THis forum recon that thier is an extremely well funded and persistant rootkit exploiting browsers, useing multi-layered encryption and obsurers on the java code. It also has an auto-update feature that make the virus mutate (Polymorphism) it also has other AI features.
Will CAVS be able to stop this one from infecting computers, can it remove it?
Will CAVS have rootkit removal/detection/prevention (I’d say yes to prevention, because no doubt that HIPS and the COMODO firewall would warn of the launch of the .sys driver) in general?
Yes it would prevent it.
for removal, we have some neat ideas that will take us a bit of time to implement after HIPS. With that removal will be very stable.