Rootkit Buster

#4076 by Meriadoc
Tue Dec 21, 2010 7:58 am

Seems there was a recent update,

2010-12-16

http://free.antivirus.com/rootkit-buster

download
Filename: RootkitBuster_3.60.1016.zip
MD5 checksum: 88b29adec76a4703605efb10c54d3d83

someone's been busy

Attachments

RootkitBuster_v_3_60_1016_Readme.txt

(6.71 KiB) Downloaded 33 times

Who controls the past controls the future
Who controls the present controls the past

Username

Meriadoc

Posts

195

Joined

Sat Mar 13, 2010 7:36 pm

Location

Cymru

Re: Rootkit Buster

#4087 by a_d_13
Tue Dec 21, 2010 2:19 pm

Hello,

Thank you for the information. I have updated the download link in the list of antirootkits.

Thanks,
--AD

Username

a_d_13

Rank

Global Moderator

Posts

393

Joined

Sun Mar 07, 2010 3:31 am

Re: Rootkit Buster

#4091 by Meriadoc
Tue Dec 21, 2010 4:27 pm

new vm - tdl fail

not expected

Who controls the past controls the future
Who controls the present controls the past

Username

Meriadoc

Posts

195

Joined

Sat Mar 13, 2010 7:36 pm

Location

Cymru

Re: Rootkit Buster

#4094 by nullptr
Wed Dec 22, 2010 9:37 am

Actually TDL3 is one of the few things it will clean, but you need to reboot before scanning.

0xF84FD000 atapi_TM.sys 98304 bytes - original miniport infector.

0xF879A000 C:\WINDOWS\system32\drivers\i8042prt_TM.sys 53248 bytes - later TDL3

Note the driver name change after cure ;)

It detected sdra64, I can't remember what name that went by.
Apart from that, it's still more bluster than buster.

Username

nullptr

Posts

209

Joined

Sun Mar 14, 2010 6:35 am

Re: Rootkit Buster

#4102 by Meriadoc
Wed Dec 22, 2010 4:13 pm

Mm my bad I should have verified it but had little time, which is why I probably forgot to reboot...thanks nullptr :)

Who controls the past controls the future
Who controls the present controls the past

Username

Meriadoc

Posts

195

Joined

Sat Mar 13, 2010 7:36 pm

Location

Cymru