Kama Sutra: the final countdown - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 02-02-2006, 08:31 PM   #1 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Kama Sutra: the final countdown

The destructive Kama Sutra worm has begun thrashing files on infected machines with incorrectly set system clocks. Even though the worm is programmed to first delete files on infected machines on Friday (February 3), its deadline is based on the clock of infected Windows PCs. Finnish anti-virus firm F-Secure says it has already received two reports from users who've had files on their system overwritten by the worm.

The Kama Sutra worm (AKA Nyxem-D or Blackworm) first appeared on January 18, posing as a email message offering a variety of salacious content. Subject lines used in the malicious emails include: The Best Videoclip Ever, Fw: SeX.mpg, Miss Lebanon 2006 and ****in Kama Sutra pics. The worm only affects Windows PCs.

Windows users who fall for this ruse wind up with an infected machine and disabled security software. Worse still, Nyxem-D is also programmed to overwrite files on Friday February 3, and the third day of every month thereafter. The worm overwrites DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files on all mounted drives.

This old-school "trash your Windows PC" worm has infected an estimated 600,000 machines, with the US, India and Peru having the greatest number of infected machines, Security Focus reports. One US firm alone is responsible for around 75,000 infection hits, according to an analysis by security firm LURHQ.

Windows users are advised to run scans for infection using up-to-date anti-virus signatures. The worm attempts to disable most anti-virus products, so if you hit trouble on this score it's a good idea to either reinstall software or run web-based anti-virus scanners, such as Trend Micro's free House Call service. Symantec, among other security vendors, has published a free disinfection tool.
__________________

__________________
Osiris is offline  
Old 02-02-2006, 09:01 PM   #2 (permalink)
Newb Techie
 
Join Date: Jan 2006
Posts: 8
Send a message via AIM to HoboConductor
Default

http://clamwin.com/

Clamwin gets rid of the virus, just incase anyone is looking for a free antivirus proggy that might suspect they have the worm.

Clamwin is also a lot more thorough then almost all antivirus programs available.
__________________

HoboConductor is offline  
Old 02-02-2006, 09:07 PM   #3 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Did this work for you?
__________________
Osiris is offline  
Old 02-02-2006, 09:09 PM   #4 (permalink)
Newb Techie
 
Join Date: Jan 2006
Posts: 8
Send a message via AIM to HoboConductor
Default

http://www.clamwin.com/content/view/97/1/

Its on the front page buddy

I don't have any viruses or spyware on my computer, I'm too secure. That and the worm gets onto your computer through e-mail, I don't get a lot of e-mail due to the fact that hardly anyone knows my address.
HoboConductor is offline  
Old 02-02-2006, 09:52 PM   #5 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

its right here too


http://securityresponse.symantec.com...kmal.e@mm.html
__________________
Osiris is offline  
Old 02-03-2006, 05:05 AM   #6 (permalink)
True Techie
 
void's Avatar
 
Join Date: Oct 2005
Posts: 198
Default

ClamWin is very good IMO. In the docs it shows how to put it on to a pen drive and use it to scan other computers without installation. Although it does a very deep scan, scan times are long and it isn't on-access, a feature soon to be added. A good AV to go with an on-access scanner.
void is offline  
Old 02-03-2006, 02:24 PM   #7 (permalink)
Newb Techie
 
Join Date: Jan 2006
Posts: 8
Send a message via AIM to HoboConductor
Default

Symantec produces their own viruses and spyware just so you know.
HoboConductor is offline  
Old 02-03-2006, 06:43 PM   #8 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Thumbs down

Quote:
Originally posted by HoboConductor
Symantec produces their own viruses and spyware just so you know.
No they dont....
__________________
Osiris is offline  
Old 02-06-2006, 09:54 AM   #9 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

The much anticipated Kama Sutra worm turned out to be rather flaccid. The worm was programmed to overwrite files on infected Windows PCs on Friday (February 3), but in the event only a few people got hit - even though many machines were infected at one time or another.

The Kama Sutra worm (AKA Nyxem-E or Blackworm) poses as an email message offering a variety of salacious content. Subject lines used in the malicious emails include: The Best Videoclip Ever, Fw: SeX.mpg, Miss Lebanon 2006 and ****in Kama Sutra pics. The worm, which can also spread across network shares, only affects Windows PCs.

Windows users who fell for this ruse wound up with an infected machine and disabled security software. Once infected, machines start to spew out additional copies of the worm. Worse still, Nyxem-E was also programmed to overwrite files on Friday February 3, and the third day of every month thereafter. The worm overwrites DOC, XLS, MDB, MDE, PPT, PPS, ZIP, RAR, PDF, PSD and DMP files on local drives.

Since its first appearance on January 16, an estimated 600,000 PCs worldwide were infected by the PC thrashing worm at some point, with the US, India and Peru thought to harbour the greatest number of compromised machines.

Security watchers said many users of infected machines cleaned up their act, so that only an estimated 20,000 machines were left infected on strike day. If those infected machines were not rebooted on Friday then no damage would have occurred.

The Nyxem virus family that spawned Kama Sutra (AKA Nyxem-E) first appeared in March 2004. The first worm in the series launched a DDoS attack against the "New York Mercantile Exchange" website (www.nymex.com). The motive and perpetrator of the virus series remains unknown
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 08:56 AM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.