Hi There,
Can anyone help me with a recurring item W32.Downanup.B - uzxthlq.awr. Every day this is found on most of my Windows 2003 STD servers. I am running SEP 11.0.5, and this file has been around for a while now. I thought that Symantec had gotten rid of it but it just keeps coming back. I went into the View Quarantine box and saw the risk item. I double clicked on the infected file (line item) and from what I can make out, this virus is trying to run a scheudle job called at1.job. SEP then removes the task and the infected file from windows\system32\ and then tomorrow I am back to square one with the same infection.
I have now set SEP to run every night on my servers to try and stop this file but annoyingly it keeps coming back. Is there anything else I can try to get to the root of this infection. I am not to sure on checking for rootkits as i would on a normal laptop/desktop, but being a server im not 100% sure on the procedure, that is if there is any different procedure.
Anyway If someone could point me in the right direction that would be great, thanx.