I just thought I would post something rather strange and see if I could get any info on what might have happened. In December some of the machines my company supports throughout the state went down. They were all Windows 2000 Pro and Servers, and a couple of them even got a new image to run XP. They were unable to be reached from anywhere on the network. They were running Symantec AntiVirusCorporate 9.
The fix for each one of these systems was to install Symantec AntiVirus Corporate 10.2. There was a varying amount of corruption on each system. We ran multiple scans from varying boot cds and all came up clean. Malwarebytes found absolutely nothing. We had to use varying methods to get the systems to install the Antivirus. We had to stop services, rename files (including inetinfo.exe - IIS is a major part of the function these machines perform), delete files.... I can't remember every step we took. But as soon as that new AV was installed the systems just had to have settings changed back to normal. The flash drives I used have checked out completely clean with every scanner I have access to.
We did not have to install any firewall software. These machines are already behind a state government network that requires access to a machine on it, or VPN access. There are at least 2 different domains on the network, one for these systems, and another for the main units we deal with (the ones that had the problem are privately owned, the others are under a contract).
I am just wondering if anyone has heard of something that could cause this. It seems very odd to me that a simple install of the newer AV would fix it. Sure we had found out that the 9.0 version has been out of support for a while, but I've never heard of this type of issue.
Thanks.
The fix for each one of these systems was to install Symantec AntiVirus Corporate 10.2. There was a varying amount of corruption on each system. We ran multiple scans from varying boot cds and all came up clean. Malwarebytes found absolutely nothing. We had to use varying methods to get the systems to install the Antivirus. We had to stop services, rename files (including inetinfo.exe - IIS is a major part of the function these machines perform), delete files.... I can't remember every step we took. But as soon as that new AV was installed the systems just had to have settings changed back to normal. The flash drives I used have checked out completely clean with every scanner I have access to.
We did not have to install any firewall software. These machines are already behind a state government network that requires access to a machine on it, or VPN access. There are at least 2 different domains on the network, one for these systems, and another for the main units we deal with (the ones that had the problem are privately owned, the others are under a contract).
I am just wondering if anyone has heard of something that could cause this. It seems very odd to me that a simple install of the newer AV would fix it. Sure we had found out that the 9.0 version has been out of support for a while, but I've never heard of this type of issue.
Thanks.
Comment