(http://tigzy.geekstogo.com/images/RogueKiller.PNG)
RogueKiller is a useful application which will scan the running processes from your computer and kill those who are malicious.
This tool was developed after seeing that some rogues (eg Security Tools) block the execution of disinfection programs, and some programs (eg rkill) appeared ineffective in killing the rogue process. So a tool based on timeliness was created, which can clean up the process, as well as clean the registry and sanitize it faster and safer than using other apps.
Freeware
Whats new: >>
· Added support for new ZeroAccess variant (RTL)
· Added AutoRun value support in PE mode
· Fixed bug for rebooting query
· Fixed bug in file/folder deletion
· Removed unauthorized characters in report
· Updated links
http://tigzy.geekstogo.com/roguekiller.php
Whats new: >>
Release Notes
Fixed bugs
9.0.0.0 Beta 3:
CLI commands -nodriver -autoscan -autodelete -autoquit -autoeula -hideui
Added detections
Fixed EULA
Added service repair
Added check for updates
Changed driver icon
Added reboot notification
Added pending detections notification on quit
9.0.0.0 Beta 2:
Fixed a bug in MBR log
Fixed a bug in Service log
Fixed a bug in log (RTL characters removed, ZeroAccess)
Replaced SUSP PATH label by Suspicious.Path
Removed Chrome.exe IAT/EAT scan
Fixed 3 bugs in IEAT/EAT display (process is displayed / legit entries are hidden / fixed size of function in console display)
Now suspicious services registry keys are not prechecked (to avoid confusion with true malware)
Disabled Forged files removal (except if contains malware signature), due to some false positives
Fixed a bug in Registry subkey removal (ZeroAccess)
Fixed a bug in File replacement (added ACL copy before replace, Zekos)
Fixed a bug in ListView sorting (was too slow)
Added detections
9.0.0.0 Beta 1:
Added crash handler window
Reports are now translated
Added missing translations
Added hover event for Facebook / Paypal links
Added fancy Facebook button
Replaced old icons by high res icons
Added detections
Fixed a bug in ComManager
9.0.0.0 Alpha 5:
Brand new high res icon!
Now sending statistics to adlice.com webserver database
PUM color detection is now Dark Gray
Added web browser scan
Added stop button (during scan only)
9.0.0.0 Alpha 4:
Added context menu select/unselect all
replaced old MBR display by a listview
added MBR scan
fixed carriage return bug in reports
fixed bad driver decryption
added Hooks scanner
9.0.0.0 Alpha 3:
Fixed a bug when exiting with file menu
Added hosts fix button (hosts tab)
Fixed window names bug (massive false positive)
Added true version number comparison for version checker
Fixed elided text bug
Added report footer
Now general progressbar is used as progression
Now displays fine progression
Added file scanner
9.0.0.0 Alpha 2:
Fixed a crash in Yara scanner on some processes
Fixed a bug in Hidden processes detection
Fixed a bug in report module, prescan results were removed from reports
Fixed display bug (wrong X64 display in title)
Fixed crash handler, now crash dumps will be located in %ProgramData%/RogueKiller/Debug
Fixed display bug. After removal, status of items was not updated.
Added Hosts file support
Added Hosts file line removal
Removed Proxy, DNS and Shortcut buttons/tabs
9.0.0.0 Alpha 1:
Rewritten engine from scratch ( RKSdk V1 )
Moved to Yara scanner
Fixed a lot of bugs
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Added detections
Moved version check before Prescan
Fixed a bug in IAT scanner, where call stack was not recorded correctly
Fixed a bug in IAT scanner, where unknown module was not displayed
Fixed a bug in RogueKiller OLD GUI, where config file was not read properly
Fixed ShowLegitHooks command/setting
Fixed slow UI when a lot of entries are added to a table
Fixed a bad items insertion when sorting was enabled
Fixed a bug in MBR (GPT) module
Fixed missing Premium info when internet access is broken
Fixed a bug in libcurl library (X64)
Added new method to detect IAT inline hooks
New:
VT Scan on registry, tasks, files, mbr, web browsers and antirootkit scans.
