Tigzy's website

... about Malware analysis

RogueKiller :


Build 32 bits (x86) :
taskstrun
64 bits (x64) :
taskstrun




Tutorial : Please look at this link for a detailled user guide

Description : RogueKiller is a program written in C++ and able to :

  • Kill malicious processes
  • Stop malicious services
  • Unload malicious DLLs from processes
  • Kill malicious hidden processes
  • Find and remove malicious autostart entries, including :
    1. Registry keys (RUN/RUNONCE, ...)
    2. Tasks (Scheduler 1.0/2.0)
    3. Startup folders
  • Hijack entries, including :
    1. Shell / Load entries
    2. Extension association hijacks
    3. DLL hijacks
    4. Many, many others ...
  • Read / Fix DNS Hijacks (DNS Fix button)
  • Read / Fix Proxy Hijacks (Proxy Fix button)
  • Read / Fix Hosts Hijacks (Hosts Fix button)
  • Restore shortcuts / files hidden by rogues of type "Fake HDD"
  • Read / Fix malicious Master Boot Record (MBR) -- Even hidden by rootkit
  • List / Fix SSDT - Shadow SSDT - IRP Hooks (Even with inline hooks)
  • Find and restore system files patched / faked by a rootkit


  • RogueKiller

Also able to remove lots of actual infections, including ZeroAccess, TDSS, all rogues, and many Ransomwares. Detections are Blacklist/Whitelist based or Heuristic based

RogueKiller is available in the following languages :

  • French
  • English
  • Chinese
  • Czech
  • German
  • Greek
  • Italian
  • Dutch
  • Portuguese
  • Russian
  • Spanish
  • Slovak