
Best,
Bill
Pingback: » Download RKill – Free Antimalware Specialty Removal Tool « Bill … RWPS
And your friends too are lucky to have you…
Another good aspect of this is that it helps keep your pc skills charged…
Hey Ranjan,
You’re so right – “it helps keep your pc skills charged”.
Bill
Bill,
I agree your blog is great for getting me to try new programs and keeping my “pc-skills charged”. When I first found the blog I was pretty much limited to reformatting, not a great way to disinfect a computer unless absolutely needed.
Thanks for all the great info.
Mark
Well Mark, it’s definitely been a reciprocal arrangement. I’ve certainly gotten my fair share of solid tips from you, for which I thank you.
Have a great weekend.
Best,
Bill
Got detected by NOD32 as malware. Never mind, I know that’s because ESET are cautious.
Adrian,
I think I covered this issue explicitly in the article.
Bill
do uyou have to install or just run it off the link if you have to download it to your drive how do you do it, this was recomended by a friend
Hey Rich,
If you are unfamiliar with downloading to your HD, (which is what’s required), and then running the application from that drive’s download folder, you should have you friend (the one who recommended RKill), do this. This tool is used as part of a malware removal process recommended for high level users only.
Bill
Hi Bill,
I’ve just been infected with a fake Windows Security Alert virus. It has completely crippled my PC. I can’t run any program, can’t access the Control Panel, My Computer etc. I downloaded the recommended Malware links from Bleeding Computer (on a different PC) but of course I can’t run them on the infected PC. When I try to run the FixEd.reg file I get a security warning, asking if I want to run the anti virus software (the virus).
If I can’t install and/or run the Malware software is my only option a format?
Any help would be hugely appreciated.
Phil.
Hi Phil,
A week or so ago I wrote an article – Scareware is Destroyware Not Just Malware, https://billmullins.wordpress.com/2010/07/27/scareware-is-destroyware-not-just-malware/, and that’s essentially what it is. It’s virtually impossible to eradicate, and even if appears you’ve won the battle there is no way to be sure you still don’t have hidden malware. A disk wipe, and then a reformat, is the recommended solution.
One last thing you might try is, install the infected HD in another computer as a slave and run the appropriate tools.
I wish I had better news for you but……
Bill
Thanks Bill,
You confirmed my fears. Thanks for clarifying.
Phil