Another free security utility: Trend Micro's RUBotted

Another free security utility: Trend Micro's RUBotted

Summary: Trend Micro has released a beta of RUBotted, a little program that watches for incoming bot related traffic.Here's the Trend Micro description:RUBotted intelligently monitors your computer's system behavior for activities that are potentially harmful to both your computer and other people's computers.

SHARE:

Trend Micro has released a beta of RUBotted, a little program that watches for incoming bot related traffic.

Here's the Trend Micro description:

RUBotted intelligently monitors your computer's system behavior for activities that are potentially harmful to both your computer and other people's computers. RUBotted monitors for remote command and control (C&C) commands sent from a bot-herder to control your computer. Additionally, RUBotted watches for an array of potentially malicious bot-related activities, including mass mailing - a common activity performed by a bot-infected computer.

RUBotted co-exists with your existing AV software, providing advanced bot specific behavior monitoring. RUBotted does not rely on frequent, network intensive updates to ensure your computer's continued protection.

The software covers all Windows versions from 2000 to XP to Vista. I took it for a spin and the software is definitely easy and lightweight. In fact, it was almost too easy. I don't know what it scanned per se or how it arrived at the conclusion that my PC was bot free.

Also see: Ten free security apps you should already be using.

What follows is the extent of the application:

The initial installation and scan:

rub1.png

The screen that would reveal any activity:

rub2.png

And the settings:

rub3.png

The application is clearly designed for the background, but as Ryan Naraine notes it's likely Trend Micro will charge for this utility once it's out of beta. If he's right, then we get another nickel and dime effort from security software vendors. I have the McAfee Web service at home and when it's time to renew things get way confusing for these ala carte protection schemes.

Clearly software like RUBotted should be part of a bigger suite or just a component in your everyday antivirus software. Will we get it that way? Probably not. That means I'm unlikely to buy bot scanning software in addition to the other complement of services I get.

Is separate botnet software worth getting to you?

Topics: Security, CXO, Hardware, Software, IT Employment

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

18 comments
Log in or register to join the discussion
  • I'll not pay

    Antivirus, anti-malware, anti-bot, anti-adware.... Where does it end? It's like having several different gangs extorting protection money from your small neighborhood grocery store. Really, one single "anti-bad-stuff" package should do it all.
    bmgoodman
    • Did you read the title ????

      Another [b]free[\b] security utility: Trend Micro's RUBotted
      mrOSX
      • Did you read the article???

        It's in beta and could end up as another pay-for package.
        bmgoodman
        • Yes and No...

          I did miss the part at the bottom, that they may charge for it.

          Well 2 things
          1) I should not trust ZDNET titles, they have shown repeatedly
          they will sensationalize their headlines. So therefore I must
          scrutinize the articles better.

          2) Trend Micro is currently not charging for it, and maybe they will continue to not charge for it(I would not bet on it).
          mrOSX
          • that was funny

            or maybe you could read TFA before criticizing someone for the same thing (even tho they *have* read it, and you haven't)?
            penno2
          • I accuse them of not reading the title....

            not the article.
            mrOSX
        • I doubt it...

          There are a lot of free tools around. Plus, this is something their AV apps should do anyway, no exception.
          ericj9@...
    • You'll pay one way or another

      I know someone who was running Norton 360 (a comprehensive anti-bad-stuff package) and she got infected with some nasty maleware. So bad she couldn't open her browser without porn downloads overloading the browser. Task manager disabled. No way to remote to Norton Tech support. Call to Norton resulted in only solution was to place request for vendor tech support. Geek Squad will repond in about a week with a cost of over $300.

      So how much are you willing to pay? This looks like a good deal to me.
      kyron.gustafson@...
  • How about RU-Ed-Bott-ed?

    Mr. Bott frequently comes out and rails against Vista and the Microsoft road to world dominance. The world needs protection from such people that would besmirch the name of Vista to see their name in print!
    Mike Cox
  • Astaro

    Hi,

    In most of the discussions for security software, the one that I don't really see is Astaro. It's designed for business class unified threat management (UTM), but Astaro is different. They offer free subscriptions for home users.

    The box is $699 (I think) and the subscription for businesses is usually around $1400 per year. But you can also download the software for free, install it on your linux box and let that be your firewall/utm box.

    Here's why I think it's so important to look at devices or software like this: the observer is outside of the windows environment. This allows for a level of objectivity you won't find in any Windows based solution.

    Please do a review or article on Astaro and let consumers know there is an option.

