Re: [Full-disclosure] Possible Virus activity

* Jonathan Grotegut (jgrotegut@directpointe.com) [050422 19:30]:
> One of the things one of our techs has found is it is somehow related to 
> Trend Office Scan, one of our techs killed all the services on one of the 
> computer he could, he started them up one by one.  Once he started Trend 
> Officescan service the System process spiked.  Possible update today on Trend 
> that botched it?
>  
> Jonathan Grotegut

http://kb.trendmicro.com/solutions/search/main/search/SolutionDetail.asp?SolutionID=24263&btnSearch=GO

"Windows XP Service Pack 2 machines with critical patches and OfficeScan 
Corporate Edition (OSCE) starts 
to experience high CPU utilization after updating to Pattern 594"

594 was released today, and then 596 was released immediately afterwards. It 
looks like the machines
having problems on my network are running 594 and weren't able to successfully 
update to 596. Coincidence?
I think not.

Thanks Trend. You've ruined my Friday night. My girlfriend and I thank you...

-- 
Benjamin Krueger

"Nakedness is sinful. If God wanted us to go naked, we would have been born 
that way."
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/