Removing malware used to be fairly easy, at least in principle. Detect the infection, kill any running processes and files, and that’s it -- finished.
These days, unfortunately, life can be more difficult. Some malware will actively try to block any attempts to remove it, perhaps preventing you from running antivirus tools, locking its files, maybe restarting itself if necessary. This can be frustratingly effective, too, but there are ways to fight back. And KillEmAll is a great place to start.
As you might guess from the name, the program’s approach isn’t exactly subtle. Launch KillEmAll and it will immediately try to close everything but non-essential system processes. There’s no warning about this, either, so beware -- if you’ve unsaved work in a document somewhere then it’ll almost certainly be lost. Otherwise, though, if there is malware running then hopefully it will closed down with everything else. And once this is done, an antivirus scan may stand a better chance of detecting and removing the threat.
There are no guarantees, of course. The malware may prevent KillEmAll from running. It might prevent itself from being closed down, or have another component which restarts it whenever necessary. But if you’re manually malware-hunting then the program is a good first step, and if it doesn’t work immediately then there are other things you can try.
Hold down Shift as you launch KillEmAll, for instance, and the program elevates itself to the system account. This gives it more rights and a better chance of closing down any malware, plus it’ll restart itself if malware tries to close the program down.
If the program seems to work, but your regular antivirus tool can’t find anything, then there are various options which might be able to help. There’s a button to launch a Google search on a process name, for instance. You can upload a file to VirusTotal to try and identify malware. If you’re absolutely sure the file is dangerous, you can try to delete it, or there are a couple of "Rename" options if you’re more cautious (you can always restore the file later, if it turns out to be innocent).
And if you find KillEmAll keeps closing some vital processes, then you’re able to add them to a whitelist, and they’ll be left alone.
On balance, this isn’t a program you should take lightly. Closing multiple processes is dangerous, and there’s no way of telling what might happen. Again, you get no warning of this -- just launch KillEmAll and it leaps into action. And using the other tools to rename or delete executables can also cause plenty of problems; it’s not something to try unless you’re entirely sure what you’re doing (and probably not even then).
But if you really are at the last resort -- the regular antivirus tools have let you down, and a manual cleanup is the only option left -- then KillEmAll is a very useful tool to have in your armory. Go grab a copy for yourself (just don’t run the program until it’s needed).
Photo Credit: lolloj/