TDSSKiller

Discussion in 'polls' started by Page42, Apr 7, 2015.

?

Anybody still using Kaspersky's antirootkit utility TDSSKiller?

  1. Yes

    46.3%
  2. No

    53.7%
  1. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,827
    Location:
    Last Breath Farm
    Please elaborate on your answer.
     
  2. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,827
    Location:
    Last Breath Farm
    Looks like it is still being updated, but I'm unsure if its target rootkits are still very active... TDSS, SST, Pihar, ZeroAccess, Sinowal, Whistler, Phanta, Trup, Stoned, RLoader, Cmoser and Cidox.
     
  3. Tarnak

    Tarnak Registered Member

    Joined:
    Feb 5, 2007
    Posts:
    3,873
    I use it every now and then, but only to see if my system is compromised. Highly unlikely, as it seems. ;)
     
  4. ArchiveX

    ArchiveX Registered Member

    Joined:
    Apr 7, 2014
    Posts:
    1,015
    TDSSKiller?

    Occasionally...
     
  5. roger_m

    roger_m Registered Member

    Joined:
    Jan 25, 2009
    Posts:
    5,234
    I still use it from time to on infected computers. Is there still any use for it? I have absolutely no idea.
     
  6. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    Irregularly if I'm helping someone. It's a simple scan that takes less than two minutes, so better to know than to not.
     
  7. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,042
    After moving to 64-bit I've rarely used antirootkit. Gmer few times... Most AM software have some kind of rootkit prevention/detection built-in, so I rely on that.
     
  8. Behold Eck

    Behold Eck Registered Member

    Joined:
    Aug 23, 2013
    Posts:
    437
    Location:
    The Outer Limits
    Haven`t felt the need to use it of late but might give a whizz now that the thought is in my head.

    Regards Eck:)
     
  9. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    Ironically, for the first time in a few years I used TDSSKiller and it found something: PMAX rootkit on a friend's computer.

    Computer still felt too slow, so assumed that there was a bitcoin miner still hanging around, which there was. HMP/MBAM/Rogue Killer got rid of Zero Access and the Bitcoin miners. No obvious bootkits with aswMBR, but just cleaned the PC enough to do some backups before reinstalling.

    I may have been too inebriated to make much sense of manual tools.
     
    Last edited: Apr 13, 2015
  10. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    No. I prefer to use some more powerful and deep program like PowerTool V or XueTr, PCHunter... the results reading sometimes may be not so easy, but I can search in the web to.
     
  11. RJK3

    RJK3 Registered Member

    Joined:
    Apr 4, 2011
    Posts:
    854
    Isn't PCHunter just a newer - and renamed - version of XueTr?
     
  12. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
    Sure, sorry. I posted fast, I meant: PowerTool V or PCHunter, NoVirusThanks Antirootkit...
     
  13. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    Yes I do. I make it a point to check for newer versions just as I do for Pidgin Messenger and some other apps like VLC semi regularly. And scan maybe once a month.
     
  14. Carver

    Carver Registered Member

    Joined:
    Feb 5, 2006
    Posts:
    1,827
    Location:
    USA
    Yes I occasionally do.
     
  15. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,827
    Location:
    Last Breath Farm
    I just ran it yesterday. MBAM was giving me an alert that it couldn't start the anti-rootkit driver.
    I read a lot about it online, and for a brief bit of time I was concerned. Part of that concern led me to run other tools (such as TDSSKiller) to make sure that I didn't have an uninvited guest. It's helpful to have it around.
     
  16. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    I would use it primarily to check other peoples PC's, if the need arises. I feel confident that my PC's are clean.
     
  17. mantra

    mantra Registered Member

    Joined:
    Jan 25, 2005
    Posts:
    5,118
  18. blacknight

    blacknight Registered Member

    Joined:
    Sep 25, 2007
    Posts:
    2,433
    Location:
    Europe
  19. luciddream

    luciddream Registered Member

    Joined:
    Mar 22, 2007
    Posts:
    2,497
    I would remove it after I was done. Tools like that in the hands of the unsavvy user can really fudge their machines up. TDSS Killer & Hitman Pro are much more user friendly than something like GMER though... that one you really have to be careful with. It flags everything that even remotely exhibits the behavior of a rootkit and gives only very vague information as to what it is. Instead of providing you with a path so you can see it's coming from a legit app or something it tells you what type of kit it looks like. Like it'll take a Sandboxie file and label it "Trojan.Downloader462" or something. I'm even gunshy about using that one but I do have it just for a worst case scenario. It is the best at detecting & removing even the nastiest of nasties.
     
  20. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
  21. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,827
    Location:
    Last Breath Farm
    Thread is about TDSSKiller, please.
     
  22. Victek

    Victek Registered Member

    Joined:
    Nov 30, 2007
    Posts:
    5,121
    Location:
    USA
    Yes, I still use it. It continues to be updated and is a fast scan that has found and removed malware a number of times for me.
     
  23. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,764
    Location:
    Outer space
    I use it barely, only when an infection is found and I want to scan with multiple tools, otherwise HitmanPro is a fast and more complete scanner.

    Sorry, it was a reply to @mantra and @blacknight (post #17 and #18.)
     
  24. Aura

    Aura Registered Member

    Joined:
    Mar 19, 2015
    Posts:
    104
    Location:
    Québec, Canada
    It's really efficient to deal with certain rootkit infections (like ZeroAccess), so yes I use it for malware removal online.
     
  25. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Yes, for infected computers that I do not own.