Using the Trend Micro Rootkit Buster for Home Users

Rootkit, a malicious software, manipulates the components of Microsoft Windows operating system to conceal how it harms computer. It hides drivers, processes, and registry entries from tools that use common system application programming interfaces (APIs).

Download and run the Trend Micro Rootkit Buster to scan hidden files, registry entries, processes, drivers, services, ports, and master boot record (MBR) to identify and remove rootkits.

Note: This tool is only designed to scan your computer for rootkits. For other types of threats, use your Trend Micro Security 2017 instead.
For instructions, refer to this Knowledge Base article: Installing Trend Micro Security 2017.

Features of Rootkit Buster
  • User mode Rootkit detection
  • Kernel mode Rootkit detection
  • Hidden files detection
  • Hidden registry entries detection
  • Hidden processes detection
  • Hidden drivers detection
  • Hooked system service detection
  • Hidden files cleaning capability
  • Hidden registry entries cleaning capability
  • Detects the latest FU2 Rootkit
  • Support hidden MBR cleanup for all disk type
  • Support the detection and cleanup of RTKT_NECURS
  • Detection for malicious MBR modification
  • Support Windows 8.1
  • Detection for system directory permission was removed
  • Detection for malicious MBR modification
  • Enhance MBR and VBR detection and cleanup
  • Support TROJ_GEN.RCBC8GK (GETH)
  • Fix some BSOD and false positive issues

Download and run the Rootkit Buster
To use the Rootkit Buster:
  1. Download Rootkit Buster that corresponds to your system type and save the file on your desktop.
    Note: To check your Windows system type, refer to this Knowledge Base article:
    Check if you are running a 32-bit or 64-bit version of Windows operating system.

     

     

  2. Right-click RootkitBusterV5.0-1198.exe, then select Run as administrator. The following error message may appear when you do not run the installer with administrator privileges:
    Tmcomm service is installed but cannot be started
  3. Read the license agreement.
  4. Select I accept the terms of the license agreement, then click Next.
    Note: This window may appear behind your browser. You need to minimize windows that you have opened.
    License Agreement
  5. Click Scan Now.
    Start Scan

     

    Wait for the program to finish scanning your computer until you see the result of the scan.
    Scan in progress
  6. Tick the detected threats, then click Fix Now.
    Resolve threats

     

    Wait for the Trend Micro Rootkit Buster to fix the threats.
    Removing threats

     

  7. Click Restart Now to finish the cleanup.
    Restart Now
Video Tutorial

Applies To: Antivirus+ Security - 2015;Antivirus+ Security - 2016;Antivirus+ Security - 2017;Internet Security - 2015;Internet Security - 2016;Internet Security - 2017;Maximum Security - 2015;Maximum Security - 2016;Maximum Security - 2017;Premium Security - 2015;Premium Security - 2016;Premium Security - 2017;Titanium AntiVirus + - All;Titanium Internet Security - All;Titanium Maximum Security - All;Titanium Premium Security - All;

Last Updated: Apr. 14, 2017 6:03 AM (PST)
Solution ID: 1105740