Read the same in:      日本語  Русский  Español  English  
You are welcome to subscribe to "New articles in Knowledge Base" mailing list.




Virus Activity

Virus Activity

virus activity is normal




 
Search :  
Search tips Article ID # :     
 

Anti-rootkit utility TDSSKiller

Information in this section will help you avoid problems with your computer, see the first signs of its infection and stay safe online. If you failed to find the necessary information or you find these recommendations too complicated or inadequate, please send a request to the Technical Support service via the HelpDesk form.

Anti-rootkit utility TDSSKiller

 ID Article: 5350    Other languages:  日本語  Русский  Español  English      Views for 7 days 91    Last modified on 20.12.2012 02:22 Printable version

­ A rootkit is a program or a program kit that hides the presence of malware in the system.

A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”).

Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits.

 

How to disinfect a compromised system

  • Download the TDSSKiller.exe file on the infected (or possibly infected) computer;

  • Run the TDSSKiller.exe file;

  • Wait until the scanning and disinfection completes. A reboot might require after the disinfection has been completed.

 


IMPORTANT

 

  • The utility supports

    32-bit operation systems: MS Windows XP SP2, MS Windows XP SP3, MS Windows Vista, MS Windows Vista SP1, MS Windows Vista SP2, MS Windows 7, MS Windows 7 SP1,  Microsoft Windows Server 2003 R2 Standard / Enterprise SP2, Microsoft Windows Server 2003 Standard / Enterprise SP2, Microsoft Windows Server 2008 Standard / Enterprise SP2.
    and
    64-bit operation systems: MS Windows XP SP2, MS Windows XP SP3, MS Windows Vista, MS Windows Vista SP1, MS Windows Vista SP2, MS Windows 7, MS Windows 7 SP1, Microsoft Windows Server 2008 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2003 R2 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2003 Standard / Enterprise x64 Edition SP2, Microsoft Windows Server 2008 R2 Standard / Enterprise x64 Edition SP0 or higher.

  • The utility has a graphical interface.


 

  • The utility can be run in Normal Mode and Safe Mode.

 

It detects and removes the following malware:

 

List of malicious programs

 

Backdoor.Win32.Phanta.a,b; Backdoor.Win32.Sinowal.knf,kmy; Backdoor.Win32.Trup.a,b; Rootkit.Boot.Aeon.a; Rootkit.Boot.Backboot.a; Rootkit.Boot.Batan.a; Rootkit.Boot.Bootkor.a; Rootkit.Boot.Cidox.a,b; Rootkit.Boot.Clones.a; Rootkit.Boot.CPD.a,b; Rootkit.Boot.Fisp.a; Rootkit.Boot.Geth.a; Rootkit.Boot.Goodkit.a; Rootkit.Boot.Harbinger.a; Rootkit.Boot.Krogan.a; Rootkit.Boot.Lapka.a; Rootkit.Boot.MyBios.b; Rootkit.Boot.Nimnul.a; Rootkit.Boot.Pihar.a,b,c; Rootkit.Boot.Plite.a; Rootkit.Boot.Prothean.a; Rootkit.Boot.Qvod.a; Rootkit.Boot.Smitnyl.a; Rootkit.Boot.SST.a,b; Rootkit.Boot.SST.b; Rootkit.Boot.Wistler.a; Rootkit.Boot.Xpaj.a; Rootkit.Boot.Yurn.a; Rootkit.Win32.PMax.gen; Rootkit.Win32.Stoned.d; Rootkit.Win32.TDSS; Rootkit.Win32.TDSS.mbr; Rootkit.Win32.ZAccess.aml,c,e,f,g,h,i,j,k; Trojan-Clicker.Win32.Wistler.a,b,c; Trojan-Dropper.Boot.Niwa.a; Trojan-Ransom.Boot.Mbro.d,e; Trojan-Ransom.Boot.Mbro.f; Trojan-Ransom.Boot.Siob.a; Virus.Win32.Cmoser.a; Virus.Win32.Rloader.a; Virus.Win32.TDSS.a,b,c,d,e; Virus.Win32.Volus.a; Virus.Win32.ZAccess.k; Virus.Win32.Zhaba.a,b,c.

 



 Did the provided info help you?

                       

 Give your detailed feedback.

 

Kaspersky Lab

Copyright © 1997-2014 Kaspersky Lab
Site map  |   Contact us  |   International Support Service  |  Send us a suspected virus

Stay connected