TDSSKiller


TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,321
Reaction score
1,584
TDSSKiller

A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”).

Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits.
TDSSKiller

If you have a nasty rootkit on your computer this tool from Kaspersky may be able to remove it.
 
Last edited:
Ad

Advertisements

Joined
Aug 23, 2012
Messages
13
Reaction score
1
Hi,

I tried TDSSKiller utility and found no threats. I run the scan for 5 times.
 

TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,321
Reaction score
1,584
OK, that's good, TDSSKiller is for root kits (specific, very nasty type virus) so you don't have a root kit.

Did you also run RKILL? It detects and stops other virus types..
 
Last edited:
Joined
Aug 23, 2012
Messages
13
Reaction score
1
W7 Problems,

Hi Brother,

Seems to be working fine now and I will let you know if any other problems.
 
Joined
Aug 26, 2012
Messages
4
Reaction score
0
TDSS Kileer specializes in the following rootkits beloning to the TDSS rootkit family

Rootkit.Win32.TDSS, Rootkit.Win32.Stoned.d, Rootkit.Boot.Cidox.a, Rootkit.Boot.SST.a, Rootkit.Boot.Pihar.a,b,c, Rootkit.Boot.CPD.a, Rootkit.Boot.Bootkor.a, Rootkit.Boot.MyBios.b, Rootkit.Win32.TDSS.mbr, Rootkit.Boot.Wistler.a, Rootkit.Win32.ZAccess.aml,c,e,f,g,h,i,j,k, Rootkit.Boot.SST.b, Rootkit.Boot.Fisp.a, Rootkit.Boot.Nimnul.a, Rootkit.Boot.Batan.a, Rootkit.Boot.Lapka.a, Rootkit.Boot.Goodkit.a, Rootkit.Boot.Clones.a, Rootkit.Boot.Xpaj.a, Rootkit.Boot.Yurn.a, Rootkit.Boot.Prothean.a, Rootkit.Boot.Plite.a, Rootkit.Boot.Geth.a, Rootkit.Boot.CPD.b, Backdoor.Win32.Trup.a,b, Backdoor.Win32.Sinowal.knf,kmy, Backdoor.Win32.Phanta.a,b, Virus.Win32.TDSS.a,b,c,d,e, Virus.Win32.Rloader.a, Virus.Win32.Cmoser.a, Virus.Win32.Zhaba.a,b,c, Trojan-Clicker.Win32.Wistler.a,b,c, Trojan-Dropper.Boot.Niwa.a, Trojan-Ransom.Boot.Mbro.d, e, Trojan-Ransom.Boot.Siob.a, Trojan-Ransom.Boot.Mbro.f.


Also Rkill dosen't remove the virus,It allows or helps other virus removal tools to remove the virus.Rkill only terminates or kills all non windows or microsoft processes and deletes some registry keys so that the virus will not automatically start by it self (not aplicable to rebooting),Thus giving a chance to the user to remove the virus.

Using Rkill in some occasions can do more damage than the orginal virus,so use it at your own risk.
Booting in safe mode is better than using Rkill.
 
Joined
Aug 23, 2012
Messages
13
Reaction score
1
PC Problem - Solved.

Hi Brethren,

Many thanks for your help. God blesses you all.

Rajinder

TDSS Kileer specializes in the following rootkits beloning to the TDSS rootkit family

Rootkit.Win32.TDSS, Rootkit.Win32.Stoned.d, Rootkit.Boot.Cidox.a, Rootkit.Boot.SST.a, Rootkit.Boot.Pihar.a,b,c, Rootkit.Boot.CPD.a, Rootkit.Boot.Bootkor.a, Rootkit.Boot.MyBios.b, Rootkit.Win32.TDSS.mbr, Rootkit.Boot.Wistler.a, Rootkit.Win32.ZAccess.aml,c,e,f,g,h,i,j,k, Rootkit.Boot.SST.b, Rootkit.Boot.Fisp.a, Rootkit.Boot.Nimnul.a, Rootkit.Boot.Batan.a, Rootkit.Boot.Lapka.a, Rootkit.Boot.Goodkit.a, Rootkit.Boot.Clones.a, Rootkit.Boot.Xpaj.a, Rootkit.Boot.Yurn.a, Rootkit.Boot.Prothean.a, Rootkit.Boot.Plite.a, Rootkit.Boot.Geth.a, Rootkit.Boot.CPD.b, Backdoor.Win32.Trup.a,b, Backdoor.Win32.Sinowal.knf,kmy, Backdoor.Win32.Phanta.a,b, Virus.Win32.TDSS.a,b,c,d,e, Virus.Win32.Rloader.a, Virus.Win32.Cmoser.a, Virus.Win32.Zhaba.a,b,c, Trojan-Clicker.Win32.Wistler.a,b,c, Trojan-Dropper.Boot.Niwa.a, Trojan-Ransom.Boot.Mbro.d, e, Trojan-Ransom.Boot.Siob.a, Trojan-Ransom.Boot.Mbro.f.


Also Rkill dosen't remove the virus,It allows or helps other virus removal tools to remove the virus.Rkill only terminates or kills all non windows or microsoft processes and deletes some registry keys so that the virus will not automatically start by it self (not aplicable to rebooting),Thus giving a chance to the user to remove the virus.

Using Rkill in some occasions can do more damage than the orginal virus,so use it at your own risk.
Booting in safe mode is better than using Rkill.
 

TrainableMan

^ The World's First ^
Moderator
Joined
May 10, 2010
Messages
9,321
Reaction score
1,584
Using Rkill in some occasions can do more damage than the orginal virus,so use it at your own risk.
Booting in safe mode is better than using Rkill.
AmalTom, this is inaccurate. Where do you get this ? Show a source.

Numerous Viruses still have functioning components in Safe Mode. RKill can, and should be, run in safe mode with the purpose of stopping them so that they are no longer hidden from file/folder requests and then an anti-virus program can run a full scan to find and remove them. So safe mode isn't better; RKill works in conjunction with the benefits of safe mode.
 
Last edited:
Ad

Advertisements

Nibiru2012

Quick Scotty, beam me up!
VIP Member
Joined
Oct 27, 2009
Messages
4,955
Reaction score
1,302
Using Rkill in some occasions can do more damage than the orginal virus,so use it at your own risk.
Booting in safe mode is better than using Rkill.
Please provide some evidence and proof of what you're stating.

RKILL has a specific purpose and has worked for literally thousands of users around the world.

Do more research before you make specious statements such as the ones quoted above.

Also, your moniker doesn't encourage anyone here to read your posts since it presents a very negative attitude toward Windows.
 

Top