A big whoops over to the people at CA (Computer Associates). In late August they released a virus signature package to their E Trust products that mistakenly flags the required LSASS.exe system file as a trojan horse/ Virus and the real time scanner would delete the file. Upon reboot the server would freeze at a grey screen. This was discovered fairly early but in some cases the damage was already done. You can read more about this error at this blog
http://blogs.technet.com/sbs/archive/2006/09/01/453504.aspx
I have checked the servers of Sysguy clients that have CA ETrust 8 AV on them and all appeared to have notbeen affected by this signature update problem. However I would ask that all Sysguy Clients running this software please contact us before rebooting their servers so that we can be on standby to fix any problems.
Stephen
Leave a Reply