YAHA Virus 
Author Message
 YAHA Virus

I received an email from a friend that has infected my XP
pc with the YAHA virus.

I tried to do a restore from a previous recovery point and
rebooted my PC. Now it won't boot at all!

I can get Linux to start. However, when booting into XP
even in "safe" mode. It gets as far as loading all the
drivers (last one being Mup.sys) and then hangs. Doesn't
go any further than that!

I've tried everything that I can think of to get Windows
to boot so that I can run the virus removal tool supplied
by Sophos.

Can anyone help out on this?

Cheers,
Kev.



Fri, 24 Jun 2005 16:47:25 GMT  
 YAHA Virus
The only way I can get into the file level is to boot
to "Repair" mode from the XP cd. Then I can navigate about
but have very limited commands that can be run.

I have a backup on CD and might be able to copy the
necessary directories back to the C: drive. However, I'm
going to try exhausting everything else before attempting
that.

Thanks for the reply, and if there are any other ideas,
please keep them coming.

Cheers,
Kev.

Quote:
>-----Original Message-----
>Have you tried the manual registry repair instructions

such as the onese in
Quote:
>the virus database at www.sarc.com?  [e.g. look up Yaha]  
Necessary to do
>this first before executables will work again.   Might be
tricky with
>Windows not starting up, but give it a try.

>Also, www.grisoft.com is free antivirus and

www.sygate.com and others are
Quote:
>free firewalls.  Either one of them would probably have
protected you from
>this.



>> I received an email from a friend that has infected my
XP
>> pc with the YAHA virus.

>> I tried to do a restore from a previous recovery point
and
>> rebooted my PC. Now it won't boot at all!

>> I can get Linux to start. However, when booting into XP
>> even in "safe" mode. It gets as far as loading all the
>> drivers (last one being Mup.sys) and then hangs. Doesn't
>> go any further than that!

>> I've tried everything that I can think of to get Windows
>> to boot so that I can run the virus removal tool
supplied
>> by Sophos.

>> Can anyone help out on this?

>> Cheers,
>> Kev.

>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.435 / Virus Database: 244 - Release Date:
12/30/2002

>.



Fri, 24 Jun 2005 21:40:22 GMT  
 YAHA Virus
Have you tried the manual registry repair instructions such as the onese in
the virus database at www.sarc.com?  [e.g. look up Yaha]  Necessary to do
this first before executables will work again.   Might be tricky with
Windows not starting up, but give it a try.

Also, www.grisoft.com is free antivirus and www.sygate.com and others are
free firewalls.  Either one of them would probably have protected you from
this.


Quote:
> I received an email from a friend that has infected my XP
> pc with the YAHA virus.

> I tried to do a restore from a previous recovery point and
> rebooted my PC. Now it won't boot at all!

> I can get Linux to start. However, when booting into XP
> even in "safe" mode. It gets as far as loading all the
> drivers (last one being Mup.sys) and then hangs. Doesn't
> go any further than that!

> I've tried everything that I can think of to get Windows
> to boot so that I can run the virus removal tool supplied
> by Sophos.

> Can anyone help out on this?

> Cheers,
> Kev.

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.435 / Virus Database: 244 - Release Date: 12/30/2002


Fri, 24 Jun 2005 21:39:27 GMT  
 YAHA Virus
Dear Kev.
I wish I could help you.  This stay home mom left the
computer on to send photos to the grandparents and
contamination jumped in.  
Quote:
>-----Original Message-----
>I received an email from a friend that has infected my XP
>pc with the YAHA virus.

>I tried to do a restore from a previous recovery point
and
>rebooted my PC. Now it won't boot at all!

>I can get Linux to start. However, when booting into XP
>even in "safe" mode. It gets as far as loading all the
>drivers (last one being Mup.sys) and then hangs. Doesn't
>go any further than that!

>I've tried everything that I can think of to get Windows
>to boot so that I can run the virus removal tool supplied
>by Sophos.

>Can anyone help out on this?

>Cheers,
>Kev.
>.



Sat, 25 Jun 2005 00:20:36 GMT  
 YAHA Virus
It's a real pain in the proverbial!

