Trend Micro RootkitBuster is a straightforward security utility that looks into critical areas of the system to remove any existing rootkits. It doesn't require installation and features just a few intuitive options made for casual users.
You can drop the executable file in any location on the hard disk and click it to run. Otherwise, you can save Trend Micro RootkitBuster to a pen drive or other removable storage unit to scan any machine without prior installers.
Note that the device must not be read-only, since the application creates some log files in the same location as itself. Although it doesn't modify Windows registry settings, it leaves behind a SYS file after removal.
Select the system areas to scan
The interface is based on a clean and simple window that provides quick access to all main options. All you have to do is select the system areas you want to scan, between files or Master Boot Records (MBR), services, and kernel code patches.
The scanner uses low CPU and RAM, and may take a while to finish, depending on the complexity of your hard drive and scan settings. However, it doesn't interrupt your regular PC activities if it's minimized to the taskbar.
Remove threats and examine log details
In the list of results you can view the type, file path and default action for each threat. Simply select the ones you want to fix, and ask the tool to delete the files. Log details are recorded to a plain text document that you can open without leaving the interface. System reboot may be required to complete deletion tasks (e.g. the files are being used by the PC).
Evaluation and conclusion
We haven't come across any issues in our tests, since the program didn't hang, crash or show errors. Although it has few scan configuration settings, Trend Micro RootkitBuster offers a simple and effective solution to detecting and removing rootkits, and it can be used even by novices.