And it is that, in general, our antivirus is not able to detect and eliminate rootkits, so we are going to talk about a perfect complement for it, developed by the popular company Kaspersky and that we can download for free.
What is a rootkit and how does it affect the PC
When we talk about rootkits we are referring to small malicious applications that they hide in the computer of their victims and that are used by cybercriminals or hackers to take control of infected systems at will. The main problem is that these malicious applications are virtually undetectable even for the antiviruses themselves that are not able to locate them. In addition, they have the aggravating circumstance that they work at very low levels, so they hardly raise suspicions among our security software.
We can guess that this type of malware is affecting our computer because it is capable of completely deactivating all security measures, blocking the execution of certain programs, preventing the keyboard and mouse from working properly, blocking Internet access and the computer begins to work slowly or even stops working and without the possibility of booting the operating system or reinstalling it.
TDSSKiller, Karpersky’s solution against rootkit
It is a free anti-rootkit software developed by Kaspersky Labs with which we can detect and remove all kinds of dangerous bootkits and rootkits. We must bear in mind, however, that it is not a tool that replaces our antivirus, but rather that we must use it as a complement to our security software.
Although these dangerous malware can affect any operating system, be it Windows, macOS or Linux, the application created by Kaspersky is focused on the Microsoft operating system. The TDSSKiller tool is capable of detecting and removing malware from the family Rootkit.Win32.TDSSas well as bootkits and rootkits
The application also has the possibility generate reports with all the threats it has been able to detect. This is useful in case we have found a problem when deleting any entry and we need to send it to a technical service or any expert so that they can help us.
List of malicious programs
Next, we show you a list of malicious programs that can endanger our computer and that we can detect and eliminate with TDSSKiller.
- Win32.TDSS
- Win32.Stoned.d
- Boot.Cidox.a
- Boot.SST.a
- Boot.Pihar.a,b,c
- Boot.CPD.a
- Boot.Bootkor.a
- Boot.MyBios.b
- Win32.TDSS.mbr
- Boot.Wistler.a
- Boot.SST.b
- Boot.Fisp.a
- Boot.Nimnul.a
- Boot.Batan.a
- Boot.Lapka.a
- Boot.Goodkit.a
- Boot.Clones.a
- Boot.Xpaj.a
- Boot.Yurn.a
- Boot.Prothean.a
- Boot.Plite.a
- Boot.Geth.a
- Boot.CPD.b
- Win32.ZAccess.aml,c,e,f,g,h,i,j,k
- Win32.Trup.a,b
- Win32.Sinowal.knf,kmy
- Win32.Phanta.a,b
- Win32.TDSS.a,b,c,d,e
- Win32.Rloader.a
- Win32.Cmoser.a
- Win32.Zhaba.a,b,c
- Trojan-Clicker.Win32.Wistler.a,b,c
- Trojan-Dropper.Boot.Niwa.a
- Trojan-Ransom.Boot.Mbro.d,e
- Trojan-Ransom.Boot.Siob.a
- Trojan-Ransom.Boot.Mbro.f
By using this powerful application we can get rid of these dangerous threats that can put the security of our computer in serious trouble.
How does it work
Once we run the application in administrator mode and after accepting the conditions of use, its interface appears completely in English. Its use is very simple because we only need to press the Start Scan to start the analysis. Once this is done, the program will start the analysis and we must wait for it to finish in order to see the results.
But, before we start we can click on the button Change parameters, from where we can select the objects we want to analyze. The more options we select, the more complete the analysis will be, although it will also take a little longer to finish. On this screen we find two sections from which to choose the elements to scan.
Objects to scan:
- BIOS
- system memory
- Services and drivers
- boot sectors
- charging modules
Additional options:
- Verify digital signatures
- Detect TDLFS system files
- Use KSN to scan objects.
Once we have selected all the objectives that we want to scan, we can start system scan in search of dangerous bootkits and rootkits. Once finished, all the threats found, neutralized and quarantined will be shown on the screen. Of course, more advanced users will surely miss more information about the dangers found or suspicious files.
It’s that simple, in case you have eliminated any danger, we only have to restart the system and check that any service or application, which will not work correctly, especially our antivirus, already runs normally again.
Download Karpersky TDSSKiller
Karpersky TDSSKiller is a free app, so we do not have to pay anything for its download and use. It is not even linked to any of Karpersky’s security systems, so it is perfectly compatible with any antivirus or security system that we have installed, since in no case does it replace them, but simply complements them, since it is specially developed to locate bootkits and rootkits. We can download it by clicking on this link to the Kaspersky website.
This application is exclusively compatible with Microsoft operating systems, from Windows XP to the recent Windows 11, as well as 32 and 64 bit. It is portable, so it does not require any type of installation and leaves no traces in the Windows registry. In addition, it allows it to be used from an external storage device, such as a pen drive or hard drive.
Alternatives against the rootkit
If we believe that our computer may be infected by dangerous malware such as bootkits and rootkits, we can also opt for different alternatives to Karpersky TDSSKiller, such as:
McAfee RootkitRemover
McAfee RootkitRemover is a standalone tool that we can use to detect and remove complex rootkits and associated malware. It is currently capable of detecting and removing threats related to the ZeroAccess, Necurs, and TDSS family of rootkits. It should also be noted that this application is not a substitute for a full antivirus scanner. It is designed to detect and remove specific rootkit infections. We can download McAfee RootkitRemover for free from its website.
Malwarebytes Anti-Rootkit
This application has been developed exclusively to locate and eliminate dangerous rootkits from our computer, for which it uses a new cutting-edge technology that is capable of putting an end to even the most dangerous and aggressive rootkits. At the moment it is in beta, although it is perfectly usable on our Windows computer, although always under the responsibility of the user. We can download it for free from the Malwarebytes website.
