home

TDSSKiller.exe

TDSSKiller

Kaspersky Lab

This is a setup program which is used to install the application. The file has been seen being downloaded from download1649.mediafire.com and multiple other hosts.
Publisher:
Kaspersky Lab ZAO  (signed by Kaspersky Lab)

Product:
TDSSKiller

Description:
TDSS rootkit removing tool

Version:
2.8.16.0

MD5:
178a34e5554dce485e1262ddf027960c

SHA-1:
8c96200c80fc632d0645bf7493cd55e5cdf11cda

SHA-256:
eb7d10f674ec5563cd5f5ce644fdf99404b1f340be4ad86f3b460e25597e4c5c

Scanner detections:
0 / 68

Status:
Clean (as of last analysis)

Analysis date:
3/25/2026 10:39:24 PM UTC  (today)

File size:
2.1 MB (2,237,968 bytes)

Product version:
2.8.16.0

Copyright:
© 1997-2013 Kaspersky Lab ZAO.

Trademarks:
Kaspersky™ Anti-Virus ® is registered trademark of Kaspersky Lab ZAO.

Original file name:
TDSSKiller.exe

File type:
Executable application (Win32 EXE)

Language:
English (United States)

Common path:
C:\users\{user}\downloads\tdsskiller.exe

Digital Signature
Signed by:
Kaspersky Lab

Authority:
VeriSign, Inc.

Valid from:
2/14/2012 7:00:00 PM

Valid to:
3/7/2013 6:59:59 PM

Subject:
CN=Kaspersky Lab, OU=Technical dept, OU=Digital ID Class 3 - Microsoft Software Validation v2, O=Kaspersky Lab, L=Moscow, S=Moscow, C=RU

Issuer:
CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US

Serial number:
16E5A775120300FB3419458B40D40834

File PE Metadata
Compilation timestamp:
2/11/2013 9:51:01 AM

OS version:
5.1

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
10.0

CTPH (ssdeep):
49152:0C7wT6w2baU0NXMZLgryRjHZLNjVqMVs0MdZ2Efo1H7xxi:f0T6aNgLgrq1q+sbsx7xU

Entry address:
0x3543E0

Entry point:
50, 9C, 60, E8, 0C, 01, 00, 00, 01, 00, 00, 00, 00, 00, 40, 00, 00, 00, 00, 00, E0, 43, 35, 00, 7F, 97, 21, 00, 4C, 43, 35, 00, 91, 00, 00, 00, 98, 01, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 60, E2, 34, 00, 9C, 3B, 35, 00, 20, 3F, 35, 00, 0C, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 90, 12, 00, 7F, 97, 21, 00, 00, 56, 22, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00...
 
[+]

Entropy:
7.9950  (probably packed)

Code size:
2.1 MB (2,252,800 bytes)

The file TDSSKiller.exe has been discovered within the following programs.

TDSSKiller  by Kaspersky Lab
Kaspersky Lab has developed the TDSSKiller utility that allows removing rootkits. A rootkit for Windows systems is a program that penetrates into the system and intercepts the system functions (Windows API).
support.kaspersky.com/5350?el=88446
About 7% of users remove it
Virusbusters Maintenance  by The Virusbusters
www.thevirusbusters.com
About 1% of users remove it
 
Powered by Should I Remove It?

The file TDSSKiller.exe has been seen being distributed by the following 37 URLs.

http://download1649.mediafire.com/27glh19vvt4g/.../tdsskiller.exe

http://download1742.mediafire.com/w45x112do37g/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?b=dlp5nqsxrN_nkz10b6v38YKaeXYA0gaKZQpGxtDRZUELhpB4NReKFIARRJItJcok&c=wc3_LWM-JqMnwFSveoDtLQ

http://americas.kasperskylabs.com/HS?a=ENX7C63pKWBk8SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1wN

https://onedrive.live.com/.../4gO9raQj9GcXrzdXXiovWyo2W kSfc07TUoJQ=3&ithint=.exe

http://fra-7m22-stor07.uploaded.net/.../64fc73d1-0f06-4258-b86e-8c9c484a70fc

http://americas.kasperskylabs.com/HS?a=ENX7C6wUZ1NE8SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1zp

https://dl-web.dropbox.com/get/Stuff/IT Gear/.../TDSSKiller.exe

http://americas.kasperskylabs.com/HS?b=MdSrqGE_d3qfHY_pFTr2IsvluKRHK-vKeMx-isKkRiKrUkxzfOLhQQzUbJaQc2LK&c=R_-CrCZvPHo6PrVwK1Be0A

ftp://66.241.104.42/tdsskiller.exe

https://support.kaspersky.com/downloads/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1302.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1302.livefilestore.com/.../tdsskiller.exe

https://skydrive.live.com/download.aspx?cid=F977E8B412C8AD48&resid=F977E8B412C8AD48!175&canary=

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1301.livefilestore.com/.../tdsskiller.exe

https://md0svw.bn1301.livefilestore.com/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?a=ENX7C6wvV6W88SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1yO

http://www.techamok.com/.../tdsskiller.exe

http://filepony.de/.../

http://filepony.de/.../

http://passthrough.fw-notify.net/download/556571/http://support.kaspersky.com/downloads/.../tdsskiller.exe

http://americas.kasperskylabs.com/HS?a=ENX7C6wD3gYJ8SA9MOApPJTnGHxKW_VNJvcStGb5lw8W0bBhOG5mpqVsje_HheH7H1NV

http://americas.kasperskylabs.com/HS?a=ENX7C6w7c7cz8SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1w8

http://americas.kasperskylabs.com/HS?a=ENX7C6w4Mly48SA9MOApPJTnGHxKW_VNIfcStGb5lw8W0bBhOG5mpqVsje_HheH7H1Ng

http://software.thaiware.com/download_url.php?id=797

Latest 30 of 37 download URLs

herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.