Anti-stealth fighters: testing for rootkit detection and removal

2008-04-01

Andreas Marx

AV-Test.org, Germany

Maik Morgenstern

AV-Test.org, Germany
Editor: Helen Martin

Abstract

While it is easy for a good signature-driven product to find a known sample that has not yet been activated, thanks to rootkit technology it is becoming increasingly challenging for products to detect samples once they are running and trying to hide themselves and other malicious components. Andreas Marx and Maik Morgenstern present the results of two recent rootkit detection tests.

Copyright © 2008 Virus Bulletin

The full article is available to registered users. Click here for free registration or, if you already are a registered user, login to access the full article.

Quick Links

Poll
The Japanese government is reported to have commissioned a 'defensive virus'. Is 'defensive' malware ever a good idea?
Yes
No
I don't know
Leave a comment
View 11 comments

99 Subscription Promo

VB100 certification
VB100 This month's VB100 test saw some major changes and a radical overhaul of the VB100 test methodology - for the first time allowing products to use their 'cloud' look-up systems. John Hawes has all the details.
See full results.

Virus Bulletin currently has 224,245 registered users.