TDSSKiller Anti-Rootkit.

 TDSSKiller est un programme développé par Kaspersky qui permet de supprimer les infections Rootkit.TDSS mais aussi Tidserv, TDSServ et Alureon. Un rootkit est une infection du root système très difficile a supprimer.

 

 Paramètres de commande TDSSKiller

-l – Save the TDSSKiller to log to the specified file name. If you do not specify a full pathname, TDSSKiller will save the log in the same folder that the executable resides in.
-qpath – Specify the path to a folder that TDSSKiller should use as the Quarantine folder. If this folder does not exist, TDSSKiller will create it.
-h – Display a list of the command line arguments.
-sigcheck – Detects all drivers that do not contain a digital signature as suspicious.
-tdlfs – Detect the presence of TDLFS file system which the TDL 3/4 rootkits create in the last sectors of hard disk drives for storing its files. All these files can be quarantined.

 Arguments qui s’appliquent sans intervention de l’utilisateur :

-qall – Copy all objects to quarantine folder (Very Aggressive).
-qsus – Copy only the suspicious objects to the quarantine folder. (Safer)
-qboot – Quarantine all boot sectors.
-qmbr – Make a copy of all the Master Boot Records and store them in the quarantine folder.
-qcsvc – Copy the specified service to the quarantine folder.
-dcsvc – Delete the specified service. Only use if your sure the service should be removed.
-silent – Scan the computer in silent mode. This will not display any windows and allows the program to be used in a centralized way over the network.
-dcexact – Automatically detect and cure any known threats.


 Rootkit

Un rootkit est un terme anglais qui désigne un type de malware conçu pour infecter un PC et qui permet au pirate d'installer une série d'outils qui lui permettent d'accéder à distance à un ordinateur. (Source Wikipedia)

System : Windows XP/Vista/7/8/Windows 10

 

TDSSKiller
5 (100%) 1 vote[s]

 Vues totales 815 (Aujourd'hui 1 )