SpyDLLRemover - NEW TOOL! Detect & Delete Rootkits and Spywares!

Discussion in 'other security issues & news' started by PROROOTECT, May 9, 2009.

Thread Status:
Not open for further replies.
  1. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    SpyDLLRemover v1.0.0.1; March 08, 2009; download from RootkitAnalytics.com: http://rootkitanalytics.com/userland/spy-dll-remover.php

    Folder: ONLY 978 Kb - but I deleted 3 files/images - examples of finds of rootkits ( 3x2.14 Mb):argh:

    Platform: Windows 2000, XP, 2003, Vista, Longhorn (32 bit)

    It is very good FREE software On Demand (but NO Real Time).

    Features:
    * Detect hidden userland rootkit processes using multiple techniques
    * Detect the hidden DLL/module within process by using loaded list traversal technique.
    * It uses the direct system calls to perform process related operations which defeats any attempt to hide by userland rootkits.
    * Separate out the modules/DLLs based on the various threat levels such as hidden DLL, BHO plugin DLL, system DLL, AppInit DLL etc which makes it effective to detect malicious modules.
    * DLLs are marked with different color based on threat level which makes it easy and quick to eliminate the spyware DLLs.
    * It presents state of art technique for removing the DLL from Remote Process based on DLL Injection method to completely unload the DLL in just ONE CLICK.
    * Terminate any suspicious or hidden process directly using NT system calls.
    ...

    * Displays detailled information about all running processes:
    - Process Name, PID, Company, Description, Memory, File Size, Date, File Path.

    * Shows detailled information about each loaded DLLs within process to make it easier for manual analysis:
    - DLL Name, Company, Description, Comment, Load Count, Load Type, File Size, Date, Base Address, Entry Point (Wow!:argh: ), File Path.

    * COLOR Threat levels: Red - Dangerous, Orange - Suspicious, Yellow - Need Analysis online (from ProcessLibrary.com).

    * Buttons: Remove DLL, Check DLL Online, Refresh, Kill Process, About.

    * Nice GUI.

    ... and it does not require any installation, can be executed directly. :thumb:


    PROROOTECT:thumb: ... and your impressions, please ... very friendly ...:D
     
  2. PROROOTECT

    PROROOTECT Registered Member

    Joined:
    May 5, 2008
    Posts:
    1,102
    Location:
    HERE ...Fort Lee, NJ
    I'm hungry for your good/bad impressions on SpyDLLRemover, please ...
     
Loading...
Thread Status:
Not open for further replies.