Step 1: Identify PID
ps aux | grep suspicious_process
pgrep -f "suspicious"Step 2: Send TERM Signal (Graceful)
kill -15 [PID]Step 3: Force Kill if Needed
sudo kill -9 [PID]Step 4: Kill All Processes of a User
sudo pkill -u usernameStep 5: Kill Process Tree
sudo pkill -P [PPID]Step 6: Remove Persistent Malware
# Check crontab, systemd, rc.local for persistence
sudo systemctl disable malicious.service
sudo rm /etc/systemd/system/malicious.service