|
An ISC reader told us that his company observed a large number of their PCs unexpectedly reboot at around 18:00 Central Time yesterday, with nothing in the event logs to show a shutdown sequence. Is this organization dealing with a large-scale malware infection? Possibly. A malicious program could be rebooting the systems to embed itself deep in the OS, or to disable an anti-virus tool. Of course, the reboots could also be the result of a less malevolent incident, such as a bug in a benign program. Regardless, unexpected mass reboots are certainly worth investigating. Anyone else encountering them lately? -- Lenny |
Lenny 216 Posts Jan 22nd 2009 |
| Thread locked Subscribe |
Jan 22nd 2009 1 decade ago |
|
Could this be related to patch updates or antivirus program updates?
|
Keith 7 Posts |
| Quote |
Jan 22nd 2009 1 decade ago |
|
power glitch? and what malware protection do they company use?
|
Anonymous |
| Quote |
Jan 22nd 2009 1 decade ago |
|
This could also be caused by WSUS releasing a patch with a deadline set. But then again he says the logs show nothing.
|
Michael 32 Posts |
| Quote |
Jan 23rd 2009 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
