URGENT please help with worm

W32.Yaha.K@mm

is the name of the bastard. Only symantec seems to have an update, but the trial version of norton won't start. Yes... the worm tries to disable virusscanners and firewalls.

It comes as an attachment, in my case: true_love.scr.

It can do damage, does anyone know how I can remove this?

http://www.symantec.com/avcenter/venc/data/w32.yaha.k@mm.html

has information on it, but I'm not a tech head.

Help would be GREATLY apreciated!

 

Log in or Sign up to hide all adverts.

Try here:

http://www.sophos.com/virusinfo/analyses/w32yahak.html

They also have instructions at the bottom for removing worms, if you're actually infected.

I highly recommend their AV software...we get a lot of e-mail attachments, and Sophos has nailed all the virus ones thus far.

 

Log in or Sign up to hide all adverts.

try www.kaspersky.com
the best anti virus out there
they have a free 30 day trial
and daily free updates
Norton AntiVirus is the biggest crap in the market
can trust me- I've tested it myself along with others

you can also get a free one from www.girsoft.com AVG - it's quite good

I've heard that Dr Web is not so bad also

 

Log in or Sign up to hide all adverts.

Go Here Now!

http://housecall.antivirus.com/housecall/start_corp.asp

 

lol...
"true_love.scr". That's the exact attachment I got from some junk mail... I can't believe you actually downloaded it.

Here's some future advice: NEVER download any attachments from sources you do not recognize; especialy from addresses such as kl@aminoprojects.com (I mean, doesn't that address sound stupid?)

Anyway, I hope you get that worm outa there.

 

The worm is gone. Combination of registry editing and housecall.

Never co install norton and norman. They'll scan each other in an eternal loop and halt your system.

thanks for all the help. I'll bake a cake and eat it in your honour.

 

Alright, that's it, from now on my brother is not allowed to download anything on this computer again. He downloaded some stupid thing called love.scr on MSN and now we have the worm too

Please Register or Log in to view the hidden image!

. Good thing you posted this or I wouldn't have caught it.

 

A4Ever

It wouldn't cause an internal loop for ever, it's a tactic for "Buffer Overflows". Using a loop to create too much data for the intended allocated space, forcing data out of it's region into other data ranges.

This can cause the potential of an exploit, there would be a programmatic method to work out if an errorcode is called, and if so which one. (an errorcode my halt the process, namely causing the process to DoS with data)
If there is no defined errorcode then there could be coding for manipulating data to other ranges, like opening a port in a firewall program.

(Just a note, the new forms of virus will eventually check a server for an update to the code it needs to execute, making them extremely devious but they will be tracible to the server that the code is being "updated" from.)