Welcome to the Virus Encyclopedia of Panda Security.
|Alias:||W32/Sdbot.worm.gen.b, Backdoor.IRCBot.gen, W32/Randbot.worm, W32/Randex.worm.c, W32.Randex.Q, Backdoor.IRC.Tastyred, Gesfm, Piebot|
|Effects: ||It connects to an IRC server in order to receive control commands. It spreads across network shared resources.|
|Detection updated on:||Jan. 2, 2004|
Randex.T is a worm that spreads across shared network resources.
Randex.T connects to an IRC server and waits for control commands to be received. It allows an attacking user to carry out the following actions, among others: search for network computers to affect, launch DDoS (Distributed Denial of Service) attacks, obtain information on the affected computer, and download and run files.
When Randex.T ends running, it deletes the Windows file NETSTAT.EXE. This file allows to check the ports that are open and the connections established.
Randex.T is difficult to recognize, as it does not show any messages or warnings that indicate it has reached the computer.