Wierd messages coming from our Symantec server.

M23 · 10-20-2004, 10:26 AM

We are running Symantec corporate 8

This appeared on all the clients this morning.

Read Carefully

Could someone have haxored my AV server?

**Fox** · 10-20-2004, 10:42 AM

apparently

CTSNKY · 10-20-2004, 10:53 AM

LOL......have to give the originator points for creativity anyway!

:4-type:

M23 · 10-21-2004, 08:17 AM

Quote:

Originally Posted by CTSNKY

LOL......have to give the originator points for creativity anyway!

:4-type:

I'm dead serious, wtf could have caused this? Is there a way to modify the out of date AV notifications with Symantec corporate?

**jgvernonco** · 10-21-2004, 03:59 PM

I doubt that there is anyone on this forum who is conversant with Symantec Corp , so we are pretty useless to you.

As an aside, I was pretty up on Symantec solutions until I turned my back and walked away. The whole thing is too integrated into the OS to be really secure, and demands unreasnable amounts of resources. I am aware that this does not resolve your problem right now, but I am still going to recommend that you look carefully at the Trend Micro Enterprise solutions at your first opportunity. Not only does it perform better, but you wouldn't be talking to us right now, as they have decent support.

I believe that your server has been compromised. You can run HJT scans on servers. If you would like us to take a look, we would be happy to.

M23 · 10-22-2004, 09:24 AM

Quote:

Originally Posted by jgvernonco

I doubt that there is anyone on this forum who is conversant with Symantec Corp , so we are pretty useless to you.

As an aside, I was pretty up on Symantec solutions until I turned my back and walked away. The whole thing is too integrated into the OS to be really secure, and demands unreasnable amounts of resources. I am aware that this does not resolve your problem right now, but I am still going to recommend that you look carefully at the Trend Micro Enterprise solutions at your first opportunity. Not only does it perform better, but you wouldn't be talking to us right now, as they have decent support.

I believe that your server has been compromised. You can run HJT scans on servers. If you would like us to take a look, we would be happy to.

What are HJT scans?

mimo2005 · 10-22-2004, 09:29 AM

Quote:

Originally Posted by M23

What are HJT scans?

create a permanent folder ,name it hijackthis

then download and install inside that folder ,this program:

http://www.softpedia.com/public/cat/...10-17-69.shtml

scan with it ,save the log ,and post it in this thread .

M23 · 10-29-2004, 08:29 AM

Quote:

Originally Posted by mimo2005

create a permanent folder ,name it hijackthis

then download and install inside that folder ,this program:

http://www.softpedia.com/public/cat/...10-17-69.shtml

scan with it ,save the log ,and post it in this thread .

Dude, was in an IE tool have to do with My Symantec AV server problem?

greyknight17 · 10-29-2004, 08:58 AM

What? Your question is not making sense. Could you clarify?

Post your HijackThis log file in this thread (just reply to it) and we will take a look at it.

**Fox** · 10-29-2004, 10:00 AM

Quote:

Dude, was in an IE tool have to do with My Symantec AV server problem?

HijackThis is not an Internet Explorer tool. It is a way to show everything that is active in memory and everything that has altered the way your computer communicates with the network.

10-20-2004, 10:26 AM	#1 (permalink)
M23 Registered User Join Date: Oct 2004 Posts: 4 OS: XP	Wierd messages coming from our Symantec server. We are running Symantec corporate 8 This appeared on all the clients this morning. Read Carefully Could someone have haxored my AV server?

10-20-2004, 10:53 AM	#3 (permalink)
CTSNKY Knower of all that is MS Join Date: Aug 2004 Posts: 10,755 OS: (multiple machines) 95, 98, 2K & XP Home & Pro	LOL......have to give the originator points for creativity anyway! :4-type: __________________ GO BIG BLUE!!

10-21-2004, 03:59 PM	#5 (permalink)
jgvernonco Old Timer Join Date: Sep 2003 Location: Northern Arizona Posts: 7,957 OS: Vista Home Premium, SP 27	I doubt that there is anyone on this forum who is conversant with Symantec Corp , so we are pretty useless to you. As an aside, I was pretty up on Symantec solutions until I turned my back and walked away. The whole thing is too integrated into the OS to be really secure, and demands unreasnable amounts of resources. I am aware that this does not resolve your problem right now, but I am still going to recommend that you look carefully at the Trend Micro Enterprise solutions at your first opportunity. Not only does it perform better, but you wouldn't be talking to us right now, as they have decent support. I believe that your server has been compromised. You can run HJT scans on servers. If you would like us to take a look, we would be happy to. __________________ Donations keep TSF moving forward. Please help. http://www.myspace.com/speedbumpthecelt

10-29-2004, 08:58 AM	#9 (permalink)
greyknight17 Analyst, Security Team Join Date: Jul 2004 Location: New York Posts: 14,327 OS: Windows 98 & Windows XP Home/Pro My System	What? Your question is not making sense. Could you clarify? Post your HijackThis log file in this thread (just reply to it) and we will take a look at it. __________________ Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. Adaware :: CWShredder :: HijackThis :: Panda ActiveScan :: Spybot S&D Anti-Spyware Tutorial :: Spyware Prevention Tools

10-20-2004, 10:42 AM	#2 (permalink)
Fox Moderator, Microsoft Support Join Date: Sep 2002 Location: NJ Posts: 7,752 OS: XP Pro, CentOS My System	apparently