Advance Malware Identification & Removal - AMIR
 ~Raj (maliciousbrains) <maliciousbrains malwareinfo org> |
Friday, November 7 2008 23:33.59 CST |
I have recently completed the development of AMIR (Advance Malware Identification & Removal) and have released a beta version of the application in my website: www.malwareinfo.org .
Download Link: http://www.malwareinfo.org/Utilities/AMIR.zip
Below is a brief description about AMIR:
---------------------------------------------------------------------------------------------------------
AMIR or Advance Malware Identification & Removal is an application that will help you to quickly identify any Malware and it will also give you the option to remove them. Once it runs in the system, it will highlight the possible suspect programs. It will also give you an opportunity to analyze them and their activities at the click of a button. It shows you PE Details, actual Memory Hex Dumps of the running programs and also the various Resources used by the executable. It even has a Heuristic Scanner that can sniff out malicious code from .Vbs, .Inf, .Bat files. AMIR can enable Regedit, Task Manager & Folder Option that has been locked by Malware activity. Armed with numerous options, it becomes very easy to detect any kind of Malware running in the system.
---------------------------------------------------------------------------------------------------------
I would request you to take a look at this application at your convenience and let me know what you feel about it.
Any kind of suggestion from your end will be greatly helpful.
Comments
| dmitry32 | Posted: Saturday, November 8 2008 06:35.33 CST |
|
Sounds interesting... I gave it a try. (My system = Vista x64). While the features do sound interesting, I could not really do much with the application because some functions always crashed (e.g. Port2Process) and most others caused a 10+ seconds UI lockup. I also found some minor glitches I want to tell you about... the "Kill Process" command from the menu bar seemingly selects a random process to kill - it almost never kills the process I have selected. Not a big deal, however, I could use the command from the context menu. Regarding the packet sniffer... please use unsigned numbers for the ports (it keeps telling me that there is UDP network traffic to/from "negative ports" on my system) ;) But, as I said above, it looks promising. I will try it again when it's out of beta. |
|
 maliciousbrains |
Posted: Sunday, November 9 2008 07:57.46 CST |
|
Thanks a lot dmitry32 for reviewing it... Well... I never had the opportunity to test the app in Vista x64 platform. The app does work ok in windows 2000 & XP (x86 platform). I would check the points that you have mentioned and also try to resolve them. There will be certain issues with the existing version and for that reason only it has been released in beta version. Regards... Raj ~aka: Maliciousbrains |
|