Re: [軟體] combofix打不開
看板AntiVirus (防毒)作者olliekr (Love Simulator)時間18年前 (2007/08/13 18:53)推噓0(0推 0噓 0→)留言0則, 0人參與討論串2/2 (看更多)
FileLook::
Tells CF to extract file properties of a file. Does not delete file. File
Properties are only available for PE files
DirLook::
Tells CF do list out the contents of the folder
簡單來說一個是看檔案性質 一個是看資料夾內容清單
因為我覺得似乎沒有很實用....所以就沒有介紹過來了 XD
RootKit::
C:\Windows\System32\drivers\rootkit.sys
You should use it for ALL rootkit-hidden files. Unlike Collect:: it will not
rely solely on Catchme & shall not be hampered by FAT32 file-systems. It wont
collect samples nor create a submit.zip. The files will be moved to
C:\QooBox\Quarantine\c\windows\system32 or wherever their original locations
are.
can be used on any type of files. As long as it exist on the machine, be it
hidden or not.
這個新增的指令似乎是針對Rootkit的...
沒有實戰經驗...
--
※ 發信站: 批踢踢實業坊(ptt.cc)
◆ From: 140.114.123.109
討論串 (同標題文章)
完整討論串 (本文為第 2 之 2 篇):
AntiVirus 近期熱門文章
PTT數位生活區 即時熱門文章