Click to See Complete Forum and Search --> : kak.hta
<! --
Apr 29th, 2001, 07:54 AM
It's a worm called Kak. I've had it before, it managed to infect the entire network. Now we have precautions!! (i.e. firewall/A-V). It attaches itself to e-mails, so anyone you have sent a mail to could be a potential victim. It also randomly appears to dissallow loading of windows on certain days. It pops up saying "Not today" or something like that then shuts down.
It's not particularly dangerous, just a pain in the arse. Get a A-V to clear it out. Make sure also to remove the signature section from Outlook.
ricmitch_uk
Apr 29th, 2001, 08:25 AM
I've had it too. I cleaned mine manually though. It's even nice enough to create a backup of the files it uses!
I got this off the net when I got it.
F-Secure Anti-Virus detects the worm. When the worm has been detected, the user should delete the following files, if they exist:
C:\Windows\kak.htm
C:\Windows\System\(filename).hta
where (filename) is a variable, and it changes from one system
to another
C:\Windows\Start Menu\Programs\Startup\kak.hta
[French only] C:\Windows\Menu Demarrer\Programmes\Demarrage\kak.hta
The "autoexec.bat" file can be restored by renaming "C:\AE.KAK" to "C:\autoexec.bat".
Kak uses a known security hole in Microsoft Outlook Express to create the local HTA file.
Mine was an unusual case, because I got infected twice, that complicated things a bit. But I'm clean now.
HTH
Xenonic_Rob
Apr 29th, 2001, 12:17 PM
Yip - it's a pain in the whatever the Kak virus... grrr to it.
Mark Sreeves
Apr 29th, 2001, 02:18 PM
I'm running McAfee VSheild 4.0.3 with definitions downloaded from McAfee website 2 days ago, how come this hasn't picked it up?
chrisjk
Apr 29th, 2001, 02:23 PM
hmm, odd. I'm using VShield with definitions I downloaded ages ago, and it picked it up ages ago with the original virus dat files from over 1 year ago!
denniswrenn
Apr 29th, 2001, 02:24 PM
Because McAffee sucks monkey balls!
I got a program from a public FTP(which I never ran, thank God), which had a virus in it... I had the latest McAffee defs and it didn't say anything about it.... a friend with norton(which I am upgrading too as soon as I can afford the 2001 upgrade) got the file from me and it immediatly alerted him.... :mad:
never trust McAffee...
But your case is wierd, because when I had kak.hta, McAffee with defs from february 2000 recognized it.
chrisjk
Apr 29th, 2001, 02:26 PM
ah, I've got Norton firewall and together they do a good job.
Active
Apr 29th, 2001, 10:08 PM
HTA - Html Application
kedaman
Apr 30th, 2001, 07:14 AM
29
vbforums.com
Copyright Internet.com Inc., All Rights Reserved.