Event ID - 9000

Port No9000
Service NameW32.Randex.CZZ
RFC Doc0
ProtocolTCP
DescriptionW32.Randex.CZZ is a network-aware worm that will attempt to connect to a predetermined IRC server to receive instructions from a remote attacker.
Reference LinkPort Number:9000 Service Name:W32.Randex.CZZ Port:TCP
AttackAccording to Symantec

The following instructions pertain to all current and recent Symantec antivirus products, including the Symantec AntiVirus and Norton AntiVirus product lines.
1.Disable System Restore (Windows Me/XP).
2.Update the virus definitions.
3.Run a full system scan and delete all the files detected as W32.Randex.CZZ.
4.Delete the value that was added to the registry.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.
 Refresh