|
-
Apr 29th, 2001, 07:54 AM
#1
Thread Starter
New Member
It's a worm called Kak. I've had it before, it managed to infect the entire network. Now we have precautions!! (i.e. firewall/A-V). It attaches itself to e-mails, so anyone you have sent a mail to could be a potential victim. It also randomly appears to dissallow loading of windows on certain days. It pops up saying "Not today" or something like that then shuts down.
It's not particularly dangerous, just a pain in the arse. Get a A-V to clear it out. Make sure also to remove the signature section from Outlook.
-
Apr 29th, 2001, 08:25 AM
#2
I've had it too. I cleaned mine manually though. It's even nice enough to create a backup of the files it uses!
I got this off the net when I got it.
F-Secure Anti-Virus detects the worm. When the worm has been detected, the user should delete the following files, if they exist:
C:\Windows\kak.htm
C:\Windows\System\(filename).hta
where (filename) is a variable, and it changes from one system
to another
C:\Windows\Start Menu\Programs\Startup\kak.hta
[French only] C:\Windows\Menu Demarrer\Programmes\Demarrage\kak.hta
The "autoexec.bat" file can be restored by renaming "C:\AE.KAK" to "C:\autoexec.bat".
Kak uses a known security hole in Microsoft Outlook Express to create the local HTA file.
Mine was an unusual case, because I got infected twice, that complicated things a bit. But I'm clean now.
HTH
-
Apr 29th, 2001, 12:17 PM
#3
Addicted Member
Yip - it's a pain in the whatever the Kak virus... grrr to it.
-
Apr 29th, 2001, 02:18 PM
#4
Frenzied Member
I'm running McAfee VSheild 4.0.3 with definitions downloaded from McAfee website 2 days ago, how come this hasn't picked it up?
-
Apr 29th, 2001, 02:23 PM
#5
PowerPoster
hmm, odd. I'm using VShield with definitions I downloaded ages ago, and it picked it up ages ago with the original virus dat files from over 1 year ago!
-
Apr 29th, 2001, 02:24 PM
#6
Because McAffee sucks monkey balls!
I got a program from a public FTP(which I never ran, thank God), which had a virus in it... I had the latest McAffee defs and it didn't say anything about it.... a friend with norton(which I am upgrading too as soon as I can afford the 2001 upgrade) got the file from me and it immediatly alerted him.... 
never trust McAffee...
But your case is wierd, because when I had kak.hta, McAffee with defs from february 2000 recognized it.
-
Apr 29th, 2001, 02:26 PM
#7
PowerPoster
ah, I've got Norton firewall and together they do a good job.
-
Apr 29th, 2001, 10:08 PM
#8
Addicted Member
-
Apr 30th, 2001, 07:14 AM
#9
transcendental analytic
Use  
writing software in C++ is like driving rivets into steel beam with a toothpick.
writing haskell makes your life easier:
reverse (p (6*9)) where p x|x==0=""|True=chr (48+z): p y where (y,z)=divMod x 13
To throw away OOP for low level languages is myopia, to keep OOP is hyperopia. To throw away OOP for a high level language is insight.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|
Reply With Quote