Editor: BreakPE is lightweight and powerful stealth Malware Removal utility being able to make unexecutable most PE files (applications, DLLs, drivers etc.) even if they are protected by simple rootkit technologies.
BreakPE takes different approach to stealth malware removal. This program makes malware unexecutable by overwriting disk sectors where it is stored. In more technical terms BreakPE damages PE header of specified file by overwriting it directly on the volume. BreakPE has the following advantages:
filesystem independent (supports NTFS, FAT and FAT32, also supports NTFS Alternate Data Streams);
relatively safe and generic (compared with other software writing directly to disk);
in most cases (when not warned otherwise) broken PE files can be unbroken afterwards.
Unlike most other stealth malware removal utilities BreakPE doesn't use any kind of in-memory patching. It also doesn't install virtually anything (no services, drivers, hooks - not even temporary), the only exception in some cases is a small temporary file which is immediately deleted. BreakPE is designed to be effective yet safe, so warnings and questions it shows vary for each specific situation. It has very simple GUI and ability to get file name also via command line.
