TDSSkiller is free anti-rootkit software from Kaspersky lab. It detects rookits and bootkits on your system, and removes them. It has a nice graphical interface, and is quite easy to use. The scanning speed of TDSSkiller is quite fast, and normally it finishes scanning system for rootkits within a few seconds.
A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API). It can effectively hide its presence by intercepting and modifying low-level API functions. Moreover it can hide the presence of particular processes, folders, files and registry keys. Some rootkits install its own drivers and services in the system (they also remain “invisible”).
How to use TDSSkiller?
Just download TDSSkiller, and run the .exe file. You do not need to install this software. When you run this, it will scan your system, and will show you complete results within a few seconds. As mentioned in help document for TDSSkiller, it can detect following types of suspicious objects:
- [advt]Hidden service – a registry key that is hidden from standard listing;
- Blocked service – a registry key that cannot be opened by standard means;
- Hidden file – a file on the disk that is hidden from standard listing;
- Blocked file – a file on the disk that cannot be opened by standard means;
- Forged file – when read by standard means, the original content is returned instead of the actual one;
- Rootkit.Win32.BackBoot.gen – a suspected MBR infection with an unknown bootkit.