I thought I had all the angles covered, firewall, virus
scanner but it still got through! I think I may just cut
my losses and reformat!

K.

Quote:
>-----Original Message-----
>Dear Kev.
>I wish I could help you.  This stay home mom left the
>computer on to send photos to the grandparents and
>contamination jumped in.  
>>-----Original Message-----
>>I received an email from a friend that has infected my
XP
>>pc with the YAHA virus.

>>I tried to do a restore from a previous recovery point
>and
>>rebooted my PC. Now it won't boot at all!

>>I can get Linux to start. However, when booting into XP
>>even in "safe" mode. It gets as far as loading all the
>>drivers (last one being Mup.sys) and then hangs. Doesn't
>>go any further than that!

>>I've tried everything that I can think of to get Windows
>>to boot so that I can run the virus removal tool
supplied
>>by Sophos.

>>Can anyone help out on this?

>>Cheers,
>>Kev.
>>.

>.



Sat, 25 Jun 2005 00:45:56 GMT  
 YAHA Virus
Problem with AV's is you have to keep them updated and active as well as using good
common sense


: It's a real pain in the proverbial!
:
: I thought I had all the angles covered, firewall, virus
: scanner but it still got through! I think I may just cut
: my losses and reformat!
:
: K.

Quote:
: >-----Original Message-----
: >Dear Kev.
: >I wish I could help you.  This stay home mom left the
: >computer on to send photos to the grandparents and
: >contamination jumped in.
: >>-----Original Message-----
: >>I received an email from a friend that has infected my
: XP
: >>pc with the YAHA virus.
: >>
: >>I tried to do a restore from a previous recovery point
: >and
: >>rebooted my PC. Now it won't boot at all!
: >>
: >>I can get Linux to start. However, when booting into XP
: >>even in "safe" mode. It gets as far as loading all the
: >>drivers (last one being Mup.sys) and then hangs. Doesn't
: >>go any further than that!
: >>
: >>I've tried everything that I can think of to get Windows
: >>to boot so that I can run the virus removal tool
: supplied
: >>by Sophos.
: >>
: >>Can anyone help out on this?
: >>
: >>Cheers,
: >>Kev.
: >>.
: >>
: >.
: >



Sat, 25 Jun 2005 03:24:21 GMT  
 YAHA Virus

I agree.  Norton and AVG from www.grisoft.com can both be configured to
download updates automatically.  This is best, although if you don't have an
always-on internet connection like cable or DSL, you might need to confirm
that you're getting the updates.


Quote:
> Problem with AV's is you have to keep them updated and active as well as
using good
> common sense



> : It's a real pain in the proverbial!
> :
> : I thought I had all the angles covered, firewall, virus
> : scanner but it still got through! I think I may just cut
> : my losses and reformat!
> :
> : K.
> : >-----Original Message-----
> : >Dear Kev.
> : >I wish I could help you.  This stay home mom left the
> : >computer on to send photos to the grandparents and
> : >contamination jumped in.
> : >>-----Original Message-----
> : >>I received an email from a friend that has infected my
> : XP
> : >>pc with the YAHA virus.
> : >>
> : >>I tried to do a restore from a previous recovery point
> : >and
> : >>rebooted my PC. Now it won't boot at all!
> : >>
> : >>I can get Linux to start. However, when booting into XP
> : >>even in "safe" mode. It gets as far as loading all the
> : >>drivers (last one being Mup.sys) and then hangs. Doesn't
> : >>go any further than that!
> : >>
> : >>I've tried everything that I can think of to get Windows
> : >>to boot so that I can run the virus removal tool
> : supplied
> : >>by Sophos.
> : >>
> : >>Can anyone help out on this?
> : >>
> : >>Cheers,
> : >>Kev.
> : >>.
> : >>
> : >.
> : >

---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.435 / Virus Database: 244 - Release Date: 12/30/2002


Sat, 25 Jun 2005 10:17:10 GMT  
 YAHA Virus
Unfortunately my AV was upto date with the latest info and
it's always switched on, as is my ADSL connection. Somehow
it got through both the firewall and the AV! I think a new
AV package is in order!

K.

