About us
eSage Lab is small professional team focusing on in-depth security research.
Our main interests include rootkits, advanced malware, vulnerability analysis and general protection bypassing techniques.
We are writing research papers, developing security tools and helping customers to solve their security challenges.
Highlights
A free tool for cleaning the TDSS rootkit.
Allows to detect and remove all known modifications of the malware (TDL, TDL2, TDL3+).
Latest version: 1.7.5.1
A simple detector of MBR modifications.
The tool allows to clean any Mebroot-type malware, including stealthy species, on 32-bit and 64-bit Windows systems.
Published papers on malware, rootkits, and general protection bypassing.
News
29.04.2010 TDSS REMOVER REPORT + UPDATE
1. A quarterly report (2010 Q1) of TDSS Remover usage and TDSS-related activity in the wild will be published in the Virus Bulletin Magazine, May 2010.
2. TDSS Remover version 1.7.5.1 released.
Major updates:
  • successful disinfection of the latest TDSS malware (TDL 3.273)
  • added a tool to decode the rootkit's encrypted file system.
Download here
07.03.2010 TDSS REMOVER UPDATE
TDSS Remover version 1.7 released.
New features since version 1.6:
  • successful disinfection of the latest TDSS malware (TDL3.27)
  • no more VMProtect (smaller file size, less antivirus false positives, happier reversers :))
  • "/uninstall" command line option
  • "Scan at VirusTotal.com" context menu option
  • a panel with links.
Download here
25.11.2009 TDSS REMOVER UPDATE
Rootkit.Win32.TDSS Remover version 1.6 released.
New features:
  • disinfection of the TDL3 rootkit
  • saving found objects to a custom folder
  • optional sending of statistics and infected objects to our server.
Download here
news archive