RogueKiller is a tool written in C, which scans the processes running, and kill those who are malicious. It is a tool based on speed of execution, which is to clean up the process and requested clean the registry to make a sanitizing faster and safer then with the usual tools.
Kill malicious processes
Stop malicious services
Unload malicious DLLs from processes
Kill malicious hidden processes
Find and remove malicious autostart entries, including :
- Registry keys (RUN/RUNONCE, ...)
- Tasks (Scheduler 1.0/2.0)
- Startup folders
Hijack entries, including :
- Shell / Load entries
- Extension association hijacks
- DLL hijacks
- Many, many others ...
Read / Fix DNS Hijacks (DNS Fix button)
Read / Fix Proxy Hijacks (Proxy Fix button)
Read / Fix Hosts Hijacks (Hosts Fix button)
Restore shortcuts / files hidden by rogues of type "Fake HDD"
Read / Fix malicious Master Boot Record (MBR) -- Even hidden by rootkit
List / Fix SSDT - Shadow SSDT - IRP Hooks (Even with inline hooks)
Find and restore system files patched / faked by a rootkit