When a Windows application launches, it will often load some Dynamic Link Libraries (DLLs) to access key functions. DLLs can be shared, so the program doesn't have to provide them itself: if it needs one, Windows will search various folders on your system to locate it.

That sounds great, in theory, but in practice there can be problems. Sometimes you'll have different versions of a DLL scattered around your PC, so an application won't necessarily get the build it expects. Or malware might copy its own DLL to a preferential point in the Windows search order, ensuring it'll be loaded whenever an application requires it - a technique called DLL hijacking.

DLL Hijack Detect is a simple command line tool which can help you discover whether this might be an issue on your own PC.

To use it, launch any application you think might be infected, then run DLL Hijack Detect from an elevated command prompt. It scans running processes, checks their loaded DLLs and reports on any which appear more than once in the search order.

It's entirely normal for the program to find a few DLLs in multiple locations, so don't panic if this happens on your PC - the report is a starting point only. What you have to do next is look at the details. If all the DLLs are signed, say, there's probably no issue. If one copy is, another isn't, then you'll need to investigate it further.

Please note, the download link takes you to the developer's GitHub page. There are both 32 and 64-bit versions available, so make sure you get the right one for your system. The download page also includes a sample executable and DLL you can use to confirm that the program works.

Verdict ratingsratingsratingsratingsratings

A small but useful addition to your portable security/ troubleshooting toolkit.