RogueKiller is an anti-malware program written in C++ and capable of detecting and removing generic malware and some advanced threats such as rootkits.<\/p>\n
DETECTION COLORS<\/strong> Red: Known malware, high detection rate Based on generic methods for finding malware because of its behavior (heuristics), on generic anti-malware analyses (signature search) and on undocumented hacks, RogueKiller can find\/remove most basic malware (rogues, trojans) and some advanced threats like ZeroAccess or TDSS which behave more like rootkits. Here is a summary of RogueKiller's capabilities:<\/strong> \u2013 RogueKiller is an antivirus computer program written in C\/C++, which scans running Windows processes and kills those that are malicious. RogueKiller is a GUI-based tool (since the new version), so it's easy to use. However, some people may have difficulty interpreting the results and knowing what to do next. This is normal; malware removal can sometimes be complicated. Contact support, or better yet, take the report and post it on the forum. They know how to interpret it and will guide you through the removal process (free of charge).<\/p>\n Configuration:<\/strong> Facility:<\/strong>
\nSince RogueKiler V9, detection colors are standardized. Please review this section before deciding what should be removed.<\/p>\n
\nOrange: Possible malware. Often has a suspicious path and is tagged PUP (Potentially Unwanted Program).
\nGray: Suspicious (Unchecked by default) Reserved for PUMs (Potentially Unwanted Modifications). This applies to proxies, DNS configurations, etc.
\nGreen: Not detected as malware. This means the item is displayed for informational purposes only, but is not intended to be deleted (unless you decide to do so).<\/p>\n
\nRogueKiller is a lightweight anti-malware program maintained by a small team, and as such, its detections are based on the most widespread threats. We react quickly to integrate the detection and removal of what we believe to be a global threat that could affect the largest number of people as soon as possible.<\/p>\n
\nKill the malicious processes
\nStop the malicious services
\nUnload malicious DLLs from processes
\nFind\/Kill hidden processes
\nFind and remove malicious startup entries, including:
\nRegister entries (RUN\/RUNONCE)
\nScheduled tasks (1.0\/2.0)
\nStarter folders
\nFind and remove registry hijackings, including:
\nShell\/Load Inputs
\nFile association hijacking
\nDLL hijacking
\nMany other things
\nRead\/Delete DNS hijackings (Reset DNS button)
\nRead\/Remove malicious proxies (Clear Proxy button)
\nRead\/Delete malicious Hosts entries (Reset Hosts button)
\nRepairing shortcuts\/files hidden by Fake HDD rogues
\nReading\/Deleting malicious Master Boot Records (MBRs), even those hidden behind a rootkit
\nListing \/ Removing SSDT Shadow SSDT IRP hooks (even inline hooks)
\nSearching for and removing system files patched\/hidden by a rootkit<\/p>\n
\nThe program is based on threat targeting: it cleans up running processes and, on request, cleans the registry. It also has additional features (restoration of the Hosts file, Proxy and DNS configurations, recovery of hidden files).
\n\u2013 RogueKiller is capable of analyzing and removing malicious registry keys, as well as scheduled tasks, autostart folders, and suspicious or known file locations.
\n\u2013 RogueKiller's new version features a graphical interface. This makes it easier to choose which modes to use and to uncheck any false positives before deletion.
\n\u2013 RogueKiller also detects certain rootkits and their bypass methods such as SSDT hooks, Shadow SSDT, IRP, hidden processes, hidden registry keys and Master Boot Record (MBR) hijacking.
\n\u2013 RogueKiller also allows restoring functional internet access in certain cases such as DNS configuration hijacking, the installation of a malicious proxy, or hijacking of the use of the Hosts file.
\n\u2013 Finally, the program allows you to recover all files \/ folders as well as shortcuts hidden by rogues of type \u201cFake HDD\u201d (System Check, System Restore, System Fix, \u2026).<\/p>\n
\n\u2013 Windows: windows xp a 10 (32 and 64 bit)
\n\u2013 Intel Pentium 4 1GHz processor
\n\u2013 512 MB RAM
\n\u2013 Hard drive with a minimum of 50MB of available space<\/p>\n
\n0) Important: Windows 8 users, disabling SmartScreen is mandatory
\n1) Run RogueKillerX64 or RogueKillerX86 depending on your system
\n2) or setup to install it<\/p>\n