FAQ for SpyDllRemover

Since the first release of SpyDllRemover we have been hit by users with some of the very common questions and it had been difficult to address it separately for each user. So we have decided to put it all together here at once place to make it easier for everyone.

.

.

Here are some of the most ‘Frequently Asked Questions’ for SpyDllRemover.  Some of these questions are more applicable to new version 4.0 of SpyDllRemover

.

1. Color, Color What Color ?

SpyDllRemover uses predefined set of color coding for easier interpretation of threat levels. Here are the details,

  • RED :
    • Level =>[High Risk] Dangerous;
    • Description => Hidden Rootkit/Spyware;
    • Action => Remove_Dll/Kill_Process;
  • Orange :
    • Level =>[Medium Risk] Suspicious;
    • Description => Suspicious Rootkit/Spyware;
    • Action => Check_Online & then Remove_Dll/Kill_Process/Contact_Us;
  • Yellow :
    • Level =>[Low Risk] Analysis;
    • Description => Need further analysis, It may be Spyware element;
    • Action => Check_Online & then Remove_Dll/Kill_Process;
  • Green :
    • Level => Good;
    • Description => System process/legitimate third party process;
    • Action => Nothing;
  • No Color :
    • Level => Normal;
    • Description => normal process/dll;
    • Action => Nothing;
.

2. On 64 bit systems, Why I am not able to see the Dlls for certain Processes?

SpyDllRemover is a 32 bit application, Hence does not work well when run on 64 bit Systems. Howerver it provides partial support while running on 64 bit Systems. So it will not be able to display the Dlls and perform certain actions for 64 bit Processes. However it can work well with 32 bit Processes (on 64bit Systems).

Complete support for 64 bit Systems will be added in upcoming versions.

.

3. My firewall alerted me on SpyDllRemover trying to connect to address *.*.*.* at port 80, What should I do ?

When you launch SpyDllRemover, it tries to connect to RootkitAnalytics.com website to see if any newer version of SpyDllRemover is available. If you do not want to receive updates about new version, you can disallow it. Other than this SpyDllRemover does not do any form of network activity.

.

4. I saw network traces from SpyDllRemover when I launched it. Is this intended one ?

Please read the FAQ 3.

.

5. I am running SpyDllRemover as normal user (not administrator) and I am not able to access some of the Process/Dlls. Why ?

When you are running SpyDllRemover as normal user, you will not be able to access any of the system Processes and Processes belonging to other users. For full access (Vista/Win7), you need to run SpyDllRemover as Administrator by right click on SpyDllRemover.exe and then select ‘Run as Administrator’.

.

6. Looks like I found a Bug. What do I do now ?

That’s good thing you have done lately 🙂 We are in fact waiting for them. Send them to us with all possible information.

.

7. Here I did not find what I am looking for. What do I do now?

We have listed most of the favorite FAQs here. For others please contact us.

.

.

Hope it will address all your concerns and for everything else you can always approach us through any of these channels.

.

.

Similar posts
  • SecurityXploded Mentorship Programme ... I am writing this blog to share my SecurityXploded Student Mentorship Programme experience with the future students of this programme. My mentorship programme started last year in August when I was in 2nd year of MS at IIIT-Allahabad. I knew about SecurityXploded community since I used to follow their blogs, training programmes and security tools [...]
  • Code Injection and API Hooking Techni... Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]
  • Announcement – SecurityXploded ... From the past two years we are working actively on couple of projects to support the security community. As you all may already know that we have successfully completed our reversing and malware analysis training programme and we are very glad that it was very helpful for everyone. In my opinion the success of any [...]
  • Advanced Malware Analysis Training Se... Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat  RAT Functionalities   This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]
  • Advanced Malware Analysis Training Se...   Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012.       In this extended session, I explained “Decrypting The [...]

Leave a Reply

Our Company

Follow us on Facebook


Join Mailing List

Get direct access to our expert trainers or mingle with like minded security folks in our mailing list