Home / Spyware Encyclopedia / Worm.Randex
 Worm.Randex Technical Details
Category Worm
Discovered 10/27/2005 12:04:00 PM
Modified 5/3/2008 11:01:00 AM
Threat Level Medium
Category Description

A Worm is a malicious program that spreads itself without any user intervention. Worms spread without attaching to or infecting other programs and files. A Worm can spread across computer networks via security holes on vulnerable machines connected to the network and also through email by sending copies of itself to everyone in the user's address book. A Worm may consume a large amount of system resources and cause the machine to become noticeably sluggish and unreliable.
Notice
Summary

The following http urls were started: NA
The hosts file was updated with the following url-to-ip mappings: NA
The following internet connection was established: NA

The following Files were created:

NameVersionPublisherSignature (MD5)File Size (in KB)
..\0d887d87.exe  ffdc1ec496221db487c3bd4fb66181c4 
..\netd32.exe  cefbc4432445d11a71aab8f28a6309f950208
..\3d3323c2.exe  cefbc4432445d11a71aab8f28a6309f9 
..\netd32.exe   50208
..\java\winlogin.exe  c7352e38a86db79d2401f098a4e1ec4830208

The following Registry Entries were created:

..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows mangement"\"Winlogonn.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"pofatch"\"nstrue.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"rcf driver"\"rcf.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"metalrock has sex with camels"\"metalrock-is-gay.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft runtime"\"cfgdll32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"ms configuration"\"msframer.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"System document application"
..\Software\Microsoft\Windows\CurrentVersion\RunServices\\"scvhost"\"scvhost.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"superslut"\"msslut32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"postpatch"\"nvdes.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"System time updator"\"csystime.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft netview component v5.1"\"msnv32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft updater32"\"lsass32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"fen startups"\"fensvc32.exe"
..\Software\Microsoft\Windows\CurrentVersion\RunServices\\"ms-update"\"scvhost.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows loader"\"wstart32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"casdvqwa"\"bmqnzkg.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"randex virus built for irbme"\"irbme.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Microsoft netview"\"gesfm32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"threaded"\"intcp32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"helpmanager"
..\Software\Microsoft\Windows\CurrentVersion\RunServices\\"regsrv"\"scvhost.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"Windows NT 32"\"ntlogin32.exe"
..\Software\Microsoft\Windows\CurrentVersion\Run\\"postdavatch"\"nvdas.exe"
Recommendation to remove Worm.Randex

Spyware Detector can remove Worm.Randex, and thousands of other Spyware automatically and instantly. Click here to download Spyware Detector and scan for free.
Download Spyware Detector and Scan for FREE
 
Search Threats
Customer Service Rating by LivePerson