Typically, when a malware infection occurs, it will become quite obvious to the end-user; especially, when the infection has propagated to the point that your security software has shutdown (will not run or update), internet access is crippled, Windows System Restore no longer functions and bogus security software has installed itself on your PC (just begging for your credit card number).
In the background, unbeknownst to the end-user many malware processes are in force making this all happen that work in concert with a registry that has been compromised. These processes are very difficult to diagnose and shut down, without the aid of special software to shutdown those processes and restore the registry to a manageable (or stable) state. Once the processes are shutdown and the registry is stable, then the end user has a window of opportunity to use security software to remove the malware infection completely.
An application that I keep in my flash drive toolbox, for these unwanted occasions and to target those malware processes, is the utility called RKill.
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then import a Registry file that removes incorrect file associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.
RKill will attempt to terminate the malware processes and make the registry stable enough so that you can clean your computer using security software, such as Malwarebytes Anti-Malware . After you run RKill do not restart your computer until the infection has been cleaned. Restarting the PC, after running RKill, will only result in the malware processes restarting.
GEEK BONUS AREA