March 24, 2004

Virus update.

Apparently, according to Symantec, the virus we discovered on the network yesterday is W32.Randex.gen which is a name given to a family of virus's - which has been around since December 2003, so why on earth did Symantec not pick it up? VERY scary.Update The AV Update that we downloaded at about 10pm last night detected this file and deleted it but I'm still unsure as to why its been available since December. I was going to try doing a heuristic scan on it to see if the av would pick it up but can't as the new defs have got to the file. I think if I get asked to renew Symantec AV next year I may well be testing different software as this is the third virus get past the detection routines in as many weeks - and we are paying a lot of money for this so called protection.

Posted by Andy at March 24, 2004 5:24 AM
Comments

http://vil.nai.com/vil/content/v_100454.htm has more information on how this virus spreads and what it does, including shutting down the admin shares on the server.

Posted by: Me at March 25, 2004 10:53 AM

how do i repair virus W32.randex.gen

Posted by: robert johnson at March 27, 2004 5:21 AM

Unfortunately you can't repair - you have to delete the infected files. The mcaffee page at http://vil.nai.com/vil/content/v_100454.htm has the most up to date information (that I'm aware of)

Posted by: Me at March 27, 2004 8:30 AM