Security app RogueKiller 8.0 with graphical user interface
Our first review of RogueKiller dates back to January 2012. Back then the security app shipped with a Dos-like interface that you could only control with your keyboard. Today's release of RogueKiller 8.0 comes with a new and improved graphical user interface that makes the program more appealing and easier to work with.
RogueKiller scans various important areas of the operating system for rogue files, processes and settings. Once you have installed the program on your system, you can fire it up right away to scan your system for traces of malicious activities.
The first thing that you may want to do is click on scan to have RogueKiller scan the system. This takes less than a minute to complete and concentrates on core areas of the system only. What this means is that RogueKiller is not an alternative for resident antivirus software that can scan all files of the Windows installlation. It is rather a program that you run from time to time to make sure nothing slipped past the defenses that are on and running all the time.
Potentially malicious results are displayed in the lower half of the interface. Here you need to go through all tabs to verify the findings before you click on delete to remove the selected items from the system. If nothing's displayed in a tab, nothing malicious has been found.
It is highly recommended to check each and every item carefully before you click on delete as you may very well remove false positives from the system otherwise. The root.MBR warning that I received for instance was not caused by malicious software that modified the master boot record of the system, but by the encryption software DiskCryptor which I installed on the system to protect the operating system from being loaded by unauthorized third parties.
As far as fixing the host file, proxy settings and DNS settings go, you use the buttons on the right to fix issues identified by the program. To fix the MBR, you switch to the MBR tab and use the menu there to fix it.
Please note that the program website is entirely in French. I suggest you use a translation service like Bing Translator if you do not speak French.Advertisement
Where has this program been all my life?!!!!!
Another one for the toolkit I might use one day. Better to have and never need it!
It’s odd. I used to get infected by random malware (lol limewire), but nowadays I don’t even run a resident antivirus. Every time I scan with malwarebytes and superantispyware it comes up clean as a whistle (besides the off false-positive, but “limewire” peeps can spot those better than your average user).
You get to a point where you just have good enough habits that you don’t really need a memory hog running all the time to be safe.
To update, this app likes to quarantine first, and ask questions later. It quarrantined a few executables in my magicjack folder, and there were 4 other false-positives (I know for a fact they are false).
I wouldn’t use this unless I were desperate for a malware fix. It quarantines things without asking; such is a big reason why I shun antivirus solutions. That can do more harm than good.
That’s strange, it did not do that on my system. Can you remember which files or settings where identified as malware?
It’s a little confusing as to what this program is actually doing. I thought it did the same for me when I ran it.
Basically all it did was nuke my SkyDrive processes. It then copied the SkyDrive EXE and DLL into the quarantine folder and append a “VIR” extension to them.
But when I browsed to their original locations, they were still there, so nothing was really quarantined.
Aside from that it flagged a handful of completely harmless registry keys (but it doesn’t do anything with those unless you tell it to).
This really messed up my network settings and when I tried to change them back Windows didn’t save the dns settings.
I do not recommend this software!
If you fixed the DNS with DNSFix, it’s normal that DNS config is wiped off! It’s made for this. I’ve separated the Delete button of the other functionnalities (Proxy, DNS, Hosts) because I got no mean to know if they are legit or not (unlike those in the registry tab). You should have check the DNS IP before removing it…
The fact that Windows not taking the new configuration has nothing to do with my soft, it only remove the registry key, not monitoring it.
@Author : Good article :)
If you need, there’s an english officiel website and tutorial, hosted by G2G
Soon there will be an article on RogueKiller in my website :
… To answer ubove :)
RogueKiller do not move any file to quarantine, it’s only a COPY for backup purpose. it’s a way to get the dropper back for analysis.
No registry key are moved without user agreeement.