Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

W32/Randon-AE

Mar 15, 2004 3:57AM PST

Aliases
Backdoor.IRC.Zcrew, Trojan.BAT.Noshare.f, TrojanDownloader.Win32.Apher.gen

Type
Win32 worm

Description
W32/Randon-AE is a multi-component network worm which attempts to spread by copying components of itself over the network via poorly protected network shares.
W32/Randon-AE also allows unauthorised remote access to the computer via IRC channels and open ports.

The worm is initially installed on a system by a self-extracting archive that creates the following folder to which a number of malicious and non-malicious files are added:

C:\<Windows&gtMischief<System>\sysnew


Read more: http://www.sophos.com/virusinfo/analyses/w32randonae.html

Discussion is locked