RogueKiller Reports

Overview

Evidence: RogueKiller Reports Description: Collect RogueKiller Reports Category: Applications Platform: windows Short Name: rgkllrp Is Parsed: No Sent to Investigation Hub: No Collect File(s): Yes

Background

RogueKiller is an anti-malware tool by Adlice that specializes in detecting and removing advanced threats, rootkits, and PUPs (Potentially Unwanted Programs). It generates JSON-formatted reports with detailed scan findings.

Data Collected

This collector gathers structured data about roguekiller reports.

Collection Method

This collector gathers RogueKiller's AdliceReport JSON files from the logs directory in ProgramData, which contain comprehensive scan results and threat analysis.

Forensic Value

RogueKiller reports provide detailed information about rootkits, advanced malware, registry modifications, and PUPs. They're valuable for investigating complex infections and understanding system compromises that traditional antivirus might miss.