Prorootect

Level 53
Verified
.
StreamArmor scan and clean malicious streams topic for you all.

Latest version is: 3.0

StreamArmor on SecurityXploded.com: http://securityxploded.com/streamarmor.php


Screenshot : StreamArmor detecting Rootkits such as HackerDefender, Agent.X, Vanquish etc in addition to other hidden streams

With right click, we have these possibilities:
Open Stream
Save Stream
Delete Stream
Scan Online (VirusTotal, ThreatExpert, Malware hash, at your choice)


Quote:
' StreamArmor is the sophisticated tool for discovering hidden alternate data streams (ADS) as well as clean them completely from the system. It's advanced auto analysis coupled with online threat verification mechanism makes it the best tool available in the market for eradicating the evil streams.


  • Advanced stream file type detection which analyzes internal content of file to detect the real file type rather than just going by the file extension. Here is the list of some of the major file type categories detected by StreamArmor
    • Executable File Type (EXE, DLL, SYS, COM, MSI, CLASS)
    • Archive File Type (ZIP, RAR, TAR, GZ, COM)
    • Audio File Type (MP3, WAV, RA, RM, WMA, M3U)
    • Video File Type (WMV, AVI, MPEG, MP4, SWF, DIVX, FLV, DAT, VOB, MOV)
    • Database Type (MS ACCESS)
    • Document Type (PDF, XML, DOC, RTF, All MS Office old & new formats)
  • Sophisticated 'Auto Threat Analysis' based on heuristic technology for identifying anomaly in the discovered streams based on the characteristics and patterns.
It comes with fast multi threaded ADS scanner which can recursively scan over entire system and quickly uncover all hidden streams. All such discovered streams are represented using specific color patten based on threat level which makes it easy for human eye to distinguish between suspicious and normal streams.

It has built-in advanced file type detection mechanism which examines the content of file to accurately detect the file type of stream. This makes it great tool in forensic analysis in uncovering hidden documents/images/audio/video/database/archive files within the alternate data streams.

New version presents cool GUI interface with new icon and banner, automatic version detector and installer to support local installation & uninstallation.

StreamArmor is fully Portable software which can be directly run anywhere without installing locally. It works on wide range of platforms starting from Windows XP to latest operating system Windows 8.'

''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' streamarmor_icon.png


.. and is Portable!
So you're able to see your suspicious or malicious Favorites etc. streams, at the top of the StreamArmor list ..
I have three 'suspicious' (secure, secure!) 'unknown' streams at the top, from 'ApplicationData/TEMP:...' direction, which are safe, these three (M$ files)?

VERY nice GUI, than you Nagareshwar Talekar and his Team!
"""""""""""""""""""""""""""""""""""""""""""""""""""""""""

.
 
Last edited:
  • Like
Reactions: GabiCRX

Prorootect

Level 53
Verified
Have you the new version of StreamArmor, v3.0.0.0 .. from May/2014 .. I downloaded now.

Scan and clean malicious streams (if you have) .. but above all I see some of my Favorites/Bookmarks, which are too heavy (see the one of 80 KB), so I delete these.


.. and is Portable !..
 
Last edited:

Prorootect

Level 53
Verified
You would wrote maybe: For an anti-malware expert, those tools are a blessing from above.

Cause I'm not expert, I think ..

Sure, that Mister Talekar (and his team!) are pure genius.