Archive for April 3rd, 2009
SpyDLL Remover 1.0.1
Malware’s are getting smarter by the day making use of advanced techniques like dll injection to hide their tracks and making removal harder.Today, I’m going to share with you SpyDLLRemover .
SpyDLLRemover is the standalone tool to efficiently detect and delete spywares from the system. It uses multiple techniques such as direct syscall implementation, CSRSS process handle detection, PIDB method etc to find out the user land rootkit processes. But the main focus of the tool is to help in removing malicious DLLs quickly and easily by displaying all DLLs within the process with various threat levels and then using the DLL injection based technique to unload them completely. It employs low-level implementation that makes it effective against any userland rootkits.
Detect hidden user land rootkit processes using multiple techniques such as:
- Direct NT System Call Implementation
- Process ID Bruteforce Method (PIDB) as first used by BlackLight
- CSRSS Process Handle Enumeration Method
Displays detailed information about all running processes on the system:
- Process name
- Process Id
- Company Name
- Process Description
- Memory Utilization
- Process Binary Path
- Process File Size
- File Install Date
Shows detailed information about each loaded DLLs within process to make it easier for manual analysis:
- DLL Name
- Company Name
- Description
- Comment about type of DLL (System, Hidden, Suspicious)
- Load/reference count of DLL
- Loading Type (static/dynamic)
- DLL File Size
- File Install Date
- Base Address of DLL
- Entry point of DLL
- Full DLL File Path
Platform:
Windows 2000, XP, 2003, Vista, Longhorn (32 bit)
On 64 bit platform, only 32 bit processes are supported.
This utility can be included in your anti-malware toolkit to diagnose and get rid of these malicious dll’s files injected into legitimate .It is portable only 733KB in size.
Read Full Post | Make a Comment ( Comments Off on SpyDLL Remover 1.0.1 )
AKS-Feel The Change! 