Windows Driver Rootkits
I'm working on testing commercial Windows A/V products. I have a fair corpus of malware samples to run through the A/V systems, but I'm having a hard time locating any driver rootkits. Kernel-mode rootkits, NDIS filter mode drivers, even user-mode drivers. Does anyone have examples lying around that were found in the wild?