Jump to content
Sign in to follow this  
Wademan

I have The Kama Sutra WorM

Recommended Posts

:( Hello...UGGGGG Ok do i have the worm kama sutra??i think... so. my AV Just an hour ago said real time an email monitoring Is OFF i tried 8 times to re-enable an used system restore even twice, still IT will NOT turn ON..this is THE major sympton of this worm....an ideas, thoughts, suggestion,???throw pc away??...dang I have problems every 3 weeks for 9 months straight now please help someone, an yes i have like 20 anti spyware an firewalls all at max seetings etc... :pullhair: figures i would get it goona try online scans ...oh boy fun fun... :( i use btw Ez trust AV Edited by Wademan

Share this post


Link to post
Share on other sites

Hiya wademan take a look here............

 

http://www.f-secure.com/v-descs/nyxem_e.shtml

 

I put a post about this here..........

 

http://pcpitstop.invisionzone.com/index.php?showtopic=110054

 

Hope this helps you............

 

regards pacman

 

sorry about first post mate hope you get it sorted........

Edited by pacman123

Share this post


Link to post
Share on other sites

Hiya wademan take a look here............

 

http://www.f-secure.com/v-descs/nyxem_e.shtml

 

I put a post about this here..........

 

http://pcpitstop.invisionzone.com/index.php?showtopic=110054

 

Hope this helps you............

 

regards pacman

 

sorry about first post mate hope you get it sorted........

 

Ty pacman I goona CRY....How could this happen..when i so protected...No online scans work either...NONE...ill try removal tool....Please pray for me...uggg.... :pullhair: cant even contact av support with online chat it fails also....gawd man i need super help asap... :pullhair: Jaycee!!!!!! where are u!....lol..uggg...

Share this post


Link to post
Share on other sites

You get it through email. If you haven't got your email client securely protected, you risk infection.

 

Are you totally sure that you have it?

 

EDIT: Hang on, aint today the 3rd? (it's the 4th over here)

 

with regards

Share this post


Link to post
Share on other sites

You get it through email. If you haven't got your email client securely protected, you risk infection.

 

Are you totally sure that you have it?

 

EDIT: Hang on, aint today the 3rd? (it's the 4th over here)

 

with regards

 

nOT 100 sure cm....i never click on odd emails, only 6 people have one on thie pc, yes its the 3rd here...no scans work at all....maybe disable system restore an run spmtechs removal tool??..i have no idea...on on phone with ez trust, but they SUPER busy an will Charge $50-75 per call.. :pullhair: removal tool came up zero...but system restore on..ya think it hides there. i need to know that for sure....TY TY an anyone helps..i guess if i have it pc is toast?... :(

Share this post


Link to post
Share on other sites

That worm wipes out all windows office files, like .doc and .rar also kills .zip files

go here from another pc and download the scanner, it would be nice if ya had a thumb drive, but if ya don't you'll have to burn to a disk, then pop it in the infected machine and run the scan engine

Share this post


Link to post
Share on other sites

Wademan have you tried downloading another AV? And.....did you try any other removal tool besides f-secure?

Edited by teacup61

Share this post


Link to post
Share on other sites

i have like 20 anti spyware an firewalls all at max seetings etc... :pullhair: figures i would get it goona try online scans ...oh boy fun fun... :( i use btw Ez trust AV

 

I have one firewall, one av and two blockers, i test new sucurity programmes and never, have i got into as much trouble as you seem to think you have :-

 

Previous problems

 

"only 6 people have one on thie pc"

 

If other's use the same pc, then you'd better educate them, 'cause it looks like some buggers opened an attachment. :mrgreen:

Share this post


Link to post
Share on other sites

I have one firewall, one av and two blockers, i test new sucurity programmes and never, have i got into as much trouble as you seem to think you have :-

 

Previous problems

 

"only 6 people have one on thie pc"

 

If other's use the same pc, then you'd better educate them, 'cause it looks like some buggers opened an attachment. :mrgreen:

