Rkill stops malware processes from running. It is useful because active malware processes running on your PC may not be detected by antivirus software. You can always go to the Task Manager in Windows to view active processes. If you cannot identify them, or they are blocked from the Task Manager list, you will find that the easy-to-use Rkill will stop the processes and identify them. Then you can run your antivirus program to remove the malware.
Rkill is a free utility offered by bleepingcomputers.com. Here are the links to give you the different versions:
The different versions are offered as many malware processes will execute through various paths. You will need it at some point when operating a PC. This will not remove malware or repair damage caused by malware. This will simply stop the processes from running. Once you download, you can save the file and run a security scan. It is doubtful that you will find any security risks, but just stay on the safe side and check before running the utility. Once you start Rkill, this screen will open:
This process can take a long time to complete. You can temporarily disable antivirus and anti-spyware programs as they will often recognize Rkill as a threat and disable it. It may sound crazy to disable antivirus software and it is not a move without risk. It is better to go into your antivirus software and create an exception for the Rkill version that you use and leave the rest of the antivirus running as is. After Rkill is prepared, it will indicate that it is terminating malware processes.
Close applications to make this faster. The “Please be patient” message is no joke. You might wait 30 minutes and you might also wait for hours. The wait is worth it. When Rkill has completed its task, it will show a screen like this:
Please note that Rkill's main purpose is to prepare the system for the disinfection of malicious software. That's why you see Chrome and rundll32.exe in the list above. It does not mean that those processes are malicious.
The next thing to do is open your antivirus software and run a scan. A prior scan did not pick those cookies up before running Rkill. The advantage is obvious. Select all and delete from quarantine. It is a good idea to use MalwareBytes, another free utility to run a basic malware scan. This can be run in conjunction with the antivirus scan on Windows 7 as long as your PC processor can handle the load. The general rule is to run MalwareBytes separately to avoid confusion. It has been found favorable to run a good antivirus scan first and then run MalwareBytes. Obtain the free download for MalwareBytes here:
Use the free download or purchase the full version. The free download is sufficient as long as your antivirus is up to date. After following the prompts, MalwareBytes will open and you should just run a quick scan. It will detect any remaining malware that your antivirus may have missed. By running the antivirus before MalwareBytes, everything was removed. When MalwareBytes completes a scan, it shows a screen with the results. Nothing was found here because my resident malware protection removed the malware already.
That is all there is to it. If in doubt about malware, try Rkill and see what is actually going on in the background.
Please note that Malwarebytes is just a suggestion. There are other free tools out there that you can use to scan your system, Dr. Web Cure It for instance.Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.