AV Rootkit detection vs dedicated RK apps.

Discussion in 'other anti-virus software' started by JerryM, Jun 28, 2006.

Thread Status:
Not open for further replies.
  1. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    I know that some, maybe all now, AVs have a rootkit detection and removal capability.
    I wonder how an AV then compares with dedicated anti-rootkit programs.

    Comments?
    Thanks,
    Jerry
     
  2. aluckystar

    aluckystar Registered Member

    Joined:
    May 30, 2006
    Posts:
    66
    Location:
    Paris of the East
    Well, I don't know which one performs better. But as i know, many AV companies had defined Rootkit as a kind of virus and they are trying to improve their AV software to detect and kill these rootkits.
     
  3. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    The AVs that have dedicated anti rootkit technology (F-Secure, for example) are competitive with dedicated solutions. Some other AVs can only detect rootkits before they are installed on the system though. Most vendors are trying to fix this, so we can expect the market to get interesting next year :p
     
  4. JerryM

    JerryM Registered Member

    Joined:
    Aug 31, 2003
    Posts:
    4,306
    Thanks, Firecat. I suppose that the BD beta rootkit application is an example of what you are saying. I do not know how it performs.

    I think that I have read that the AV Comparatives tests do include some rootkits, but they must be under one of the "other" categories. It would be interesting if it were reasonable to have a separate listing for rootkits. I do not have any idea what number or percentage of malware infections are rootkits.

    Jerry
     
  5. pykko

    pykko Registered Member

    Joined:
    Apr 27, 2005
    Posts:
    2,236
    Location:
    Romania...and walking to heaven
    well, basically not so many AV have a fully working anti-rootkit techniology. For this they should detect both already installed rootkits and rootkits that are trying to install. As for now, F-Secure, KAV 6 and perhaps NOD32 are able to do that.... others more or less... Correct me if I'm wrong. :)
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.