ルートキット-バイパスレポート

現在でもルートキットに関する熱い議論が飛び交う Sys (Sysinternals) のマルウェアスレッド
何点か突っ込みたいところが無くもないですが Unreal でのバイパス・ディテクションレポートが興味深いのでメモ。

適当な HDD でもあれば試してみたいけどなあ。

Rootkit tech information

Supported File system: backdoor-friendly NTFS
Implementation: DKOM
Predecessors: partially RkDemo, phide_ex and Rustock

ARK TESTS:
========================================
1. Rootkit Unhooker v3.01 BYPASSED
2. Rootkit Revealer v1.71 BYPASSED
3. F-Secure Blacklight BYPASSED
4. DarkSpy v1.05 BYPASSED
5. DarkSpy v1.05fixedbeta2 BYPASSED
6. IceSword v1.20 BYPASSED
7. GMER v1.012 BYPASSED
8. Helios v1.1a BYPASSED
9. SVV v2.3 BYPASSED
10. McAfee Rootkit Detective BYPASSED
11. Sophos AntiRootkit BYPASSED
12. TrendMicro RootkitBuster BYPASSED
13. AVG AntiRootkit BYPASSED
14. AVZ v4.23 ARK Module BYPASSED
15. BitDefender Rootkit Uncover BYPASSED
16. Panda AntiRootkit BYPASSED
17. Panda Tycan BYPASSED
18. modGreeper v0.3 BYPASSED
19. flister BYPASSED
20. UnHackMe BYPASSED
21. SEEM v4.x BYPASSED
22. SafetyCheck v1.5.x BYPASSED
23. Avira AntiRootkit BYPASSED
24. HiddenFinder v1.301 BYPASSED
25. RkDetector v0.6 BYPASSED
========================================

There are no best antirootkits.