Quote:
>-----Original Message-----
>I agree.  Norton and AVG from www.grisoft.com can both be
configured to
>download updates automatically.  This is best, although

if you don't have an
Quote:
>always-on internet connection like cable or DSL, you

might need to confirm
Quote:
>that you're getting the updates.



>> Problem with AV's is you have to keep them updated and
active as well as
>using good
>> common sense



>> : It's a real pain in the proverbial!
>> :
>> : I thought I had all the angles covered, firewall,
virus
>> : scanner but it still got through! I think I may just
cut
>> : my losses and reformat!
>> :
>> : K.
>> : >-----Original Message-----
>> : >Dear Kev.
>> : >I wish I could help you.  This stay home mom left the
>> : >computer on to send photos to the grandparents and
>> : >contamination jumped in.
>> : >>-----Original Message-----
>> : >>I received an email from a friend that has infected
my
>> : XP
>> : >>pc with the YAHA virus.
>> : >>
>> : >>I tried to do a restore from a previous recovery
point
>> : >and
>> : >>rebooted my PC. Now it won't boot at all!
>> : >>
>> : >>I can get Linux to start. However, when booting
into XP
>> : >>even in "safe" mode. It gets as far as loading all
the
>> : >>drivers (last one being Mup.sys) and then hangs.
Doesn't
>> : >>go any further than that!
>> : >>
>> : >>I've tried everything that I can think of to get
Windows
>> : >>to boot so that I can run the virus removal tool
>> : supplied
>> : >>by Sophos.
>> : >>
>> : >>Can anyone help out on this?
>> : >>
>> : >>Cheers,
>> : >>Kev.
>> : >>.
>> : >>
>> : >.
>> : >

>---
>Outgoing mail is certified Virus Free.
>Checked by AVG anti-virus system (http://www.grisoft.com).
>Version: 6.0.435 / Virus Database: 244 - Release Date:
12/30/2002

>.



Sat, 25 Jun 2005 16:04:38 GMT  
 YAHA Virus
It was updated, it was active and the email was a friend,
how much more common sense do you need?

K.

Quote:
>-----Original Message-----
>Problem with AV's is you have to keep them updated and

active as well as using good
Quote:
>common sense



>: It's a real pain in the proverbial!
>:
>: I thought I had all the angles covered, firewall, virus
>: scanner but it still got through! I think I may just cut
>: my losses and reformat!
>:
>: K.
>: >-----Original Message-----
>: >Dear Kev.
>: >I wish I could help you.  This stay home mom left the
>: >computer on to send photos to the grandparents and
>: >contamination jumped in.
>: >>-----Original Message-----
>: >>I received an email from a friend that has infected my
>: XP
>: >>pc with the YAHA virus.
>: >>
>: >>I tried to do a restore from a previous recovery point
>: >and
>: >>rebooted my PC. Now it won't boot at all!
>: >>
>: >>I can get Linux to start. However, when booting into
XP
>: >>even in "safe" mode. It gets as far as loading all the
>: >>drivers (last one being Mup.sys) and then hangs.
Doesn't
>: >>go any further than that!
>: >>
>: >>I've tried everything that I can think of to get
Windows
>: >>to boot so that I can run the virus removal tool
>: supplied
>: >>by Sophos.
>: >>
>: >>Can anyone help out on this?
>: >>
>: >>Cheers,
>: >>Kev.
>: >>.
>: >>
>: >.
>: >

>.



Sat, 25 Jun 2005 16:06:18 GMT  
 YAHA Virus
Have you said what your AV is?  McAfee?  Unfortunately emails from friends -- or ones
that look like they are from friends are the ones that normally catch people unaware.
Common sense -- no preview pane, if it has an attachement, scan prior to opening or use
an AV that is a real time AV like E-Trust


: It was updated, it was active and the email was a friend,
: how much more common sense do you need?
:
: K.

