|
|
| |
Try Tizer Secure’s™ 14-Day Free Trial
No obligation and no credit card required to activate. |
|
|
|
|
|
|
About Tizer™ TDL3 Razor
TDL3 Razor – a free utility from Tizer Secure™ for the detection and safe removal of TDL3 rootkit.
The TDL3 rootkit is otherwise called TDSS, Tidserv, or Alureon and is currently one of the most difficult rootkits to detect and remove causing sleepless nights to many security vendors. The team of malware writers behind this advanced rootkit has constantly updated the dropper as well as the rootkit itself to protect it from various detection techniques employed by security vendors. This rootkit infects a hard disk system driver and filters the input output requests from the hard drive. The rootkit also has a watchdog thread to prevent any change to the service registry key that is related to the infected driver. It is also extremely difficult to access the handle to the infected driver file thereby preventing the usual cleanup tools from reading the content of the file.
The objective behind this rootkit appears to be to set up a botnet network of infected machines that can be used for a variety of purposes such as sending out spam, mounting denial of service attacks on servers etc. The idea is to piggy back on system resources belonging to millions of users in distributed locations and utilize them for various illegal and criminal activities that can be very difficult to track and defend against. It is estimated that over 50 million computers all over the world are infected with botnets of various kinds. The botnet owners rent these infected computers called zombies out to various criminal organizations for various purposes such as sending out spam, collecting personal and commercial information, cyber espionage, cyber terrorism etc. This is a very dangerous trend and organized criminal syndicates are leasing vast numbers of zombies for criminal activities.
TDL3 is one of the most sophisticated rootkit infections for setting up botnets. It affects a hard disk system driver so that AV software does not recognize it as an infection. Further, it is able to download updates over the net to update itself and also download new viruses that it stores in an encrypted folder rendering them undetectable. Many infected users have reported that their search results are redirected to various malicious sites which is due to the payload carried by the rootkit. This might also be a case of the botnet being used for commercial advertising purposes.
Tizer Secure™ is continuously researching and developing new technologies and tools to detect and safely remove advanced threats such as TDL3. Researchers at Tizer Secure™ have devised methodologies to obtain access to the infected driver, detect, and safely remove the TDL3 rootkit infection on Windows XP machines with Intel processors and hard disks that use atapi.sys or iaStor.sys drivers. Tizer Secure™ has released a free utility called TDL3 Razor to enable users to safely detect and remove the TDL3 rootkit infection. To detect all other known and unknown rootkits including Rustock and 4DW4R3 that were updated last, download Tizer™ Rootkit Razor for free here
|
|
|
 |
| No obligation and no credit card required to activate this rootkit removal tool. |
|
| The screen shot below shows TDL3 Razor detecting the TDL3 rootkit.
|
| |
| |
|
|
|
|
|
|
|
|
|
| Follow the instructions on the DOS window for safe removal if TDL3 is detected on your machine. Restart is required after detection to safely remove the infection. Prevent hackers from taking control of your computer with this free TDL3 rootkit detection tool from Tizer Secure™ for Windows XP machines (32 bit).
|
|
|
|
|
|
|
 |
Follow us on Twitter : 
Become our fan on Facebook : Site Map : Privacy Policy : License Agreement : Affiliates : Report a Bug 
