SpyDLLRemover - NEW TOOL! Detect & Delete Rootkits and Spywares!

Discussion in 'other security issues & news' started by PROROOTECT, May 9, 2009.

Thread Status:
Not open for further replies.
  1. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    SpyDLLRemover v1.0.0.1; March 08, 2009; download from RootkitAnalytics.com: http://rootkitanalytics.com/userland/spy-dll-remover.php

    Folder: ONLY 978 Kb - but I deleted 3 files/images - examples of finds of rootkits ( 3x2.14 Mb):argh:

    Platform: Windows 2000, XP, 2003, Vista, Longhorn (32 bit)

    It is very good FREE software On Demand (but NO Real Time).

    Features:
    * Detect hidden userland rootkit processes using multiple techniques
    * Detect the hidden DLL/module within process by using loaded list traversal technique.
    * It uses the direct system calls to perform process related operations which defeats any attempt to hide by userland rootkits.
    * Separate out the modules/DLLs based on the various threat levels such as hidden DLL, BHO plugin DLL, system DLL, AppInit DLL etc which makes it effective to detect malicious modules.
    * DLLs are marked with different color based on threat level which makes it easy and quick to eliminate the spyware DLLs.
    * It presents state of art technique for removing the DLL from Remote Process based on DLL Injection method to completely unload the DLL in just ONE CLICK.
    * Terminate any suspicious or hidden process directly using NT system calls.
    ...

    * Displays detailled information about all running processes:
    - Process Name, PID, Company, Description, Memory, File Size, Date, File Path.

    * Shows detailled information about each loaded DLLs within process to make it easier for manual analysis:
    - DLL Name, Company, Description, Comment, Load Count, Load Type, File Size, Date, Base Address, Entry Point (Wow!:argh: ), File Path.

    * COLOR Threat levels: Red - Dangerous, Orange - Suspicious, Yellow - Need Analysis online (from ProcessLibrary.com).

    * Buttons: Remove DLL, Check DLL Online, Refresh, Kill Process, About.

    * Nice GUI.

    ... and it does not require any installation, can be executed directly. :thumb:


    PROROOTECT:thumb: ... and your impressions, please ... very friendly ...:D
     
  2. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    I'm hungry for your good/bad impressions on SpyDLLRemover, please ...
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.