RogueKiller is an anti-malware program written in C++ and able to detect and remove generic malwares and some advanced threats such as rootkits, rogues, worms, etc.
Based on generic ways to find malwares by their behaviour (heuristics), on classic anti-malware analysis (signature finding) and on undocumented hacks, RogueKiller can find/remove most of the basic malwares (rogues, trojans, …) and some advanced threats like ZeroAccess or TDSS that behave more like rootkits.
RogueKiller is a tiny anti-malware maintained by a small team, and thus new detections are based on “most spread threats“. Software react quickly to integrate Detection and Removal of what think can be a global threat and affect a big amount of users across the world.
Here’s a little summary of what RogueKiller is able to do:
- Kill malicious processes
- Stop malicious services
- Unload malicious DLLs from processes
- Find/Kill malicious hidden processes
- Find and remove malicious autostart entries, including: Registry keys (RUN/RUNONCE, …), Tasks Scheduler (1.0/2.0) and Startup folders
- Find and remove registry hijacks, including: Shell / Load entries, Extension association hijacks and DLL hijacks
- Read / Fix DNS Hijacks (DNS Fix button)
- Read / Fix Proxy Hijacks (Proxy Fix button)
- Read / Fix Hosts Hijacks (Hosts Fix button)
- Restore shortcuts / files hidden by rogues of type “Fake HDD“
- Read / Fix malicious Master Boot Record (MBR), even hidden behind rootkit
- List / Fix SSDT – Shadow SSDT – IRP Hooks (Even with inline hooks)
- Find and restore system files patched / faked by a rootkit
McAfee Stinger is a standalone utility used to detect and remove specific viruses. It is not a substitute for full anti-virus protection, but a specialized tool to assist administrators and users when dealing with infected system. Details on new or enhanced signatures added with each Stinger build are listed in the Readme details.
McAfee Stinger utilizes next-generation scan technology, including rootkit scanning, and scan performance optimizations. It detects and removes threats identified under the “Threat List” option under Advanced menu options in the Stinger application.
McAfee Stinger now includes Raptor – a real-time behavior detection technology that monitors suspicious activity on an endpoint. Raptor leverages machine learning and automated behavioral based classification in the cloud to detect zero-day malware in real-time.