SpyDLLRemover is the standalone tool to efficiently detect and delete spywares from the system. It uses multiple techniques such as direct syscall implementation, CSRSS process handle detection, PIDB method etc to find out the user land rootkit processes. The main focus of SpyDLLRemover is to help you in removing malicious DLLs quickly and easily by displaying all DLLs within the process with various threat levels and then using the DLL injection based technique to unload them completely. It employs low-level implementation that makes it effective against any userland rootkits.
Detect hidden userland rootkit processes using multiple techniques such as: · Direct NT System Call Implementation · Process ID Bruteforce Method (PIDB) as first used by BlackLight · CSRSS Process Handle Enumeration Method
Displays detailed information about all running processes on the system: · Process name · Process Id · Company Name · Process Description · Memory Utilization · Process Binary Path · Process File Size · File Install Date
Shows detailed information about each loaded DLLs within process to make it easier for manual analysis: · DLL Name · Company Name · Description · Comment about type of DLL (System, Hidden, Suspicious) · Load/reference count of DLL · Loading Type (static/dynamic) · DLL File Size · File Install Date · Base Address of DLL · Entry point of DLL · Full DLL File Path