Tom's Guide | Tom's Hardware | Tom's Games
 |
 |
 |
I recieved an email that came from my sister it was a screensaver in the form of a love heart so i downloaded it and nothing happened i then later found out she did not send any mail to me and that it had sent itself to all the people on my address book. The screensaver did not work but had put i whole bunch of files in the screen saver list, i later deleted them. Two days later the the computer shutdown by itself and when i turned it on all my files in the MY DOCUMENTS folder were deleted. I searched for the files and found them then put them back in the MY DOCUMENTS folder but they were erased immediatly again but the comp did not shut down. Also since i downloaded that screensaver/virus when i turn my computer on it shows the NVIDIA start up wizard all the time even when i set it up. It is the third day now and my antivirus (AVG 6) has picked up the I-worm/YAHA.M but it dosnt clear it. The virus has gotten so bad that i cant open my Antivirus or when i download a antivirus it wont open it always comes up with a message I-Worm/YAHA.M infected run AVG windows check but i cant run anything i cant even get into the control panel or work MSN Messenger....PLEASE HELP IT WILLBE MUCH APPRICIATED.. THANKYOU
0 
another yaha removal tool is available at;
ftp://ftp.resnet.eku.edu/pub/utils/removal/FixYaha.com
0
norman av says their sircam fix will take care of it also,
but to run it from safemode
http://www.norman.no/public/SirCamFix.com
0
further info from norman, on using the sircam fix for yaha;
Norman has a fix for clearing up this problem as well as scanning and deleting infected files. This
fix is identical to the one that has been used for an infection with the malicious program Sircam.
The fix is downloadable from here: Download SircamFix.
Extract the two files in the archive by double clicking the downloaded file. The two files must be
extracted to the same directory. Then run the extracted SirCamFix.com file.
In Windows 9x/2000/XP you should boot in 'Safe Mode' before running the extracted file. In
Windows NT you might have to start the extracted file immediately after rebooting.
0
Hate to say it but, I doubt any of these removal tools will work..They are all for Yaha.E & Yaha.F.
First go here and copy the removal instructions:
http://www.sarc.com/avcenter/venc/data/w32.yaha.k@mm.html
Then go here and download and run the .exe file association fix.
http://www.dougknox.com/xp/file_assoc.htmAfter running the .exe fix, boot into safe mode and run AVG. If it hasn't been damaged by Yaha, it should be able to delete the infected files. If AVG can't remove them, follow the manual removal instructions.
** Even if AVG is able to delete the files, you will still have to follow the removal instructions for removing the registry run entries.
0
Hello Thraso,
I am really surprised by this forum....
Subject has been deliberate many times here in differents posts, but before posting one nobody takes a times to watch them... and of course the same conversation came and came again without a dead end.....
The betrayal of the Trojan's are so much important now that some of theses boals---s are created to destroy important data in your computer as well as to corrupt the mosts known anti-virus in order to prevent you to destroy the virus which is composed of two parts: the "spread" using all your email addresses and the "worm" which is the most important part of the virus itself to weak your computer to the hacker which is able now to overrun into your system, watching the same screen than you and act as he wants into it, probably what's happen with all the files in your "My Documents" folder.
Even if you was able to use your classic anti-virus, it's almost impossible to detect the most often time where the "worm" is installed, because some of the trojan's uses now a random procedure to make inacessible the detection of the worm.
THAT'S WHY I RECOMMEND SINCE MONTHS in that forum to use a program called "TROJAN REMOVER" created by the english programmer Nigel, program dedicated especially to the Trojan's hunting, program created to eradicate around 6269 authentic trojan's signatures whatever if tyhe worm is hidden wit a random procedure or not....
THIS IS A FREWARE for one month, then a shareware if you wants to update permanently the program with the mosts recents trojan's signatures.
Particularity of this program, it's not only destroy the Trojan, but also restore all importants files of a computer corrupted or damaged in order to give you back the hand or your machine as it was before the attack...
You wants a performant program ? to keep your computer alive ? you have one here easy to download at: http://www.simplysup.com/tremover/details.html
Try it, and give the information around you...
To fight a trojan virus, you need a trojan program specialised.
And let stop to find links here in that forum to make believe when you are corrupted, that a program from the web will erase all virus encountered THIS IS WRONG !!!
0
http://www.onlinepcfix.com/virushelp/antivirus.htm
Go here and scroll down to Yaha remover. This should help you. Good Luck :-)Cat
0
Nope I am not doing any commercial advertissement, I am a user since years of internet, and I just noticed some excellent programs I bought myself as sharewares...
and I am suprised to see how performant can be programs sold 25 $ in internet... that's the price of Trojan Remover.....
0
Imp, this sounds like the virus I had/have.
Xena-post above - I got on the net, then used WinTV, came home rebooted and the message appeared "black screen of death" with your C:/drive (even told me the size in computer language) and drive 3: CDROM have been updated -ASUKNOW THIS IS NOT NORMAL.It kept erasing things every time I rebooted, even the CD writer, the peripherals would not reinstall by add/remove hardware or any other means. With much difficulty and technical issues after a couple of nagging hours, I restored my computer from clean back up, I had did a Panda scan as well with a "corrupted windows update" hiding in my d drive masquerading as a windows update file per Panda scan. And a separate config.sys file with 0 bytes which I think they were writing to, looked in reg, load, etc., did necessary and got it to a point where I could put a back up on it.
Will your trojan remover remove anything, any remnant of it as I think I have removed it, and my backup was by bootable CDROM so I think it is clean!!!!!!!!
I have done research for months on how access is made and still can not understand and find it aggravating and intriguing on how and why the break ins are done. I use one of the most popular antivirus agents, Norton and Zone Alarm firewall, I used to get angry but got tech savy and learned more, and shrugged them off and did the necessary and went on, but this one has been a pain u know where!!!!!!!!!!!
Any suggestions on what I have if it is Yaha and what to do about points of entry, I think they made point of entry on the null session from the unhung up dial up connection with WinTV running.
Thanks, any help is appreciated.
0
Don't go trying to remove the virus manually.. you will do more damage than good! Get the YahaRemover. It is the best. All others (including McAfee and Symantec tools)did not work for me since the virus had disabled exe file execution on my computer. YahaRemover works brilliantly!
http://www.onlinepcfix.com/virushelp/antivirus.htm
Max
0  |
 Odd traffic on ports 53 a...
|
The Virus Betrayal
|
This post is quite old and has been locked from receiving new replies. Please create a new posting instead.
| Ads by Google |
