I didn't pay this virus much attention, assuming that my Norton would catch anything that was spreading, but, sure enough, earlier today my laptop went haywire - the tray filled up with file after file that I hadn't opened and parts of the the screen started blinking on and off like a Christmas (sorry, Holiday) tree. Tried to log off - it wouldn't let me. I finally managed to turn it off, then turned it back on and found that Norton had, indeed, found a "problem," which it proceeded to fix. Then I ran a total system scan, and nothing else was found.

I feel like I dodged a bullet, but am afraid of what I may now be "carrying."

Any advice? Or are you afraid to talk to me?

And I'd better not hear any cracks on where I might have picked this bug up!




Experts: 'Hype' May Have Mitigated Worm


By ANICK JESDANUN AP Internet Writer
© 2006 The Associated Press

— Companies and individuals heeded this week's warning _ some may call it "hype" _ about a file-destroying computer worm known as "Kama Sutra," helping minimize its damage Friday, security experts said.

One Italian city shut down its computers as a precaution, but otherwise the worm's trigger date arrived with relatively few reports of problems.

For days, experts warned that the worm could corrupt documents using the most common file types, including ".doc," ".pdf," and ".zip." It affects most versions of Microsoft Corp.'s Windows operating system, prompting the software giant to issue a warning Tuesday.

Hundreds of thousands of computers were believed to be infected, but security vendors say many companies and individuals had time to clean up their machines following the alarm, carried by scores of media outlets including The Associated Press.

For Milan, Italy, though, the discovery came too late. Technicians switched off 10,000 city government computers after discovering the infection Thursday and deciding they didn't have enough time to clean the machines.

"It has spread to all our computers," said Giancarlo Martella, Milan's councilman for technological innovation and public services. "Knowing how destructive it is, we turned off all personal computers to avoid losing our data."

Only the municipality's registry office had been kept open because its "passive terminals" don't store data, Martella said, adding he hoped the computers would return to normal by Monday.

Unlike other worms generally designed to help spammers and hackers carry out attacks, Kama Sutra sets out to destroy documents by overwriting data.

The worm _ called "CME-24" but nicknamed after the Hindu love manual Kama Sutra because of the pornographic come-ons in e-mails spreading it _ also tries to disable anti-virus software, but vendors have generally posted updates that should protect users.

Assuming the computer's calendar settings are correct, users can also avoid the worm by leaving their machines off until Saturday, although the worm is set to trigger again on March 3.

Security vendors Trend Micro Inc. and CA Inc. both assessed the overall risk and distribution as low. The worm wasn't designed to spread any more quickly Friday. Rather, Friday was the first trigger date for the file-destroying code.

Ajit Pillai, India's manager for U.S. security firm Watchguard Technologies Inc., said about 10 percent of his customers in the country had the worm, but they "followed the remedies and managed to avoid any problem."

"We didn't have to do any firefighting today," Pillai said.

So was the public bamboozled by the warning?

Hardly, experts say.

"The importance of media attention from an awareness and educational standpoint has been a very good thing," said Marc Solomon, director of product management at security vendor management McAfee Inc. "It alerts users to what may have happened and the destruction that could have occurred."

Call it hype if you wish, but "the hype was probably what prevented the disaster from happening," said David A. Milman, chief executive of the Syracuse, N.Y.-based Rescuecom.

He said his U.S. computer-repair chain initially saw a 20 percent increase in call volume, but mostly from customers seeking reassurance.

Security experts benefited from advance warning. The worm has been circulating for weeks but is set to destroy files only on the third day of each month. That gave vendors time to update their products and warn customers.

It's possible virus writers next time will have the file destruction start immediately, but that could also blunt a worm's ability to spread, said Ken Dunham, director of the rapid response team for VeriSign Inc.'s iDefense.

If files get wiped out right away, "you would notice that immediately, and people would start mitigating it," Dunham said. "If you let it build up, there's a much (greater) chance of spreading."

___

So tempting . . . but in the interest of comity, I'll let it pass.

Might not be KS though. I heard it didn't execute today. I had something like you are describing happen and it wasn't a virus but spyware, grayware, or malware.

Thanks, RB. I'll go back and run ad-aware. I meant to do that, in any case.

Try also using, if you do not have an anti-virus

http://security.symantec.com/

Then do a Virus Detection. What is nice, is that it would not be the definition file you have in your compy which might have been compromised. This allows you to find those files and delete them one by one. Although it is best to search for clean copies of those files on-line.

Thanks to you both. Ad-aware found 41 critical items, now deleted.

I guess it could have been a wild coincidence, this happening on the Big Day.

Looks like I may not be out of the woods, yet.

http://www.informationweek.com/news/showAr...900&subSection=

"The vast majority of the machines infected by Nyxem are home computers," said Mikko Hypponen, chief research officer of F-Secure, in an entry on the Helsinki firm's blog. "Nothing will happen until people get home from work and boot up their machines. Half an hour later the damage starts. The user won't realize what's going on until an hour or two later, when it's already late Friday night."

David Emm, a senior technology consultant with security vendor Kaspersky Labs, agreed.

"Enterprises are much better at gearing up for something like this," said Emm. "But small business and home users often don't have up-to-date anti-virus software. It may take some time to know what damage was caused."

I thought Karma Suit ya was a Boy George tune.