[Full-disclosure] Possible Virus activity
Benjamin Krueger
benjamin at seattlefenix.net
Sat Apr 23 03:28:57 BST 2005
* Benjamin Krueger (benjamin at seattlefenix.net) [050422 19:16]:
> * Jonathan Grotegut (jgrotegut at directpointe.com) [050422 18:10]:
> > Has anyone seen in the last couple of hours any signs of virus activity? We have seen multiple computers through out our networks where the system process (and no, not the System Idle Process) using 100% of the processor. We have seen it on both Windows 2000 and Windows XP machines so far.
> >
> > I have checked several sites with no luck yet.
> >
> > TIA
> >
> > Jonathan Grotegut
>
> You aren't alone. I'm fighting this bizzare problem on a network right now. 100% cpu usage
> on all affected machines. We don't see any unusual network traffic from these machines
> however. If the machine is rebooted, we can log back in but we never get to a useful
> desktop because the CPU is too busy doing other crap.
>
> Anyone else?
I suppose I should add that we are using Trend Micro's Client/Server Suite for SMB and it
has not caught anything relevant today.
--
Benjamin Krueger
"Nakedness is sinful. If God wanted us to go naked, we would have been born that way."
Full-Disclosure is hosted and sponsored by Secunia.