Taken From http://securityresponse.symantec.com/avcenter/venc/data/w32.randex.gen.html
Technical Details:
Common characteristics of the W32.Randex family include:
* Spreading through network shares
* Attacking randomly generated IP addresses
* Using default credentials or weak username/password pairs to connect to a remote target system
* Opening backdoor ports
* Opening connections to predetermined IRC servers and waiting for commands from an attacker
* Performing Denial of Service (DoS) attacks
* Some recent variants exploit the Mydoom backdoor on TCP port 3127 to spread to remote systems
For a complete system scan, virus detection and removal, please check out ARNIT FREE Online Virus Scanner at: http://www.arnit.net/security/tplarnit.php?page=vscan
For removal instruction please check out ARNIT Security Advisories at: http://www.arnit.net/security/sectips.php?platform=windows
W32.Randex family
April 26, 2005, 1:40 pm
Page :
1