RE: Malware detection

[David Gillett <gillettdavid () fhda edu>]

  I encountered a rootkit last year.  MSSE was the only thing I was running that detected it.

  Unfortunately, it only detected it in a temporary folder belonging to a commercial antivirus product I was running 
(which did not itself notice the rootkit...).  My theory is that something about the way the commercial product scanned 
archives caused one or more rootkit components to be extracted and become visible to MSSE.  But of course this 
instance, while visible, was secondary, and so many many attempts by MSSE to "clean" the machine, including required 
reboots, never actually had an effect.
  Several other packages I tried had no success in finding the malware, which eventually crippled the boot process so 
badly I had to reformat and reinstall from scratch.

  (Since then, I've installed ZoneAlarm's new free antivirus.  Too late to see if it could cope with that rootkit, but 
it did find and apparently neutralize many malware examples in a sizable email archive, which none of the previous 
candidates had noticed....

David Gillett
CISSP CCNP
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------