Virus-like program that spreads automatically to other computers by sending itself out by email or by any other means. A program that propagates itself by attacking other machines and copying itself to the affected machine.
Worms have self-replicating code that travels from machine to machine by various means. A worms first objective is merely propagation. Worms can be destructive depending on what payload they have been given. Worms may replace files, but do not insert themselves into files.
Official
Description:
This is a worm that affects AIM. Once infected, a running process called csts.exe will start. This file will make constant calls to suspicious websites that will slow down your internet use. This file also creates a service called RPC Debug Control that starts with Windows. There is also evidence of another service called "Print Spooler Service" being related to this botnet worm.
Comment:
This worm spreads itself through the infected users AIM buddy list. They will receive a message giving the user some excuse click a link that will end in an image. Clicking on the link will run an image#.com file to infect the machine and make it part of the botnet.
Users should also be on the lookout for the process " wowexec.exe" in the task manager that do not have any memory useage. This process is directly related to the rootkit that is also installed by this worm.
Click here and give us what details you
have and let our international research
team take it from there. If you desire
your report will remain anonymous.
8 [
