Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Possible Virus activity

From: "Jonathan Grotegut" <jgrotegut () directpointe com>
Date: Fri, 22 Apr 2005 20:33:57 -0600
One of the things one of our techs has found is it is somehow related to Trend Office Scan, one of our techs killed all 
the services on one of the computer he could, he started them up one by one.  Once he started Trend Officescan service 
the System process spiked.  Possible update today on Trend that botched it?
 
Jonathan Grotegut

________________________________

From: Danny [mailto:nocmonkey () gmail com]
Sent: Fri 4/22/2005 8:25 PM
To: Benjamin Krueger
Cc: Jonathan Grotegut; full-disclosure () lists grok org uk
Subject: Re: [Full-disclosure] Possible Virus activity



On 4/22/05, Benjamin Krueger <benjamin () seattlefenix net> wrote:

You aren't alone. I'm fighting this bizzare problem on a network right now. 100% cpu usage
on all affected machines. We don't see any unusual network traffic from these machines
however. If the machine is rebooted, we can log back in but we never get to a useful
desktop because the CPU is too busy doing other crap.


A detailed network sniff leads to nothing?

...D




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: