RogueKiller is an anti-malware program written in C++ and able to detect and remove generic malwares and some advanced threats such as rootkits, rogues, worms, …
Based on generic ways to find malware by their behaviour (heuristics), on classic anti-malware analysis (signature finding) and on undocumented hacks, RogueKiller can find/remove most of the basic malware (rogues, trojans, …) and some advanced threats like ZeroAccess or TDSS that behave more like rootkits.
RogueKiller is an anti-malware maintained by a small team, and thus new detections are based on “most spread threats“. We react quickly to integrate detection and removal of what we think can be a global threat and affect a big amount of users across the world.
Here’s a little summary of what RogueKiller is able to do:
- Kill malicious processes
- Stop malicious services
- Unload malicious DLLs from processes
- Find/Kill malicious hidden processes
- Find and remove malicious autostart entries, including :
- Registry keys (RUN/RUNONCE, …)
- Tasks Scheduler (1.0/2.0)
- Startup folders
- Find and remove registry hijacks, including :
- Shell / Load entries
- Extension association hijacks
- DLL hijacks
- Many, many others …
- Read / Fix DNS Hijacks
- Read / Fix Proxy Hijacks
- Read / Fix Hosts Hijacks
- Read / Fix malicious Master Boot Record (MBR) or Volume Boot Record (VBR), even hidden with a rootkit
- List / Fix SSDT – Shadow SSDT – IRP Hooks (Even with inline hooks)
- Find and restore system files patched / hidden by a rootkit
RogueKiller is a GUI-ed tool (since the new version), so it’s easy to use. However, one can have difficulties to interpret the results and know what needs to be fixed. This is normal and malware removal is somewhat tricky. We’ve made a documentation to help you, please read it in case of need. If you still have problems, please feel free to post the scan log on the forum. They know how to interpret it and they will guide you in the removal (for free, of course).
RogueKiller is available in the following languages, detected by computer’s language. If your language is not inside and you think it would be useful, if you can translate from/to Engligh please go on that forum thread, all you need is explained.
French, English, Arabic, German, Italian, Czech, Dutch, Portuguese (Braz), Spanish, Chinese, Polish
NEW! RogueKiller now has a Premium version, with some useful features! Check it out now.
Please support us!
RogueKiller is a free software, updated about once a week. It needs perpetual watch on live malware, and constant improvements to crush bugs, handle new malware and add new cool features.
Advertisements on the website are the only reliable way to get our developers paid for all that hard work.
However, you can contribute in a most valuable way by making a small (or generous, depends on your mood) donation with Paypal or Bitcoin. Don’t hesitate to leave a message explaining your thankfulness with your donation, this is an important thing for the team!
If you don’t wish to donate, you can still express your thankfulness (lucky you! :)) by liking us on social networks (below).
Please choose a version and mirror:
Download RogueKiller (FossHub):
Download RogueKiller (Cloud):
Download RogueKiller (Local):
Download RogueKiller (Old GUI):
After trying RogueKiller, we strongly recommend to give a chance to Malwarebytes. That’s a generic antimalware, compatible with your antivirus.
The paid version has a real-time protection that catches a lot of malware unknown by most of antiviruses.
Disclaimer. RogueKiller is able to send feedback report automatically in order to help developers to fix bugs and improve the software. The content is not sensitive, and does not contain personal data, only software related data. This feedback is used for real time statistics of in-the-wild threats (see below). If you disagree with this, please do not use this software.
Disclaimer 2. RogueKiller, by design, can detect some false positives. We made the choice to “sometimes” detect wrong things (marked as suspicious) and have a very high efficiency against malware rather than never detect legit things and miss a lot of malware. That said, you have always the choice to uncheck items before hitting deletion (and report them as false positive to us!)
RogueKiller is easy to use. Basically, a classic use would be the following:
- Launch the program. Wait for the Prescan to finish
- Hit the “Scan” button. Wait for the scan to finish.
- Perform a quick visual check of what has been found in the different tabs. Leave unchecked what you want to keep.
- Hit that “Delete” button. Wait for the end of deletion.
Little demo against the latest ZeroAccess variant:
If you encounter any problem, have any doubt, and just want to thank, make a suggestion or provide any help, please feel free to contact us with any mean provided in the contact page of the website. You can also use the forum, as always. Before opening a thread for an issue, please check the FAQ and the known issues.
RogueKiller, thanks to its automated feedback, send some information in real time about currently spreading threats. It allows us to be prepared and warn people that a new attack is in effect, or that a 0-day is been exploited. More, we can see which operating systems are most used, which languages, and so.