Trend Micro RootkitBuster

October 1, 2009 – 4:00 PM

Most security software programs that are available these days provide protection against rootkits as well. There are on the other hand a few security programs that deal solely with rootkits. One of them is Trend Micro’s RootkitBuster which has just been released in a new version which adds the ability to detect rootkits that hook the NT function “IofCompleteRequest”.

The portable software program is a rootkit scanner that scans for hidden files, registry entries, processes, drivers, and Master Boot Record (MBR) rootkits. The minimalistic interface makes program usage simple and straightforward. Users can either click directly on the scan button to perform a system scan for all forms of rootkits that can be detected by Trend Micro RootkitBuster or deselect some of the forms first before starting the scan.

Hidden objects will be displayed in the scan results in the program interface during the scan. It is possible to view the log file as well which contains additional information that are not displayed in the program itself. The difficulty part begins here. Users need to distinguish between harmless and dangerous files. Not every file that is listed in the program or log file is dangerous in nature. The best way to find out is to look at the suspicious file first and perform a search on the Internet afterwards.

Source:
http://www.ghacks.net/2009/10/01/trend-micro-rootkitbuster/

Or Download:
http://www.trendmicro.com/download/rbuster.asp

You must be logged in to post a comment.