Kama Sutra Worm Update

  Nellie2 19:12 02 Feb 2006

Taken from the Special Edition of SpywareInfo's newsletter, if you would like to sign up for this newsletter then click here

SpywareInfo Newsletter Special Edition

The Kama Sutra worm, which has numerous aliases, is set to deliver its first destructive payload TOMORROW (February 3). This worm is believed to have infected anywhere from 200,000 to 700,000 computers worldwide.

The worm is programmed to destroy numerous antivirus program files and Microsoft Office document files, thirty minutes after an infected machine is powered up, on the third day of each month.

Microsoft has included detection for this worm in its Malicious Software Removal Tool. However, Microsoft is withholding that update from all but paying members of their "Windows Live Safety" and "OneCare" beta services. Microsoft refuses to release the update to the general public, before their regularly scheduled general update, on February 14th. I will have plenty to say about that in tomorrow's newsletter, believe me.

Whether you believe that you are infected or not, you should take precautionary steps now, just in case. Any documents created by Microsoft Office as well as .rar and .zip archives should be backed up and stored on separate, removable storage, such as a CD or DVD. Files and documents of this type will be corrupted beyond repair on infected machines.

Symantec has released a free tool that will remove the virus. Download the tool and run it, even if you are certain that you are not infected. It is a very small file and you have nothing to lose by running it. You don't want to be wrong and lose your boss's spreadsheets, now do you?

[email protected]" title="http://securityresponse.symantec.com/avcenter/venc/data/[email protected]" TARGET="_new">click here

If you already have an antivirus program, make certain it is updated and run a full scan of your computer.

  stalion 19:40 02 Feb 2006

Thankyou for the info
Best Regards

  VoG II 19:46 02 Feb 2006

Removal tool click here

  Nellie2 19:47 02 Feb 2006

Thanks VoG... I didn't notice that my url had gone all wonky

  bluto1 22:40 02 Feb 2006

Nellie2 and VoG, Thank you both.

  Totally-braindead 23:04 02 Feb 2006

My thanks as well the PCA email newsletter mentioned the virus but the link to the removal tool is much appreciated.

  Totally-braindead 23:06 02 Feb 2006

Just read the instructions from the website though, it says you have to shut off system restore. Don't want to do that, anyone know if that is strictly necessary?

  Eargasm 23:17 02 Feb 2006

Big thanks, Vog and Nell

  Bapou 23:32 02 Feb 2006

Anti Virus programs may report that they cannot remove particular files for a number of reasons, i.e.

"Selected object is located inside the archive and cannot be healed, access is denied."

The reason for this could be XP has archived the virus or trojan in System Restore.

Temporarily disabling System Restore, you effectively delete the files created by system restore, thereby removing the threat.

Once clear, restart System Restore and create a new point.

  medicine hat 09:50 03 Feb 2006

Some intriguing stats on click here (found on BBC News website). It also says "We can see that the United States now tops India in the total number of infections, as one might expect. Surprisingly though, the bulk (75,435) of these hits are from two NAT devices at a single US company" - wouldn't want to be the IT Manager at that company!!!

  rdave13 11:09 03 Feb 2006

Thanks Nellie2 and VoG™,will sign up to the newsletter.

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Honor 9 Lite review

How Social Media has Propelled Political Graphic Design and Art in the Last Decade

The best kids apps for iPhone & iPad 2018

HomePod d’Apple : date de sortie, prix et fiche technique