Quote:
: >-----Original Message-----
: >Problem with AV's is you have to keep them updated and
: active as well as using good
: >common sense
: >
: >
: >


: >: It's a real pain in the proverbial!
: >:
: >: I thought I had all the angles covered, firewall, virus
: >: scanner but it still got through! I think I may just cut
: >: my losses and reformat!
: >:
: >: K.
: >: >-----Original Message-----
: >: >Dear Kev.
: >: >I wish I could help you.  This stay home mom left the
: >: >computer on to send photos to the grandparents and
: >: >contamination jumped in.
: >: >>-----Original Message-----
: >: >>I received an email from a friend that has infected my
: >: XP
: >: >>pc with the YAHA virus.
: >: >>
: >: >>I tried to do a restore from a previous recovery point
: >: >and
: >: >>rebooted my PC. Now it won't boot at all!
: >: >>
: >: >>I can get Linux to start. However, when booting into
: XP
: >: >>even in "safe" mode. It gets as far as loading all the
: >: >>drivers (last one being Mup.sys) and then hangs.
: Doesn't
: >: >>go any further than that!
: >: >>
: >: >>I've tried everything that I can think of to get
: Windows
: >: >>to boot so that I can run the virus removal tool
: >: supplied
: >: >>by Sophos.
: >: >>
: >: >>Can anyone help out on this?
: >: >>
: >: >>Cheers,
: >: >>Kev.
: >: >>.
: >: >>
: >: >.
: >: >
: >
: >.
: >



Sat, 25 Jun 2005 21:50:39 GMT  
 YAHA Virus

My AV is McAfee, which has the upto date virus DAT files.
The email came through my Hotmail account, so no preview
pane. My friend is always sending daft emails, pics etc,
so when I got this one, it was no different from all the
rest. Hotmail scanned the message and found no virus. So
Hotmail may be to blame here.

Quote:
>-----Original Message-----
>Have you said what your AV is?  McAfee?  Unfortunately

emails from friends -- or ones
Quote:
>that look like they are from friends are the ones that

normally catch people unaware.
Quote:
>Common sense -- no preview pane, if it has an

attachement, scan prior to opening or use
Quote:
>an AV that is a real time AV like E-Trust



>: It was updated, it was active and the email was a
friend,
>: how much more common sense do you need?
>:
>: K.
>: >-----Original Message-----
>: >Problem with AV's is you have to keep them updated and
>: active as well as using good
>: >common sense
>: >
>: >
>: >


>: >: It's a real pain in the proverbial!
>: >:
>: >: I thought I had all the angles covered, firewall,
virus
>: >: scanner but it still got through! I think I may just
cut
>: >: my losses and reformat!
>: >:
>: >: K.
>: >: >-----Original Message-----
>: >: >Dear Kev.
>: >: >I wish I could help you.  This stay home mom left
the
>: >: >computer on to send photos to the grandparents and
>: >: >contamination jumped in.
>: >: >>-----Original Message-----
>: >: >>I received an email from a friend that has
infected my
>: >: XP
>: >: >>pc with the YAHA virus.
>: >: >>
>: >: >>I tried to do a restore from a previous recovery
point
>: >: >and
>: >: >>rebooted my PC. Now it won't boot at all!
>: >: >>
>: >: >>I can get Linux to start. However, when booting
into
>: XP
>: >: >>even in "safe" mode. It gets as far as loading all
the
>: >: >>drivers (last one being Mup.sys) and then hangs.
>: Doesn't
>: >: >>go any further than that!
>: >: >>
>: >: >>I've tried everything that I can think of to get
>: Windows
>: >: >>to boot so that I can run the virus removal tool
>: >: supplied
>: >: >>by Sophos.
>: >: >>
>: >: >>Can anyone help out on this?
>: >: >>
>: >: >>Cheers,
>: >: >>Kev.
>: >: >>.
>: >: >>
>: >: >.
>: >: >
>: >
>: >.
>: >

>.



Sun, 26 Jun 2005 16:16:38 GMT  
 YAHA Virus
RESTORE CD OFF LINE THEN INSTALL FIREWALL BEFORE YOU DO
XP UPDATES YOU GOT HACKED FROM FILE SHARE
Quote:
>-----Original Message-----
>I received an email from a friend that has infected my
XP
>pc with the YAHA virus.

>I tried to do a restore from a previous recovery point
and
>rebooted my PC. Now it won't boot at all!

>I can get Linux to start. However, when booting into XP
>even in "safe" mode. It gets as far as loading all the
>drivers (last one being Mup.sys) and then hangs. Doesn't
>go any further than that!

