Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.
Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.
Comment:
This worm connects to cracks sites and updates the serials of the software?s present in the computer. It adds files like cmd.com, netstat.com, ping.com that basically executes before the actual command processor executes. Uses Port 135.
Manual
removal:
Delete .Com Files.
1.Goto C:\Windows\System32\.
2.Click on "Tools" and then "Folder Options".
3.Select the "View" Tab.
4.Select the option " Show Hidden Files and Folder".
5.Uncheck the option "Hide Extension for known File types" and "Hide Portected Operating system Files"
6.Click " Apply" and close the window.
7. Search and delete
"NTDETECT.COM","cmd.com","netstat.com","ping.com","regedit.com","taskkill.com","tasklist.com","tracert.com".
8.Reboot the machine and Run "Xcleaner" or "Regblock".
8 [