You can search their threat library here: http://www.mcafee.com/us/mcafee-labs/threat-intelligence.aspx
There are numerous pages,blogs, articles etc. No simple list of infections though, you have to search by name for whatever it is.
If you download Stinger from the last link in my signature below and click the "List Viruses" button it tells you what it could detect if present.
The RootkitRemover shown there doesn't have a database publicly available.
Thanks for the response. Would you know if Mcafee will provide samples for analysis purposes ? If yes how does one go about requesting samples ? I am new to the world of malware analyssis.
No, I don't think so. They accept samples for analysis but that's as far as they go.
There's a "Contact McAfee Labs" at the bottom right of that page I linked earlier.
You could try asking them but I'll warn you in advance, they are extremely busy so a response beyond the initial acknowledgement of your email may take time.
1 of 1 people found this helpful
unfortuantely no, we don't share samples generally. If you are a researcher it can be possible, but you can appreciate spreading malware is not something we like to encourage.
Also be careful about other sites which claim to share malware samples - they are often places you'll find the most nefarious things.
Yes thank you for your reply. How would I go about requesting particular binary or code samples for specific rootkits ? What information would Mcafee need from me ? Do they need articles of incorporation and other information ?
Thanks for the reply.
1 of 1 people found this helpful
To be honest, I don't think McAfee would share any malware source code with you unless they already knew you, and you already had an established reputation in the malware research community. That community is quite small, and most of the people in it know each other and know who they can trust. They will share that sort of information among themselves, but would be reluctant to make too much of it public.
However, snippets of source code do get published by a number of the major anti-malware companies in blogs and White Papers. The way to get some information about rootkits is to read as much as you can of what is published in the more technical areas of each company's website. Start with Microsoft, McAfee, Trend Micro, Kaspersky, and one or two others. Spend some time in specialist areas like Wilders Security. And then spend a lot of time in the various areas of the Microsoft site, which is a goldmine of information. You'll soon see a few names that crop up repeatedly, so follow them. Add a comment or two to an article here and there if you know what you're talking about. Acceptance may come (if you're patient and knowledgeable), but it will take a long time.
Thank you for that very helpful reply. Perhaps my eagerness to ontain source code was somewhat premature at this point. However as you pointed out that that sort of relationship take time which I fully understand.
Could you possibly tell me where on the Microsoft site should be searching ? I am familiar with their MSDN site and their forums and SysInetrnals site also.
Please let me know.
A few useful links -
Start with Wikipedia. Many links to useful articles and further reading.
One or two from Microsoft : Technet, MSDN, SysInternals - of course. But also keep an eye on Microsoft Research and the Malware Protection Center, among others. Find an article and follow any links to other areas. You'll be surprised how many undiscovered corners of Microsoft you will find.
Thanks again Hayton. You you have been hellpful.