Using the Trend Micro Rootkit Buster

Problem Description

Malicious software called rootkits can manipulate the components of your Microsoft Windows operating system to conceal how they harm your computer.

They can hide drivers, processes, and registry entries from tools that use common system application programming interfaces (APIs).

Trend Micro RootkitBuster scans hidden files, registry entries, processes, drivers, services, ports, and the master boot record (MBR) to identify and remove rootkits.

The RootkitBuster has the following features:

	User mode Rootkit detection

	Kernel mode Rootkit detection

	Hidden files detection

	Hidden registry entries detection

	Hidden processes detection

	Hidden drivers detection

	Hooked system service detection

	Hidden files cleaning capability

	Hidden registry entries cleaning capability

	Detects the latest FU2 Rootkit

Note: You may check its readme file for more information.

To use the Rootkit Buster, please follow the steps below:

1.	Download the RootkitBuster.exe file.

2.	Click Save when the File Download window appears.

3.	Select Desktop as the location, then click Save.

4.	Do either of the following:

		For Windows XP: Double-click the installer to run the file.



		For Windows Vista and 7: Right-click the installer, then select Run as administrator.

		Note: You will receive the following error message when you do not run the installer with administrator privileges:



			"Tmcomm service is installed but cannot be started."

5.	Read the license agreement.

6.	Select I accept the terms of the license agreement, then click Next.



7.	Click Scan Now.



8.	Wait for the program to finish scanning your computer.



	You will see the results of the scan.

9.	Tick the detected threats, then click Fix Now.



10.	Wait for the Trend Micro Rootkit Buster fix the threats.



11.	Click Restart Now to finish the cleanup.

Solution ID	Last Updated
1034393	Date : 2012/02/2 Time: 4:52 PM (PST)

Product/Version	Platform
Client Server Messaging Security for SMB - 3.6; Control Manager - 3.5, 5.0; InterScan Messaging Hosted Security - 1.0, 2.0, Advanced, Standard; OfficeScan - 10.0, 10.5, 8.0; Trend Micro AntiVirus plus AntiSpyware - 2008, 2009, 2010; Trend Micro Internet Security - 2008, 2009, 2010; Trend Micro Internet Security Pro - 2008, 2009, 2010; Worry-Free Business Security Standard/Advanced - 5.1, 6.0, 7.0	Windows - 2000 Professional, 2000 Server, 2003 Compute Cluster Server, 2003 Datacenter Server, 2003 Enterprise Server, 2003 Home Server, 2003 Small Business Server, 2003 Standard Server Edition, 2003 Standard Server Edition, 2003 Storage Server, 2003 Web Server Edition, 2008 Enterprise Server, 2008 Standard Server Edition, 7 32-bit, Vista 32-bit, XP Home

Rate this Solution
Did this article help you? Yes No	What was the problem with this solution? Required The video did not play properly. The image(s) in the solution article did not display properly. The solution did not provide detailed procedure. The solution is hard to understand and follow. The solution did not resolve my issue. Others. Please specify. Please provide your comments to help us improve this solution. Required

	*This form is an automated system. General questions, technical, sales and product-related issues submitted through this form will not be answered.


Business Knowledge Base All Support
Advanced Search \| View Search Tips