Trend Micro RootkitBuster

Martin Brinkmann
Oct 1, 2009
Updated • Oct 23, 2012
Security, Software, Windows, Windows software

Most security software programs that are available these days provide protection against rootkits as well. There are on the other hand a few security programs that deal solely with rootkits. One of them is Trend Micro's RootkitBuster which has just been released in a new version which adds the ability to detect rootkits that hook the NT function "IofCompleteRequest".

The portable software program is a rootkit scanner that scans for hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. The minimalistic interface makes program usage simple and straightforward. Users can either click directly on the scan button to perform a system scan for all forms of rootkits that can be detected by Trend Micro RootkitBuster or deselect some of the forms first before starting the scan.

Hidden objects will be displayed in the scan results in the program interface during the scan. It is possible to view the log file as well which contains additional information that are not displayed in the program itself. The difficulty part begins here. Users need to distinguish between harmless and dangerous files. Not every file that is listed in the program or log file is dangerous in nature. The best way to find out is to look at the suspicious file first and perform a search on the Internet afterwards.

rootkitbuster trendmicro

The amount of information offered pales to that of other rootkit detection programs just as Rootkit Unhooker. That's probably the biggest disappointment that Trend Micro has not changed the level of information that is presented to the user.

Trend Micro operates a service where users can submit suspicious files which are then analyzed by the Trend Micro team. Files that are not needed anymore can be deleted right from within the program's interface. Trend Micro RootkitBuster is a portable software program for the Windows operating system which can be downloaded from the Trend Micro website. Users who want to test it extensively can download rootkits from the website.


Tutorials & Tips

Previous Post: «
Next Post: «


  1. Trotter said on October 2, 2009 at 6:47 am

    Hmph. This does not support 64-bit OS’s. At least not Win7 64-bit.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.