Spyware free software spyware removal Anti Spyware software free spyware check adware spyware remover anti virus downloadAnti Spyware Software
Spyware Detector - HomeSpyware Detector - PurchaseSpyware Detector - AffiliatesSpyware Detector - Download UpdatesSpyware Detector -FAQSpyware Detector -Contact Us

Home/ Spyware Encyclopedia / Worm.Randex

 Worm.Randex Technical Details
 CategoryWorm
 Discovered 10/27/2005 12:04:00 PM
 Modified 4/11/2007 11:04:00 AM
 Threat LevelMedium
 DescriptionA Worm is a malicious program that spreads itself without any user intervention. Worms are self-replicating. Worms spread without attaching to or infecting other programs and files. A Worm can spread across computer networks via security holes on vulnerable machines connected to the network. Worms can also spread through email by sending copies of itself to everyone in the user's address book A Worm may consume a large amount of system resources and cause the machine to become noticeably sluggish and unreliable
 Summary

The hosts file was updated with the following url-to-ip mappings: N/A
The following http urls were started: N/A
Generated smtp traffic: N/A
Connection(s) established with remote IRC Server: N/A
The following hidden entries created: N/A
The following internet connection was established: N/A

 When the Worm is executed, it creates the following files:
 
NameVersionPublisherSignature (MD5)File Size (in Bytes)
..\8e25f712.exe  1fc1c40dc125bf4728dccfb19e68561b27136
..\0d887d87.exe  ffdc1ec496221db487c3bd4fb66181c416272
..\f12b2cea.exe  63a1e2c5b0010eb07a6091f2339f190811776
..\3d3323c2.exe  cefbc4432445d11a71aab8f28a6309f981920
..\ac65605d.exe  2a62e8314bf6aa16ed118384e7d8ef7718432
..\ntldr.exe  dc9d7730fe243ca596adbe66b680e50928000
..\amqj.exe    
..\msmonk32.exe    
..\msmsgri32.exe    
..\musirc4.71.exe    
..\netd32.exe  cefbc4432445d11a71aab8f28a6309f981920
..\spolds.exe    
..\system\qq.exe  4a33f3239132b12dcbd6fd2a0d396c0b32384
..\system\wdfmgr.exe  dc9d7730fe243ca596adbe66b680e50928000
..\java\winlogin.exe    
..\scvhost.exe    
 When the Worm is executed, it creates the following Registry entries:
 
..\Software\Microsoft\Windows\CurrentVersion\run\"System document application"
..\Software\Microsoft\Windows\CurrentVersion\run\Windows NT 32\"ntlogin32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\"helpmanager"
..\Software\Microsoft\Windows\CurrentVersion\run\"System document application"
..\Software\Microsoft\Windows\CurrentVersion\run\casdvqwa\"bmqnzkg.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\fen startups\"fensvc32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\metalrock (irc.musirc.com) has sex with printers\"metalrock-is-gay.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\metalrock has sex with camels\"metalrock-is-gay.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft Internet firewall manager\"gmt16.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft netview component v5.1\"msnv32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft netview\"gesfm32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft runtime\"cfgdll32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft spool server for win32\"spoolsrv.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\Microsoft updater32\"lsass32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\ms configuration\"msframer.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\ms_netd_win32\"netd32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\pofatch\"nstrue.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\postdavatch\"nvdas.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\postpatch\"nvdes.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\randex virus built for irbme\"irbme.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\rcf driver\"rcf.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\superslut\"msslut32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\System executable dll library\"execdll32.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\System time updator\"csystime.exe"
..\Software\Microsoft\Windows\CurrentVersion\run\threaded\"intcp32.exe"
Recommendation to remove Worm.Randex
Spyware Detector can remove Worm.Randex, and thousands of other Spyware definitions, automatically and instantly. Click here to download Spyware Detector and scan for free.
Download Spyware Detector and Scan for FREE
 
Personalized e-Mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback. 
Speed up your computer and increase browsing performance by deleting Spyware & Adware
Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software.
Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes.
 
Free Spyware Scan
 Search Threats
Testimonials

Read More
Information Desk
Spyware & Adware Categories we scan
  
List of Spyware &
Adware we remove
Submit a Threat
Submit a threat to be reviewed by our research team

Submit a Threat
Home| About Us| Purchase| Contact Us| FAQ| Privacy Policy