General discussion

Locked

KAK Virus

By ashuj ·
I have 1 NT Server and 25 Workstations which are NT/Win98.Now a days I am facing problem of KAK virus for all my Win98 machines.I am already using KAKClean for virus cleaner.But it is not solving my problem.
Suggest me solution.

This conversation is currently closed to new comments.

12 total posts (Page 1 of 2)   01 | 02   Next
| Thread display: Collapse - | Expand +

All Comments

Collapse -

KAK Virus

by It's Not Easy Being Green In reply to KAK Virus

KAK, besides being a great tool for getting an Enterprise Virus Protection project (hehe) was a real pain to get off the systems. You need to go in and manual remove the registry entries. Check out this page to get the rest of the low down:
http://www.europe.f-secure.com/v-descs/kak.htm

Collapse -

KAK Virus

by ashuj In reply to KAK Virus

The question was auto-closed by TechRepublic

Collapse -

KAK Virus

by grantcom In reply to KAK Virus

Also, do the Windows Update on all machines with particular attention for security updates. As I recall one of the updates fixes this vulnerability. The Kak virus comes in on e-mail embedded in the signature and therefore the virus is activated without opening the e-mail, just getting the e-mail is all it takes without this security fix.

Collapse -

KAK Virus

by ashuj In reply to KAK Virus

The question was auto-closed by TechRepublic

Collapse -

KAK Virus

by rcube In reply to KAK Virus

The WScript/kak.worm virus exploits a security vulnerability in IE. A patch to eliminate this vulnerability has been available from Microsoft since August 1999, and users who have applied it cannot be affected by the virus. More information on the vulnerability, including information on where to obtain the patch, is available at http://www.microsoft.com/technet/security/bulletin/ms99-032.asp.
Also, I suggest using a better anti-virus software like McAfee or Norton.

Collapse -

KAK Virus

by ashuj In reply to KAK Virus

The question was auto-closed by TechRepublic

Collapse -

KAK Virus

by jonesla In reply to KAK Virus

In addition to upgrading Outlook as recommended by the previous answers...The problem with KAK that caused me the biggest headache was the fact that when I used "find" in the registry, it didn't turn up the registry entry that follows:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cAg0u. I had to manually find this entry. I found some helpful information on the following website.
http://www.data-fellows.com/v-descs/kak.htm
It seems that there are several versions of this virus. Some have file names with DAY.HTM and some have file names with KAK.HTM. (they are also hidden so you need to set your File View options to show hidden files)
You also need to restore the autoexec.bat file. I simply removed the following entries that are added to it.
@echo off>C:\Windows\STARTM~1\Programs\StartUp\kak.hta
del C:\Windows\STARTM~1\Programs\StartUp\kak.hta

Specific step by step instructions are also available here.
http://www.cai.com/virusinfo/encyclopedia/
You'll find it under K for Kak, not W for Wscript

Collapse -

KAK Virus

by jonesla In reply to KAK Virus

Who received the points for this question? All the responses show no status and no points awarded.

Collapse -

KAK Virus

by ashuj In reply to KAK Virus

The question was auto-closed by TechRepublic

Collapse -

KAK Virus

by ORCC guy In reply to KAK Virus

Also remember, the KAK virus edits your registry. The result is that even if you change the autoexe.bat file, and delete .kak extensions, the registry entry is still there. The result is that the virus restarts when the machine restarts. Go into the registry and look for the virus' special extension. Its Ou something... Then delete it.

Back to Software Forum
12 total posts (Page 1 of 2)   01 | 02   Next

Related Discussions

Related Forums