Hello, has anyone been infected by this - W32.Sinnaka ?
If so how can I get rid of it ?
When I start Avast it tells me my memory is infected and proposes to do a scan at startup. This however fails to get rid of the problem.
Can anyone help ? Is there a removal tool for this one ?
Thxs,
:o
Hello pweester,
Follow the instructions here: http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_WURMARK.S&VSect=Sn
Success wit getting rid of this worm,
greets,
polonus
The antiSPYWARE Experts in the “PC Protection” forum on
the forums at www.freedomlist.com are helping MANY
who have this on their machines get rid of it, so they are
well experienced with “Sinnaka”; they also look to see if
you have anything else that may not be obvious and
guide you in completely removing it .
Right Spiritsongs,
That could mean a sure but also the easy way out for pweester.
And who would I be to advise against it. On the other hand, if you follow the instruction like where I gave the link for, that is all not that complicated. In cleaning it out yourself, you get the feeling for it better, know what it is all about and confidence. Much more gained in the aftermath of clearing the infection…
polonus
Like many things exercising safe hex and not opening attachments in unknown emails, etc. would appear to be a good defense against this and many other viruses.
Like other WURMARK variants, this memory-resident worm arrives on a system via email messages. It propagates by sending email messages with a zipped copy of itself as an attachment.
A question, if I may. That problem we are conversing about in the other thread, DavidR, was caused by an email, or two, that appears to have had an attachment, but I didn’t open it. Now the SquirrelMail account from whence it came has a curious feature of there being an attachment with ALL messages. It seems the message body is sent along with the message in plain text and as an attachment. It’s kind of a curious feature of that mail software package. Now, would that cause Outlook to open all attachments from any SquirrelMail account when it imports them. And would that explain my getting hit by a worm from a message I never even read, let alone opened any attachment. I’ve been trying to figure out how that worm got past the avast warning, but what with trying to first get rid of it I haven’t really had much time yet to go into what exactly went wrong when that worm snuck through my/avast’s defenses. I’ve got the screen capture of when the warning were first displayed, so there’s no doubt that avast was on the job, but the worm still snuck through.
It seems that for safe hex one must check the shield from time to time for pinholes, yes?
What you may be seeing with an apparent attachment is MIME (Multi part email) transmission of emails. MIME email has both text and html content so if a recipient doesn’t have html enabled in his email program he will see the text content and someone with html enabled wil see only the html content.
In these cases there is no physical attachment so Outlook would only display the content, either text or html, it wouldn’t/shouldn’t automatically open an attachment.
Hello DavidR and ManyQs,
What you have to look out for as well is an email that comes with
an attachment in the form of just another email. Well you just clicked the email to open it, and then the temptation to open the attached email is there.
This is a reason why a: I have my emails scanned by my provider,
and furthermore I check my emails at that pop-server with mailwasher. All that I decide could land into my in-mail, are then again checked by Avast, and through AVX script wall. In Mailwasher I check all the mail on the providers pop server against 5 main spamlists, so I got a good hunch as what to throw out right away, my comp does not even touch it.
greets,
polonus
Why isn’t a boot time scan removing this?
Is this entry enough to defeat a boot time scan?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run lsess = "%System%\lsess.exe"
Polonus, what makes me think is why MailWasher stoped development at version 5 and does not go further?
A lot of similar and freeware applications take the market and keep improving their detection methods :-[
I don’t think MailWasher has stopped development, what makes you think that?
After all it doesn’t need signature updates, it uses origins of spam which the user can add to, the user can also add to the knowledge base by marking spam not detected. Bayesian detection also doesn’t have to be updated in the same way as virus signatures.
MailWasher Pro Version 5 was released in May this year.
For me Mailwasher Pro has a near 100% detection record (not bad for a 6 month old program), the ones that tend to get past the origins of spam (which catch most of may spam) probably come from compromised systems that have become spambots.
I look forward to the next release like you, but for the most part these type of programs are usually adding bells and whistles rather than function, just to keep saying something is new and more marketable.
So even with a 6 month old version I’m perfectly happy with its detection.
Other spam applications do not use either…
And? What about plugins, GUI improvements, settings and features… 6 months for a software nowadays could be an eternity ;D
It’s a very good program. It was not my intention took from it the credits 8)