RogueKiller is a tool which aims to help you to detect and remove malware from your PC.
The program doesn't rely on virus signatures, which is good for detecting the latest threats, but also bad in terms of raising false alarms. When we launched RogueKiller, for instance, it immediately terminated two entirely innocent processes because it thought they were running from a "suspicious path".
And after clicking Scan, and waiting for the program to quickly check our system, we found similar false alarms under the Registry tab, where again RogueKiller assumed entirely legitimate programs were malware.
If you know what you're doing, though, the program's report does contain a great deal of useful information on possibly dubious startup programs, HOSTS file lines, proxy and DNS settings, drivers, shortcuts, MBR code and more.
And although RogueKiller will close processes it doesn't trust on launch, other files and Registry settings won't be removed unless you specifically click the relevant "Fix" button.
RogueKiller wouldn't be our first choice for a tool to disinfect a PC, then. But if other antivirus apps have failed, then there's no harm in giving the program a try, especially as it's portable so there's no need to install anything. (Just make sure you save any work before launching the program, just in case it tries to close the wrong process on your system, too.)
- Fixed Xpaj false positive with DiskCryptor MBR
- Added DiskCryptor MBR signature
- Added detections
- TrueSight 1.0.4: Better shellcode module detection
- IAT Hooks: Better shellcode module detection