Most security software programs that are available these days provide protection against rootkits as well. There are on the other hand a few security programs that deal solely with rootkits. One of them is Trend Micro's RootkitBuster which has just been released in a new version which adds the ability to detect rootkits that hook the NT function "IofCompleteRequest".
The portable software program is a rootkit scanner that scans for hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. The minimalistic interface makes program usage simple and straightforward. Users can either click directly on the scan button to perform a system scan for all forms of rootkits that can be detected by Trend Micro RootkitBuster or deselect some of the forms first before starting the scan.
Hidden objects will be displayed in the scan results in the program interface during the scan. It is possible to view the log file as well which contains additional information that are not displayed in the program itself. The difficulty part begins here. Users need to distinguish between harmless and dangerous files. Not every file that is listed in the program or log file is dangerous in nature. The best way to find out is to look at the suspicious file first and perform a search on the Internet afterwards.
The amount of information offered pales to that of other rootkit detection programs just as Rootkit Unhooker. That's probably the biggest disappointment that Trend Micro has not changed the level of information that is presented to the user.
Trend Micro operates a service where users can submit suspicious files which are then analyzed by the Trend Micro team. Files that are not needed anymore can be deleted right from within the program's interface. Trend Micro RootkitBuster is a portable software program for the Windows operating system which can be downloaded from the Trend Micro website. Users who want to test it extensively can download rootkits from the rootkit.com website.
If you like our content, and would like to help, please consider making a contribution: