So who got hit with McAfee issues this morning

Toggle sidebar Toggle sidebar
Pegun

Pegun

Golden Member
Jan 18, 2004
1,334
0
71
McAfee messed up big time this time. Their newest Entrprise ePO 5958 update found svchost.exe to be virus and sent computers into constant restart loops. Who's companies got hit?

Link
Angry Users are Angry
 
Phoenix86

Phoenix86

Lifer
May 21, 2003
14,644
10
81
LikeLinus said:
Do most enterprises automatically roll out antivirus updates without holding off to see if they will cause issues?
Click to expand...
Yes.

edit: dat file updates, not actual upgrades, which often aren't fully tested either.
 
Last edited:
bruceb

bruceb

Diamond Member
Aug 20, 2004
8,874
111
106
I and our company, no longer use that junk. At work, we are now on Symantec Endpoint Security (not my choice, but it seems ok so far)
 
NesuD

NesuD

Diamond Member
Oct 9, 1999
4,999
106
106
University of Michigan hospital in Ann Arbor is dead in the water right now because of this I am told.
 
A

apac

Diamond Member
Apr 12, 2003
6,212
0
71
Cisco got the update, there is a workaround FYI. My coworker just sent this out

It looks like the new virus definitions pushed out by Mcafee today are detecting a false positive of "W32/Wecorl.a" in svchost.exe (http://community.mcafee.com/message/125600#125600) . When it kills this process Windows forces a reboot after one minute, displaying a countdown timer. Here's how to work around this issue:

1. Log in to Windows before the reboot is triggered.
2. Once you get the reboot countdown timer, pull up a command prompt and enter "shutdown /a" to abort the reboot
3. Open "start->program files->mcafee->virus scan console". From the "tools" menu, select "Rollback DAT" to downgrade to the previous virus definitions.
Click to expand...


edit: my macbook pro did not get the update ;)
 
TuxDave

TuxDave

Lifer
Oct 8, 2002
10,571
3
71
Everyone here at work got killed by it.... except those of us who showed up late to work and didn't get to install the update. >_>
 
T

TheNinja

Lifer
Jan 22, 2003
12,207
1
0
TuxDave said:
Everyone here at work got killed by it.... except those of us who showed up late to work and didn't get to install the update. >_>
Click to expand...

lol - ya us too. you can tell which people woke up early and logged into their laptops
 
gaidensensei

gaidensensei

Banned
May 31, 2003
2,851
2
81
Well, be happy if you're not in the corporate IT dept. It's free day off, what are you complaining about!?
 
TuxDave

TuxDave

Lifer
Oct 8, 2002
10,571
3
71
TheNinja said:
lol - ya us too. you can tell which people woke up early and logged into their laptops
Click to expand...

And conversely, the bright green "online" status on the Corporate IM is now a list of "people who should get fired for oversleeping". Too bad the people who can do the firing probably has their laptop fubared. WIN!
 
TallBill

TallBill

Lifer
Apr 29, 2001
46,017
62
91
TuxDave said:
And conversely, the bright green "online" status on the Corporate IM is now a list of "people who should get fired for oversleeping". Too bad the people who can do the firing probably has their laptop fubared. WIN!
Click to expand...

:awe:
 
B

Booty

Senior member
Aug 4, 2000
977
0
0
Wow... I don't know how, but we dodged this bullet somehow. Could have been a *really* bad day.
 
M

mrCide

Diamond Member
Nov 27, 1999
6,187
0
76
Thankfully we already know what a pos McAfee stuff is and we use Endpoint, although probably not much better.
 
Gibson486

Gibson486

Lifer
Aug 9, 2000
18,378
2
0
mrCide said:
Thankfully we already know what a pos McAfee stuff is and we use Endpoint, although probably not much better.
Click to expand...

We have McAfee, but nothing happened to us. Our IT dept was pretty surprised and our local IT person has no idea why we were not effected.
 
Dirigible

Dirigible

Diamond Member
Apr 26, 2006
5,961
32
91
I'm getting nothing done today because of this crap. I've received like three workarounds. None of them work for me. Sucks big time.
 
James Bond

James Bond

Diamond Member
Jan 21, 2005
6,023
0
0
<3
3UYC
 
Pegun

Pegun

Golden Member
Jan 18, 2004
1,334
0
71
Dirigible said:
I'm getting nothing done today because of this crap. I've received like three workarounds. None of them work for me. Sucks big time.
Click to expand...

Write a vbs to kill the old dat, install 5957 and replace svchost. Our users don't have shutdown command rights so we couldn't fix this any way but techy office visits. Caught it only hours before the entire university went down. Hopefully mcafee thinks long and hard about how this happened because lawsuits may start
 
Dirigible

Dirigible

Diamond Member
Apr 26, 2006
5,961
32
91
Pegun said:
Write a vbs to kill the old dat, install 5957 and replace svchost. Our users don't have shutdown command rights so we couldn't fix this any way but techy office visits. Caught it only hours before the entire university went down. Hopefully mcafee thinks long and hard about how this happened because lawsuits may start
Click to expand...

Thanks, but I'm by no means a computer guy so don't really know what a lot of that means.

I'm fiddling around. Managed to do some stuff to mcafee, found where a copy of svchost is so can copy it, don't know if I can get the older virus definitions thingy going...

IT is going to hate me when I finally do get this computer to them...

Edit: I managed to disable mcafee and replace svchost. Computer is finally working. WHOOOOO!!!
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom