Unlike most recent malware which seeks to obtain the use of infected machines for eMail spamming, DoS attacking, etc., the "Kama Sutra" worm is deliberately destructive to the machines it infects.

 The file-destroying payload of the "Kama Sutra" worm activates 30 minutes after an infected Windows machine is started on the 3rd of the month.

 Since this worm was first discovered on January 20th, 2006, the first "3rd of the month" will be Friday, February 3rd, 2006.

 When activated, "Kama Sutra" overwrites the data contained within all files of types DOC, XLS, PPT, ZIP, RAR, PDF, MDB. In other words, a lot of potentially valuable user data.

 It locates files on any available Windows drives having drive letters (including removable USB drives). Reports are mixed as to whether network-mapped drives will also be scanned and damaged.

 Since "Kama Sutra" overwrites file content instead of deleting the files, automatic backups might overwrite previously saved valid copies with newly destroyed content.

 Anti-Virus signatures have been updated for several weeks, so the threat to security-conscious users is probably low. However upwards of 300,000 machines had been infected at one time, and many machines, predominately located in India, Turkey, and Peru remain infected.

 Symantec has made a simple-to-use file scanner and disinfector freely available. It may be downloaded without any "registration" or eMail hassle:

 http://securityresponse.symantec.com/avcenter/FixBmalE.exe

 Symantec's page discussing the use of this tool.