RogueKiller is a program written in C++ and able to Kill malicious processes, stop malicious services and unload malicious DLLs from processes.
- Kill malicious processes
- Stop malicious services
- Unload malicious DLLs from processes
- Kill malicious hidden processes
- Find and remove malicious autostart entries, including :
- Registry keys (RUN/RUNONCE, ...)
- Tasks (Scheduler 1.0/2.0)
- Startup folders
- Hijack entries, including :
- Shell / Load entries
- Extension association hijacks
- DLL hijacks
- Many, many others ...
- Read / Fix DNS Hijacks (DNS Fix button)
- Read / Fix Proxy Hijacks (Proxy Fix button)
- Read / Fix Hosts Hijacks (Hosts Fix button)
- Restore shortcuts / files hidden by rogues of type "Fake HDD"
- Read / Fix malicious Master Boot Record (MBR) -- Even hidden by rootkit
- List / Fix SSDT - Shadow SSDT - IRP Hooks (Even with inline hooks)
- Find and restore system files patched / faked by a rootkit
Also able to remove lots of actual infections, including ZeroAccess, TDSS, all rogues, and many Ransomwares. Detections are Blacklist/Whitelist based or Heuristic based.
From the Forums
Subscribe to TechSpot
Get free exclusive content, learn about new features and breaking tech news.