Anti-rootkit software testing on the detection and removal of malware
Testing of anti-rootkit software on the detection and removal of malicious programs.
Rootkit technologies have become increasingly popular with virus writers. The reason for this is obvious: they conceal malicious programs and their components from PC users and antivirus programs. The source code for some rootkits can be found on the Internet, inevitably resulting in the use of rootkit technology in various Trojans and spy programs (spyware / adware, keyloggers, etc.).
There are a large number of dedicated software products (anti-rootkit solutions) that are designed to detect and remove such kinds of malicious programs.
The purpose of this test is to analyze the ability of the most popular anti-rootkit products to detect and remove malicious programs actively distributed over the Internet (“in the wild” samples) that take advantage of rootkit technology.
It should be noted that anti-rootkit software is usually tested on various test or proof of concept rootkits, while testing on widespread in the wild samples is what provides the most valuable information.
- Methodology used in anti-rootkit software testing for the detection and removal of malware »
- Selection of malicious programs for the testing of anti-rootkit software for the detection and removal of malware »
Summary of anti-rootkit testing results (March 14, 2007)
| Award |
Products |
| Excellent 9 out of 9 |
Antivir Rootkit 1.0 Beta 3 AVG Antirootkit 1.1 Beta Trend Micro RootkitBuster 1.6 Beta |
| Good 8 out of 9 |
McAfee Rootkit Detective 1.0 Beta Rootkit Unhooker 3.2 F-Secure BlackLight 2.2 Beta Sophos Anti-Rootkit 1.2 AVZ 4.23* |
| Poor results | Gmer 1.0 (6 out of 9) Bitdefender Antirootkit 1.2 Beta 2 (6 out of 9) UnHackMe 4.0 (2 out of 9) |
| * AVZ is a system analysis utility, which includes malicious program detection and removal functionality. | |
Complete results for each antivirus product are available only in PDF or Microsoft Excel format:
Summary of testing results in PDF format »
- Login to post comments
Search
User login
Poll
Recent blog posts
- Russian antivirus market continues to grow
- VoIP hackers strike Perth business
- Will EDoS be the next DDoS?
- Why you should not use ‘OR 1=1’ when testing for SQL injection
- 12 security suites tested and 12 security suites fail
- I lost my login, and we are starting a new company too
- Turbo-charged wireless hacks threaten networks
- Russia’s antivirus market doubles in size
- Eset vs. Anti-Malware.ru
- Regarding rumors about my affiliation with antivirus vendors
Strategic partners
Comments
Really useful anti-rootkits test!
The three best products based on the test results were Antivir Rootkit, AVG Antirootkit and Trend Micro RootkitBuster.
This testing results shows that not all anti-rootkit solutions are the same and you don't need to pay for the best ones because they are free of charge.