NEWS FROM THE LAB - Thursday, February 1, 2007

Video - Haxdoor Demo Posted by Sean @ 12:43 GMT

Last Friday's post linked to Computer Sweden and an "interview" with Corpse, the author of Haxdoor.

Today we have some video demos of Haxdoor.KI and F-Secure Internet Security 2007 with DeepGuard technology.

The DeepGuard System Control feature is capable of defending a system even without definitions of the malware. This is because the behavior of the malware is determined as a threat and is automatically blocked.

The demo uses a Rakningen sample that was caught during a spam run.

DeepGuard Demo with Haxdoor.KI

Part one shows the results of launching Rakningen with System Control disabled. The rootkit is installed. Our F-Secure Blacklight is able to detect it…

Part two shows the System Control in action. It automatically denies Haxdoor access to the system and the rootkit fails to install.

Demo – Part 1 (XviD – 5489k)
Demo – Part 2 (XviD – 6132k)

The videos are also available via our YouTube Channel.