Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.


Threat LevelModerate threat
DistributionNot widespread
Common name:Randex.T
Technical name:W32/Randex.T.worm
Threat level:Low
Alias:W32/Sdbot.worm.gen.b, Backdoor.IRCBot.gen, W32/Randbot.worm, W32/Randex.worm.c, W32.Randex.Q, Backdoor.IRC.Tastyred, Gesfm, Piebot
Effects:  It connects to an IRC server in order to receive control commands. It spreads across network shared resources.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

Detection updated on:Jan. 2, 2004

Brief Description 


Randex.T is a worm that spreads across shared network resources.

Randex.T connects to an IRC server and waits for control commands to be received. It allows an attacking user to carry out the following actions, among others: search for network computers to affect, launch DDoS (Distributed Denial of Service) attacks, obtain information on the affected computer, and download and run files.

When Randex.T ends running, it deletes the Windows file NETSTAT.EXE. This file allows to check the ports that are open and the connections established.

Visible Symptoms 


Randex.T is difficult to recognize, as it does not show any messages or warnings that indicate it has reached the computer.