This third in a row test evaluates the ability of the most popular antivirus and anti-rootkit products to detect and remove malicious programs ("in-the-wild" samples) that use rootkit technologies and actively circulate over the Internet. The test gives us a good view of how antirootkit software copes with well-known rootkits.
The aim of this test is to evaluate the ability of the most popular antivirus and anti-rootkit products to detect and remove malicious programs (‘in-the-wild’ samples) that use rootkit technologies and actively circulate over the Internet, as well as checking proactive detection capabilities to detect proof-of-concept rootkits hidden on a system.
Submitted by Ilya Shabanov on Fri, 03/30/2007 - 13:47
The purpose of this test is to analyze the ability of the most popular stand-alone anti-rootkit products to detect and remove malicious programs, actively distributed over the Internet (“In The Wild” samples) in their active state, that take advantage of rootkit technology.
Comparative testing of 21 popular firewalls to check the quality of protection from attacks, coming from inside the system. In the test we checked the protection on 64 specially developed utilities, checking the protection of processes from quitting, protection from standard outbound attacks, protection from non-standard leaks and protection from non-standard techniques of penetration inside the kernel-mode.