VT scan no more in beta
VT scan now scans all processes
VT scan has local caching
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Now VT file scan has minimum/maximum size
Refactored PUP/PUM classification to be clearer and more consistent
Fixed VT file scanner scanning LNK files instead of target
Now VT unknown s classified as PUP
Now VT cache has outdated date (fixed to 5 days)
Now VT scanner rescans pending items at initialization
Added detections
http://tigzy.geekstogo.com/roguekiller.php
Changelog
NEW! Breaking news banner
External libs update + optimizations (Zlib, SQLite, udis86)
Fixed a bug in Tab navigation
http://tigzy.geekstogo.com/roguekiller.php
Changelog
NEW! Breaking news banner
External libs update + optimizations (Zlib, SQLite, udis86)
Fixed a bug in Tab navigation
http://tigzy.geekstogo.com/roguekiller.php
Changelog
NEW! Preferred language is now saved
Added detections
Fixed processes scan aggressiveness
NEW! Logo can now be rebranded
Fixed a bug in Extensions Checked
Fixed a bug in CLSID scanner
Fixed Orphan detection level + vendor name => PUM.Orphan
Fixed License fallback state
Added new autostart locations
Added Transfert progressbar
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Updated database
Fixed a bug in reporting
Disabled PUM.DesktopIcons (too confusing, and not critical)
Disabled PUM.Orphan (too confusing, not critical)
Better unit testing
Initialization optimizations
Updated translations
NEW! (Premium) Web service
NEW! Web service /info url (get version info)
NEW! Web service /scan/new url (start new scan)
NEW! Web service /scan/status url (get scan status)
NEW! Web service /report/last url (get last report)
NEW! (Premium) -pupismalware command line parameter + setting
NEW! (Premium) -pumismalware command line parameter + setting
Reverted portable fixed location in rk_config.ini
Fixed error message when too many instances
Setup now adds RogueKiller bin folder to %PATH%
Updated userland certificate
NEW! Promotional nag.
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Fixed a bug in Licensing
Fixed a bug in VirusTotal module
Now portable license generated file is read-only
Added GUI indicators when using portable license
Added detections
Extension checker optimizations
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Added detections
NEW! HTML reports
NEW! HTML Open button
NEW! TXT Open button
NEW! HTML log setting + command line parameter
Fixed timeout for Curl operations (max 5 seconds)
NEW! signature database is now pre-compiled, will load much faster
Updated Yara engine to 3.4
Refactored Digisig engine, better performances
Added more information in Json log for killed processes
Fixed a bug where x64 processes names are not found when using x86 version
Fixed path whitelist priority on VT blacklist (processes scanner)
Updated translations
Fixed an issue where Floppy drives become very noisy during scan
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Added detections
(Premium) Added message when Updater is not present and program is outdated
Updated translations
Added link to public Trello board
Added version check in about form
NEW! VirusTotal choice for upload
NEW! (Premium) VirusTotal choice setting
Fixed automatic updates when Updater is not present
NEW! EULA will show up again if a new version is present
Extended injection signature search to 4 sections (instead of 1), to better identify injection code.
Now infection urls for antirootkit point to non technical posts
Resized main and about forms
(Premium) Added more information in licensing server check
(Premium) Prepared for annual subscription switch
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Added detections
Added crash dump form
Fixed a bug that showed steps not supposed to run
Updated translations / Fixed typos
Added Data column in scan results
Fixed Autoscan
Fixed Autoremove
Now scan progress live detection shows in red when an item is detected
Fixed a bug that led to driver state being wrong in reports
http://tigzy.geekstogo.com/roguekiller.php
Changelog
Minor fixes
13.3.0.0
Updated to core 3.1.0
Fixed an issue where GetErrorMode API isn't present on XP
New machine ID (less prone to changes on Windows install)
Technician trial (if applicable)
Scheduler V2
Reviews notifications
Better notifications
Added Machine ID on Account page
http://www.adlice.com/software/roguekiller/
Changelog
Added button to export RTP history
Added button to export service log
Added button to clear RTP cache
Fixed warning about modules disabled when explicitely turned off by config
Fixed an issue with exit warning not showing
Updated German translation
Updated Turkish translation
Updated to core 4.0.4:
Fixed Bad.Extension on Zero-filled
Fixed heuristics in command-line scanner
Fix for telemetry
Fixed bad reference decrement in Yara scanner
Fixed initialization order in worker threads
Fixed ACLs removal in Debug module
Fixed potential crash in Exclusions and History Events modules
Minor fixes
http://www.adlice.com/software/roguekiller/
Changelog
Fix for getting username from SYSTEM account
Fixes for scheduler engine
Fixed FP remediation for Proc.Svchost detections
Fixed exclusions when path have spaces
Minor fixes
Added "refresh" button for custom scan paths directories tree (to use on external drives (un)plugged)
Fixed laggy UI at startup
http://www.adlice.com/software/roguekiller/
Changelog
Updated to core 4.1.0
Fixed a possible crash in Buffer module (implicitcasts)
Fixed an issue where threat name wasn't properly parsed
Reduced API calls frequency
Update to rkflt 0.9.2
Update to rksvc 1.1.0
Fixed possible crash at exit
DockLock: Prevent RW from rebooting
DockLock: Prevent RW from using shadow copy removal
DockLock: Fixed an issue where renaming whas not fully detected
DockLock: Added RIPlace detection and blocking
Updates libraries (jansson / cryptopp)
Driver loading sanity check
Added gamer mode (no notifications during full screen)
http://www.adlice.com/software/roguekiller/
(https://i.postimg.cc/V6rCF1bc/screenshot-2515.png)
RogueKillerCMD is the command-line version of the ever-popular RogueKiller malware removal tool.
