Bad Antivirus

[sec milis <sec.melis () gmail com>]

Dear folks,

I have 3 W2K3 servers, each are running same software binary exe
files. One month ago, they infected with some rootkits and viruses
which later on I know from antivirus detection this malware called
sality, ipz, etc.
After installing a new antivirus and revealed the malware, some of my
software seems not running as expected. At the moment, I suspect that
the malware still there because the AV may not capable to clean them
all. I tried using 3 or 4 most popular AV, but all were claimed the
servers are clean while my software couldn't run smoothly. In fact,
some of exe files has been changed in size while I am not sure whether
this changed made by viruses or 'bad' AV I just installed.
If I try to proof that my exe files has been changed by this 'bad' AV,
does anyone know how to proof this things ? By reversing this exe
files, is it possible to get which part of the files has changed ?

Thank's

Ibha ID

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------