 

UPDATE" ok was on phone for 65 mins with tech support for Ez trust...heres the deal They on Feb 2nd, to prepare for worm ( kama sutra) they reversed there scan engine an updates, over 50,000+people had this issuse, a variant of worm was in the update but..removed quickly, but users of ez trust could not update or even scan, an it would block online scans ( long, long story guys on deatails from tech guy )..had to re-install AV an tech guy gave me speacil key, to bypass known issuse...ok, now it is on an working.....,so next step is try online scans....he said they should work....but worm has effected a few online scanners just for today :blink:....I wanna thank Pacman especially, for his advice an help, ya the best dude :beer: an ALL others...i will update this asap..after online scans...what a mess...bottom line it was Ez trust's fault in this matter, NOT me or lack of my protection...tech support waived $50 fee, TG...so..now i will try online scanner...guys ya think i should shut off system restore an scan all dang nite with 5 scanners AV, an 10 anti spy??.. :blink: ......ill update soon, again TY TY....dont get eztrustAV :geezer: Edited by Wademan

Share this post


Link to post
Share on other sites

Ez trust AV seems to be having a problem. An admin and MVP Windows-Security at TomCoyote is having a heck of a time with that AV. Download the free version of AVG for now:

 

http://www.grisoft.com/us/us_dwnl_free.php

 

Thank you Jaycee..but so far( croos fingers ) ez trust is on per my update above^^^...i trying to runonline scans ...now.. :crash: Ok guys YUpdate this is panda'sonline scanner error>>>wth???>>>> Error on downloading ActiveScanAn error has occurred downloading Panda ActiveScan. Please repeat the process. If the error occurs again, restart your system and try againPossible causes of this error are:

 

Not allowing the application's ActiveX control to be downloaded.

 

Problems with the Internet connection.

 

The error could be due to a download error or an installation error due to lack of hard disk space, privileges etc.,... Try again

:pullhair:

Edited by Wademan

Share this post


Link to post
Share on other sites

Not allowing the application's ActiveX control to be downloaded

:sparkle:When mine does this I dump temp files delete cookies and disable my firewall till it's running. :sparkle:

Share this post


Link to post
Share on other sites

:sparkle:When mine does this I dump temp files delete cookies and disable my firewall till it's running. :sparkle:

 

Ty Juliet for ya input, however that doesnt even work...i found windows xp firewall has been off....I did NOT turn it off, no one else has any access to this pc....i tried to re-enable Error: error has occured while attemped to share network"...have no idea what that is..I dont use sharing or whatever...VERY odd...but i do have HARDAWRE firewall, better than software kinds..in dsl modem...its on stealh mode same as its been for 2 years/.... also I didnt touch ONE thing on pc in days...only thing was the mvps host file update ( jan 30 ) that was when some odd things happened...could it be there is an error in that?... i tried to remove the mvps host update an reset back to Jan 12 or whatever it is...i cant...so..I am lost...no online scans work... an Jaycee the av ya suggested error for that even pops up " restritced access, can not download privlegies suspended" what in the hell is going on guys/?.... pc works..but cant scan at online scanners at all...97% of time means virus is blocking you.... tech support at Ez trust, tere level 3, the highest they have, says if i had the full vesrion of this worm pc wouldnt even boot up, well I heard diffent at several top forums on that....i hope someone can help me for the 100th time :bawling: Edited by Wademan

Share this post


Link to post
Share on other sites

Have you tried the symantec removal tool? I ask for a reason :)

 

 

Look here.....try to use something other than these. The worm tries to delete these, so try something else.

