The program has the following features.
Note: This program is in beta and thus may not run properly or contain bugs. Please use this program on a computer at your own risk.
Rootkits have the ability to infect the very core or ‘root’ of an operating system and hide the existence of certain processes and malicious programs from normal methods of detection. Rootkits can also enable continued privileged access to a computer to make system level modifications, leaving the system heavily compromised.
Malwarebytes Anti-Rootkit (MBAR) is designed to counteract malicious attempts to subvert base core subsystems of an OS which usually make it impossible to detect rootkits using conventional methods. Besides the general functionality of allowing a user to detect and remove rootkits automatically, MBAR contains a set of tools allowing to an experienced user to perform some actions to locate unknown rootkits and remove them manually. To protect itself from being terminated by a rootkit or other malware, MBAR uses Malwarebytes Chameleon technologies which prevent modification or removal or MBAR by malware which may reside on the system. This allows MBAR to complete the detection and removal process regardless of such attacks. MBAR uses an active internet connection to keep its database up to ensure that the most current definitions are used in order to detect and remove the latest 0-day rootkits.
Scope of Malwarebytes Anti-Rootkit:
Malwarebytes Anti-Rootkit (MBAR) has been tested and proven to be effective against the following types of rootkits:
MBAR provides a comprehensive system scan to check for rootkits that includes drivers, MBRs (Master Boot Records) and VBRs (Volume Boot Records).
- Kernel mode drivers hiding themselves, like TDL1, TDL2/TDSS, MaxSS, Srizbi, Necurs, Cutwail, etc.
- Kernel mode driver patchers/infectors, embedding malicious code into core files of an Operating System, such as TDL3, ZeroAccess, Rloader, etc.
- Master Boot Record infectors such as TDL4, Mebroot/Sinowal, MoastBoot, Yurn, Pihar, etc.
- Volume Boot Record/OS Bootstrap infectors like Cidox
- Disk Partition table infectors like SST/Elureon
- User mode patchers/infectors like ZeroAccess.
- And many more!
If you decide to use it, please let us know what you think.