Freemium
Changelog
- Updated to core 4.3.3
* Fix for crash upload (limitation by dump is present)
* Fixed pipe disconnect (retry logic)
* Fixed pipe security
* Fixed IPC cache
* Added config auto-backup/restore
* Fixed self-update task
* Fixed crash reports upload
https://www.adlice.com/download/roguekillercmd/
Changelog
- Fixed potential crash on exporting portable config
15.0.1.0
Fixed potential crash on startup
15.0.0.0
Fixed an issue where some settings in combobox where changing on page scroll (lang, theme)
Minor UI fixes
Updated to core 6.0.4:
Fixed an issue where context menu scan was not working when UI is started by the service
Fixed potential crash in getting computer name
Fixed issue with Windows Updates status
Fixed issue with ucheck progress counters
Refactored using safer memory management (smart pointers)
Refactored with asynchronous initialization (faster to start)
Updater 4.0
RK DLL 4.0
Minor fixes
http://www.carifred.com/
(https://i.postimg.cc/V6rCF1bc/screenshot-2515.png)
RogueKillerCMD is the command-line version of the ever-popular RogueKiller malware removal tool.
Freemium
Changelog
Updated to core 6.1.5:
Fixed an issue in path parser (task scheduler)
Minor fixes
https://www.adlice.com/download/roguekillercmd/
Changelog
Updated to core 6.4.0
Rkflt version 0.10.3 (Win10+)
Fixed memory leaks
Fixed missing allocations tagging
Windows 11 official support
Logs reduction
Minor fixes
Added/Updated translations
NEW: Japanese
NEW: Dutch
NEW: Portuguese
NEW: Brazilian
NEW: Polish
NEW: Italian
NEW: Arabic
NEW: Japanese
https://www.adlice.com/software/roguekiller/
(https://i.postimg.cc/wTZ8TVx9/screenshot-2510.png)
Scan your system for rogue processes, corrupted registries or other faulty components and attempt to fix them with this application.
Freemium
Whats new:>>
Updated to core 6.14.0
Truesight 3.4, fixed vulnerabilities
Truesight 3.4, fixed possible handle leak
Now avoiding killing protected processes
Minor Fixes
https://www.adlice.com/roguekiller/cmd/
Changelog
V15.15.1 02/14/2024
=================
- Fixed potential crash in account page
V15.15.0 02/14/2024
=================
- Updated to core 6.18.0
* Removed unneeded ACL reset
* Replaced folder ACL reset by "Add World ACE"
* Added IsInstalled verification in core
* Now using current directory's subdir for non-installed core instances
* Modular core, preparing for core optimizations
* Added UCheck bitness detection algorithm
* Added UCheck existence verification
* Removed potential crashing logs
* Added AsyncWorker for smoother UI experience
* Theme fixes
* Report UI refactoring
* Minor fixes
- Disabled shell replacement in installer ("Black screen" issue on update)
- Now opening UCheck instead of website if installed
- Consolidated Tech portable available features
- Added "fully portable" feature, if not installed will work from a current dir's subdir
https://www.adlice.com/software/roguekiller/