>I've tried everything that I can think of to get Windows
>to boot so that I can run the virus removal tool
supplied
>by Sophos.

>Can anyone help out on this?

>Cheers,
>Kev.
>.



Sun, 26 Jun 2005 16:27:02 GMT  
 YAHA Virus

I have neowatch installed and that generally stops any
hacking activity, so I don't think it was a hack attack.
Unless of course you know otherwise ;O)

Quote:
>-----Original Message-----
>RESTORE CD OFF LINE THEN INSTALL FIREWALL BEFORE YOU DO
>XP UPDATES YOU GOT HACKED FROM FILE SHARE
>>-----Original Message-----
>>I received an email from a friend that has infected my
>XP
>>pc with the YAHA virus.

>>I tried to do a restore from a previous recovery point
>and
>>rebooted my PC. Now it won't boot at all!

>>I can get Linux to start. However, when booting into XP
>>even in "safe" mode. It gets as far as loading all the
>>drivers (last one being Mup.sys) and then hangs. Doesn't
>>go any further than that!

>>I've tried everything that I can think of to get Windows
>>to boot so that I can run the virus removal tool
>supplied
>>by Sophos.

>>Can anyone help out on this?

>>Cheers,
>>Kev.
>>.

>.



Sun, 26 Jun 2005 16:47:18 GMT  
 YAHA Virus
Haved you tried booting to Safe mode so you can run the removal tool?
(I would seriously look at getting an AV that actually works too -- McAfee is by far
the worst of all the AV's out there)


: My AV is McAfee, which has the upto date virus DAT files.
: The email came through my Hotmail account, so no preview
: pane. My friend is always sending daft emails, pics etc,
: so when I got this one, it was no different from all the
: rest. Hotmail scanned the message and found no virus. So
: Hotmail may be to blame here.
:

Quote:
: >-----Original Message-----
: >Have you said what your AV is?  McAfee?  Unfortunately
: emails from friends -- or ones
: >that look like they are from friends are the ones that
: normally catch people unaware.
: >Common sense -- no preview pane, if it has an
: attachement, scan prior to opening or use
: >an AV that is a real time AV like E-Trust
: >
: >


: >: It was updated, it was active and the email was a
: friend,
: >: how much more common sense do you need?
: >:
: >: K.
: >: >-----Original Message-----
: >: >Problem with AV's is you have to keep them updated and
: >: active as well as using good
: >: >common sense
: >: >
: >: >
: >: >


: >: >: It's a real pain in the proverbial!
: >: >:
: >: >: I thought I had all the angles covered, firewall,
: virus
: >: >: scanner but it still got through! I think I may just
: cut
: >: >: my losses and reformat!
: >: >:
: >: >: K.
: >: >: >-----Original Message-----
: >: >: >Dear Kev.
: >: >: >I wish I could help you.  This stay home mom left
: the
: >: >: >computer on to send photos to the grandparents and
: >: >: >contamination jumped in.
: >: >: >>-----Original Message-----
: >: >: >>I received an email from a friend that has
: infected my
: >: >: XP
: >: >: >>pc with the YAHA virus.
: >: >: >>
: >: >: >>I tried to do a restore from a previous recovery
: point
: >: >: >and
: >: >: >>rebooted my PC. Now it won't boot at all!
: >: >: >>
: >: >: >>I can get Linux to start. However, when booting
: into
: >: XP
: >: >: >>even in "safe" mode. It gets as far as loading all
: the
: >: >: >>drivers (last one being Mup.sys) and then hangs.
: >: Doesn't
: >: >: >>go any further than that!
: >: >: >>
: >: >: >>I've tried everything that I can think of to get
: >: Windows
: >: >: >>to boot so that I can run the virus removal tool
: >: >: supplied
: >: >: >>by Sophos.
: >: >: >>
: >: >: >>Can anyone help out on this?
: >: >: >>
: >: >: >>Cheers,
: >: >: >>Kev.
: >: >: >>.
: >: >: >>
: >: >: >.
: >: >: >
: >: >
: >: >.
: >: >
: >
: >.
: >



Sun, 26 Jun 2005 21:10:50 GMT  
 YAHA Virus
Yip. first thing I tried was booting to safe mode, as my
previous email said I can watch up loading up the drivers,
it gets to the last one and freezes. Nothing shifts it.
I've tried renaming the last driver incase that was the
cause...nothing doing.