    Thanks.
    Scottman_z
  • all Windows versions from 2000 to XP to Vista...NOT

    Works on Vista unless you are using Vista X64...then you get a message saying that 64 bit operating systems are not supported. From the message I would assume that XP x64 wouldn't work either but I don't have a machine with that OS to try it on.
    cornpie
  • Live OneCare

    Any word from the rep if this is going to implemented in OneCare??
    jxb
  • RE: Another free security utility: Trend Micro's RUBotted

    I installed RUBotted. The Tray icon sits there with a red "X" in it. When I right-click on it a window opens and tells me that the RUBotted service is not started and tells me: "To start the service click on the "Start" button below". There is no "Start" button below. There is no entry for RUBotted in my Program Files or System files. There is no uninstall. A Registry search for "RUBotted" finds 4 entries listed under "Program Files"--which do not exist, I deleted them. A Registry search for "Trend Micro" found over 4,020 entries mostly under TM.PASSTHRUMP, which are all Ethernet related. I was NOT ALLOWED to delete a single file! I reinstalled the program RUBotted and choose the "Repair" option---same thing, the program will not do anything whatsoever. Now I have 2 choices. 1- Completely reinstall windows from scratch. 2- reinstall Windows from a full backup. I understand that this program is free (for now) and in BETA testing, but in BETA is where most problems arise. There is no way to ask Trend Micro for help. The FAQ's are almost non-existent. So, do what you want to do as far as trying this program but BEWARE!
    warnerpeter@...
  • RE: Another free security utility: Trend Micro's RUBotted

    I have installed RUBotted, and so far it seems to be running without a problem.
    On the other hand, it does seem to like to pop up with spurious warnings on a regular basis.
    I say spurious because running "House Calls" takes several hours and the two times that I've done so, the scan has shown clear.
    Quite frankly, at this point I am starting to consider this to be merely a sales tool and of limited value in and of itself.
    jeremy@...
    • I am also seeing faqlse positives

      I am also getting a number of messages that say 1/20/2009 16:11:42 Detected DNS query of malicious domain
      Housecall is an on line version of Internet Security 2009 from T M and has no additional abilities per TM call in service. I have run TM 2009 full scans in both normal and safe mode. Except for an occosional tracking cookie which it removes I am clean and yet the messages continue. I clean out the log and then it says bot free but sure as you know what, within a few hours I get anothor warning. False positives are as bad as no warning.
      Anyone else use this and see the same thing?
      Baer
  • Detected DNS query of malicious domain

    I used this for several weeks. It never identified a real bot but it would pop up with "Detected DNS query of malicious domain" frequently. This occurred on safe sites. I ran virus and spyware scans of my security suite plus several free virus and spyware scans. They found nothing.

    If RUbotted gave the url of the domain it might be useful. As it is, I consider useless and just a waste of resources. I have removed it.
    TriedIt
  • RUBotted is not worth it

    I tried running RUBotted for a few days . . . . . here's why it isn't worth it:

    1) anti-malware programs can interfere with each other if you have several of them in the system tray running all the time, so you kinda have to choose the best ones.

    2) RUBotted is beta, so by definition it's buggy, so it isn't yet one of the "best ones".

    3) it sounded the alarm that it "Detected DNS query of malicious domain" without specifying the "malicious" domain or even attempting to identify which process made the DNS query on my computer. This happened after I initiated an SSH connection to a private server one of my friends runs, which is certainly not a malicious domain. Was it red-flagging my server? Since it doesn't give any more information other than that generic error, I'll never know.

    4) the false-positive result prompted me to install more Trend Micro software to "clean" my computer, which is free for the first use only, so they're trying to upsell me on paid software when I'm not even satisfied with the free software's accuracy or completeness.
    d0s4d1
  • RUBotted not worth it

    I tried running RUBotted for a few days . . . . . here's why it isn't worth it:

    1) anti-malware programs can interfere with each other if you have several of them in the system tray running all the time, so you kinda have to choose the best ones.

    2) RUBotted is beta, so by definition it's buggy, so it isn't yet one of the "best ones".

    3) it sounded the alarm that it "Detected DNS query of malicious domain" without specifying the "malicious" domain or even attempting to identify which process made the DNS query on my computer. This happened after I initiated an SSH connection to a private server one of my friends runs, which is certainly not a malicious domain. Was it red-flagging my server? Since it doesn't give any more information other than that generic error, I'll never know.

    4) the false-positive result prompted me to install more Trend Micro software to "clean" my computer, which is free for the first use only, so they're trying to upsell me on paid software when I'm not even satisfied with the free software's accuracy or completeness.
    d0s4d1