# \C$\Program Files\Norton AntiVirus

# \C$\Program Files\Common Files\symantec shared

# \C$\Program Files\Symantec\LiveUpdate

# \C$\Program Files\McAfee.com\VSO

# \C$\Program Files\McAfee.com\Agent

# \C$\Program Files\McAfee.com\shared

# \C$\Program Files\Trend Micro\PC-cillin 2002

# \C$\Program Files\Trend Micro\PC-cillin 2003

# \C$\Program Files\Trend Micro\Internet Security

# \C$\Program Files\NavNT

# \C$\Program Files\Panda Software\Panda Antivirus Platinum

# \C$\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal

# \C$\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro

# \C$\Program Files\Panda Software\Panda Antivirus 6.0

# \C$\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus

Edited by teacup61

Share this post


Link to post
Share on other sites

Have you tried the symantec removal tool? I ask for a reason :)

Look here.....try to use something other than these. The worm tries to delete these, so try something else.

# \C$\Program Files\Norton AntiVirus

# \C$\Program Files\Common Files\symantec shared

# \C$\Program Files\Symantec\LiveUpdate

# \C$\Program Files\McAfee.com\VSO

# \C$\Program Files\McAfee.com\Agent

# \C$\Program Files\McAfee.com\shared

# \C$\Program Files\Trend Micro\PC-cillin 2002

# \C$\Program Files\Trend Micro\PC-cillin 2003

# \C$\Program Files\Trend Micro\Internet Security

# \C$\Program Files\NavNT

# \C$\Program Files\Panda Software\Panda Antivirus Platinum

# \C$\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal

# \C$\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro

# \C$\Program Files\Panda Software\Panda Antivirus 6.0

# \C$\Program Files\CA\eTrust EZ Armor\eTrust EZ Antivirus

 

yes but system restore is on...but dang i afarid to turn it off my broweser wehre all resized too, it fixed that///BUt i know a worm can hide in sys retore..what ya think?.....TY teacup, but yes tool from symtech said its not on here..BUT sys restore..maybe has hit hidden.>>>I wanna pull all my hair out..i hav ereal long hair btw ...uggggg :pullhair: Edited by Wademan

Share this post


Link to post
Share on other sites

Turn off system restore, then turn it back on. Go here and look toward the bottom, it'll tell you to turn it off.

http://securityresponse.symantec.com/[email protected]

 

well disabled system restore ran symtechs tool no worm found it says..well if not isnt very odd this happens on this day...an NO onlice scanners work for me now?....something IS very wrong...even ez trust tech says u have something on ya pc if that is the case.... :pullhair:

Share this post


Link to post
Share on other sites

I noticed AVG Antivirus or Avast! isn't listed, try downloading those...

 

 

That was my thought too. ;)

Share this post


Link to post
Share on other sites

That was my thought too. ;)

 

very odd thing ..BitDefender ONLINE scanner works...which never worked before...came up clean...i think this whole thing is Eztrust's av's fault...as jaycee said as well LOTS having problems....TY guys...there HAS to be something on this pc..... :blink: i so worried since tech guy says well we were infected by worm but fixed.."blah..yeah..right...anyone think mvps host blocking av's ?...Temerc?..he good at those...ya see this man...please advise Temerc...TY

Share this post


Link to post
Share on other sites

 

Shouldn't be. :blink:

 

with regards

 

didnt think so CM...well cant run pcpistop test either..Hangs at internet upload test for like 1 hour..till it shuts off....First time ever i cant do test in 3 years.....so tell me..if this isnt the worm or virus what in hell is it?...TY TY :pullhair: Edited by Wademan

Share this post


Link to post
Share on other sites

Back up the things you want to keep Wademan. If you've been hit, it's gonna get worse before it gets better. This is a sleeping worm and if like those before when the trigger is pulled, it will destroy only enough to own your rig.

 

The hardware firewall will prevent external to internal contact, but will allow sessions from internal to external sessions while the inquiry is in progress.

 

I honestly hate to say it, but it could account for the multiple problems that you've been so painstakingly fighting.

 

Going through this thread, knowing your history, HijackThis logs and the utilities that you have at hand, I, personnally, would flush and start clean.

 

I do not recommend a format and re-installation often, but if it were me, I'd be downloading updates for my new installation by now.

 

JMHO

:)Y

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...