If I can't get into safe mode to even run the tool I'm
scuppered. I've found a couple of DOS based tools that may
clear the vir but I haven't had a chance to try these yet.

K.

Quote:
>-----Original Message-----
>Haved you tried booting to Safe mode so you can run the
removal tool?
>(I would seriously look at getting an AV that actually

works too -- McAfee is by far
Quote:
>the worst of all the AV's out there)



>: My AV is McAfee, which has the upto date virus DAT
files.
>: The email came through my Hotmail account, so no preview
>: pane. My friend is always sending daft emails, pics etc,
>: so when I got this one, it was no different from all the
>: rest. Hotmail scanned the message and found no virus. So
>: Hotmail may be to blame here.
>:
>: >-----Original Message-----
>: >Have you said what your AV is?  McAfee?  Unfortunately
>: emails from friends -- or ones
>: >that look like they are from friends are the ones that
>: normally catch people unaware.
>: >Common sense -- no preview pane, if it has an
>: attachement, scan prior to opening or use
>: >an AV that is a real time AV like E-Trust
>: >
>: >


>: >: It was updated, it was active and the email was a
>: friend,
>: >: how much more common sense do you need?
>: >:
>: >: K.
>: >: >-----Original Message-----
>: >: >Problem with AV's is you have to keep them updated
and
>: >: active as well as using good
>: >: >common sense
>: >: >
>: >: >
>: >: >


>: >: >: It's a real pain in the proverbial!
>: >: >:
>: >: >: I thought I had all the angles covered, firewall,
>: virus
>: >: >: scanner but it still got through! I think I may
just
>: cut
>: >: >: my losses and reformat!
>: >: >:
>: >: >: K.
>: >: >: >-----Original Message-----
>: >: >: >Dear Kev.
>: >: >: >I wish I could help you.  This stay home mom left
>: the
>: >: >: >computer on to send photos to the grandparents
and
>: >: >: >contamination jumped in.
>: >: >: >>-----Original Message-----
>: >: >: >>I received an email from a friend that has
>: infected my
>: >: >: XP
>: >: >: >>pc with the YAHA virus.
>: >: >: >>
>: >: >: >>I tried to do a restore from a previous recovery
>: point
>: >: >: >and
>: >: >: >>rebooted my PC. Now it won't boot at all!
>: >: >: >>
>: >: >: >>I can get Linux to start. However, when booting
>: into
>: >: XP
>: >: >: >>even in "safe" mode. It gets as far as loading
all
>: the
>: >: >: >>drivers (last one being Mup.sys) and then hangs.
>: >: Doesn't
>: >: >: >>go any further than that!
>: >: >: >>
>: >: >: >>I've tried everything that I can think of to get
>: >: Windows
>: >: >: >>to boot so that I can run the virus removal tool
>: >: >: supplied
>: >: >: >>by Sophos.
>: >: >: >>
>: >: >: >>Can anyone help out on this?
>: >: >: >>
>: >: >: >>Cheers,
>: >: >: >>Kev.
>: >: >: >>.
>: >: >: >>
>: >: >: >.
>: >: >: >
>: >: >
>: >: >.
>: >: >
>: >
>: >.
>: >

>.



Sun, 26 Jun 2005 21:38:51 GMT  
 
 [ 20 post ]  Go to page: [1] [2]

 Relevant Pages 

1. yaha virus

2. YAHA virus

3. VIRUS VIRUS VIRUS

4. I-Worm/yaha.k

5. YAHA WORM SOLOUTION

6. yaha.k

7. YAHA worm

8. how do i get rid of yaha worm?

9. W32/Yaha.

10. yaha\g

11. got a pretty harmless virus(w32 yaha) but cant get rid of it..help!!!

12. please help!!!..w32 yaha.k virus wont give me access to 'system restore..

 

 
Powered by phpBB® Forum Software