Security Basics mailing list archives
Bad Antivirus
From: sec.melis () gmail com
Date: Tue, 29 Jan 2013 15:30:55 +0000
Dear folks, I have 3 W2K3 servers, each are running same software binary exe files. One month ago, they infected with some rootkits and viruses which later on I know from antivirus detection this malware called sality, ipz, etc. After installing a new antivirus and revealed the malware, some of my software seems not running as expected. At the moment, I suspect that the malware still there because the AV may not capable to clean them all. I tried using 3 or 4 most popular AV, but all were claimed the servers are clean while my software couldn't run smoothly. In fact, some of exe files has been changed in size while I am not sure whether this changed made by viruses or 'bad' AV I just installed. If I try to proof that my exe files has been changed by this 'bad' AV, does anyone know how to proof this things ? By reversing this exe files, is it possible to get which part of the files has changed ? Thank's Ibha ID Sent from my BlackBerry® smartphone from Sinyal Bagus XL, Nyambung Teruuusss...!
Current thread:
- Bad Antivirus sec milis (Jan 29)
- RE: Bad Antivirus Dan Lynch (Jan 31)
- <Possible follow-ups>
- Bad Antivirus sec . melis (Jan 29)
- Re: Bad Antivirus iamherevivek (Jan 29)
- Re: Bad Antivirus Melissa Augustine (Jan 30)
- Re: Bad Antivirus Adam Pal (Jan 30)
- Re: Bad Antivirus Andre Silaghi (Jan 30)
- Re: Bad Antivirus Michael Peppard (Jan 31)
- Re: Bad Antivirus iamherevivek (Jan 29)