Terminate Known Malware Processes with RKill

Typically, when a malware infection occurs, it will become quite obvious to the end-user; especially, when the infection has propagated to the point that your security software has shutdown (will not run or update), internet access is crippled, Windows System Restore no longer functions and bogus security software has installed itself on your PC (just begging for your credit card number).

In the background, unbeknownst to the end-user many malware processes are in force making this all happen that work in concert with a registry that has been compromised. These processes are very difficult to diagnose and shut down, without the aid of special software to shutdown those processes and restore the registry to a manageable (or stable) state.  Once the processes are shutdown and the registry is stable, then the end user has a window of opportunity to use security software to remove the malware infection completely.

An application that I keep in my flash drive toolbox, for these unwanted occasions and to target those malware processes, is the utility called RKill.

RKill

RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then import a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.

RKill will attempt to terminate the malware processes and make the registry stable enough so that you can clean your computer using security software, such as Malwarebytes Anti-Malware . After you run RKill do not restart your computer until the infection has been cleaned. Restarting the PC, after running RKill, will only result in the malware processes restarting.

——————————————-

GEEK BONUS AREA

Today’s Technology News, Software, Apps, Wallpapers, Tech Products and MORE… 6/12/12

The Internet and Homeland Security

15 Free Best Antivirus Apps For Android

Cisco-Linksys WRT54GL Wireless-G Broadband Router

Bookmarks4Techs

Gold Box: New Deals. Every Day.

——————————————-

Bookmark and Share

[ CLICK HERE TO LEAVE A COMMENT ]

About these ads

4 Responses to Terminate Known Malware Processes with RKill

  1. techpaul says:

    Rick,
    All my thumb drives have a folder containing Rkill and its non dot exe variants, as I wouldn’t want to be caught w/o it.

    I would like to humbly suggest that IMHO, those with zero experience removing malware infections (and the utterly non-Geeky) may be best served to use BleepingComputer’s advanced malware removal tools when (and how) instructed to do so by one of their ace, volunteer, antimalwareologists, and not willy-nilly (though Rkill is rather straightforward). They will guide you through the entire cleanup process, and make sure you get it all.

    .. just my 2¢.

    Thank you for including me in your Bonus Area!

    • Ramblinrick says:

      TechPaul,

      The one thing I love about blogging is the great expertise that surfaces to enhance the information. Your expertise, my friend, on these matters is very much appreciated. What you have reflected in your comment is “dead on”; especially, for most people who have zero experience removing malware infections.

      As always, Thank You!

      Rick

  2. maxlehmann says:

    I tried this program about two years ago. And I think it is very good tool! and + free.
    But the main problem with this tool is:
    I read many users complains that they don’t trust tools that kills processes without giving a list of exactly what it has found and shutdown. So this thing just does its thing and leaves you completely in the dark. the user should have more control over what it is doing, or at least have more of a report.

    All in all people should not complain about free products! because it is FREE :)

    • Ramblinrick says:

      Maxlehamm,

      This tool is a last resort option if a malware infection occurs. You are correct, it does not show what it found or what it is shutting down. I have found, through the removal of malware, this tool is a major help even though it is not identify (visually) what it shut down. All I know, it does work… Keep the comments coming!

      Rick

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 262 other followers

%d bloggers like this: