RE: Flushing DLLs from memory
From: Kinsey, Robert (Robert.Kinsey@Veridian.com)Date: 10/23/01
- Previous message: Laura A. Robinson: "Re: Can Kerberos be cracked??"
- Maybe in reply to: H C: "Flushing DLLs from memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-ID: <7408C3158945264B85D07250D7A2C801575530@satxmail.tds.com> From: "Kinsey, Robert" <Robert.Kinsey@Veridian.com> To: "'H C '" <keydet89@yahoo.com>, "'forensics@securityfocus.com '" <forensics@securityfocus.com>, "'focus-ms@securityfocus.com '" <focus-ms@securityfocus.com> Subject: RE: Flushing DLLs from memory Date: Tue, 23 Oct 2001 09:29:50 -0700
HC, & all:
---------snip-------------
I've been looking into 'live' forensics issues on
NT/2K, and one thing I'm not having any luck with is
how to flush DLLs from memory.
---------snip-------------
I've recently found two tools on the (may God forgive me) PC World download
site. They are freeware but both (i *think*) have a "pro" version for a few
$'s. One is called Clean System (???) which hunts down the dlls in the dll
cache and compares against the programs installed. Any DLL that is not
actively associated with an installed program is listed for you. Those
listed can be moved to a \backupdll dir on Win(dows/Nt)\system(32)\ dir.
The software cautions you against removing the files right away.
The other tool is a RAM mgmt tool that also removes any stale DLL out of the
cache/RAM. It is called CacheMan (there is another one called WinRAM
Turbo). Seems to perform as advertised - has a straight forward GUI -
allows you to adjust the amount of RAM optimized.
These sound like what you are looking for.
rk
- Previous message: Laura A. Robinson: "Re: Can Kerberos be cracked??"
- Maybe in reply to: H C: "Flushing DLLs from memory"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
