Apparently, according to Symantec, the virus we discovered on the network yesterday is W32.Randex.gen which is a name given to a family of virus’s – which has been around since December 2003, so why on earth did Symantec not pick it up? VERY scary.Update The AV Update that we downloaded at about 10pm last night detected this file and deleted it but I’m still unsure as to why its been available since December. I was going to try doing a heuristic scan on it to see if the av would pick it up but can’t as the new defs have got to the file. I think if I get asked to renew Symantec AV next year I may well be testing different software as this is the third virus get past the detection routines in as many weeks – and we are paying a lot of money for this so called protection.
Comments
http://vil.nai.com/vil/content/v_100454.htm has more information on how this virus spreads and what it does, including shutting down the admin shares on the server.
how do i repair virus W32.randex.gen
Unfortunately you can’t repair – you have to delete the infected files. The mcaffee page at http://vil.nai.com/vil/content/v_100454.htm has the most up to date information (that I’m aware of)