In this section, we present the results of our own analyses of IT security software. All of these tests were developed and conducted by participants of the Anti-Malware.ru project.
Testing of anti-rootkit software on the detection and removal of malicious programs
Rootkit technologies have become increasingly popular with virus writers. The reason for this is obvious: they conceal malicious programs and their components from PC users and antivirus programs. The source code for some rootkits can be found on the Internet, inevitably resulting in the use of rootkit technology in various Trojans and spy programs (spyware / adware, keyloggers, etc.). There are a large number of dedicated software products (anti-rootkit solutions) that are designed to detect and remove such kinds of malicious programs. The purpose of this test is to analyze the ability of the most popular anti-rootkit products to detect and remove malicious programs actively distributed over the Internet (“in the wild” samples) that take advantage of rootkit technology. It should be noted that anti-rootkit software is usually tested on various test or proof of concept rootkits, while testing on widespread in the wild samples is what provides the most valuable information.