Zap rootkits with Kaspersky TDSSKiller

Scan and purge rootkits with this anti-malware freeware.

Rootkits burrow into the roots of your Windows operating system, hiding and intercepting Windows API functions, often modifying them for their own purposes, which are seldom benign. TDSSKiller by Kaspersky Labs can find and remove rootkits, either in Normal Mode or Safe Mode. It targets malware where it lurks, including boot records.

We extracted and ran TDSSKiller, which immediately found an available update. Kaspersky strongly advised downloading the update before we scanned our system; we strongly agreed. This involved downloading and extracting a completely new copy of this compact, portable app, but that probably took less time than most ordinary updates. The tool's interface is about as simple as they come: one big Scan button, plus buttons to Change Parameters, view a Report, and Close the program. But the interface also describes what TDSSKiller targets, including a variety of known rootkits as well as rootkit-like anomalies, among them Sinowal, Stoned, Whistler, Trop, Cmoser, Pihar, and others, with new threats added by updates. We clicked Start Scan. TDSSKiller scanned 445 objects in our system in 13 seconds and found zero threats. That's what we expected it to find, but it's still a relief to see a clean report. We clicked Change Parameters, which let us select or deselect both Services and drivers and Boot sector for scanning (both are selected by default). The program only offers two more options: Verify file digital signatures and Detect TDLFS file system. A button lets you quickly restore the default settings.

Even though TDSSKiller found no malware to remove from our system, it generated a detailed report of every step of the recent operation. While we're glad we didn't need Kaspersky TDSSKiller, we don't doubt its ability to find what it claims it can, in part because we've had good experiences with other free utilities from Kaspersky Labs, but also because it's worked well for users who need it to clean up their systems. We're just glad it's available, and happy to run it on our supposedly clean system, even if only to prove it's clean. Come to think of it, that may be the best reason of all.

CNET Top 5
Companies Apple could buy with their billions
Apple's sitting on a massive pile of cash. Here are five interesting ways they could spend it.
Play Video

Member Comments