reddeer
|
posted on September 9, 2000 08:42:37 AM
Just lost my entire inbox to the friggen KAK virus again. For some strange reason the newer versions of Kak will not go into quarantine with Nortons 2000. The only fix I have been able to figure out [this is the THIRD time in 2 months] is to drag the email into the trash & empty the trash.
Unfortunately the ENTIRE inbox goes out the window with the infected email. Netscape 4.7 user & not too proud of it!
|
Meya
|
posted on September 9, 2000 08:49:08 AM
How come you lose the entire inbox? There were security patches for Outlook Express to plug the hole, didn't Netscape do anything like that?
I am now using a Shareware program called POP3 Scan Mail Box that allows me to see the mail waiting on my server before I check my email. You can read the messages, see the size of the messages, delete some or all of the messages directly from the server.
I leave my email on the server since I check it from 2 different systems, so this also helps me keep the server from getting clogged from too many emails. Since I have many mail rules already set up to stop spam, about 75% of the mail that comes in to my server never gets to my computer. The spam is amazing, and a great deal lately comes from eBay.
|
sulyn1950
|
posted on September 9, 2000 08:51:21 AM
Okay-I'm showing my ineptness again-How do you know if you have "gotten KAK'd"?
|
Meya
|
posted on September 9, 2000 08:55:27 AM
Here's one place to get info:
http://www.cai.com/virusinfo/virusalert.htm#wscript
|
Empires
|
posted on September 9, 2000 09:05:55 AM
This stuff is a pain...I'm rebuilding my software structure now after a wipeout.. Not virus related though. Downloaded Internet Exp. 5.5 only to find out it's missing a patch... I't since been reported to them..
Meya- Thanks for the link to the virus page.
Here's another good site not in html..
http://www.avpve.com/
[ edited by Empires on Sep 9, 2000 09:14 AM ]
|
feistyone
|
posted on September 9, 2000 09:14:57 AM
I thought that KaK was supposed to be an attack on Outlook and Outlook Express only. It affects Netscape email too?
[ edited by feistyone on Sep 9, 2000 09:17 AM ]
|
abacaxi
|
posted on September 9, 2000 09:25:21 AM
reddeer -
Don't use a browser to read email with! If you download Eudora Light you will be free from all kinds of viruses, because it doesn't support them.
|
secondmouse
|
posted on September 9, 2000 09:43:56 AM
Reading your post with interest I realized yesterday I deleted an unopened message from my inbox and everything else in the inbox was sent to deleted with it.....does this mean I've been KAK'd?? I went ahead and permanently deleted the unopened message but the others from the inbox are still in the deleted file....Please reply as I am not very computer bright!! Do I need to do anything?? Nothing else seems amiss with the e-mail and it seems back to normal. Thanks.
|
guyuellas
|
posted on September 9, 2000 09:51:56 AM
To find out if you have the kak go to START, click FIND, type in kak, and click search. If you have it it will show it to you. What kak does is change your win.ini file to another name and changes the kak file to win.ini .
You can rename the win.ini file to something else than take the backup and rename it win.ini and delete the other file you renamed.
Also in START, click FIND, type in kak.hta and if you find that delete that also.
The important thing is to rename your current win.ini file if you find the kak to something else and rename your back-up win.ini back to win.ini and delete the other file you renamed which is the live kak file that keeps it on your system.
Or as mentioned you can go to the virus pages and learn how to get rid of it.
|
secondmouse
|
posted on September 9, 2000 09:59:09 AM
Wow, thanks for the reply guyuellas!! I did a search for both names you mentioned and neither showed up....I feel lots better! Also meya, the link was very helpful as well. I had no idea there are THAT many viruses out there....gotta keep my puter from breathing any bad air!
|
smw
|
posted on September 9, 2000 10:11:58 AM
Reddeer: Condolences. Never had a virus. Thank goodness.
It is a pain in the butt but as a redundant system I have my primary email account set up as a POP account on Yahoo. This way I can get my mail through Outlook and have a duplicate copy on Yahoo. It sits on the Yahoo server so it doesn't take up any space on my system.
Many times after going on a cleaning spree of my folders in OL I have been very thankful that I had a copy of an important message on Yahoo.
I open the mail in Yahoo first just to make sure it is not infected. And for reasons I don't understand the mail seems to always turn up on the Yahoo server even if my mail server is down.
Like chicken soup it can't make matters worse.
[ edited by smw on Sep 9, 2000 10:14 AM ]
|
borgt
|
posted on September 9, 2000 12:43:05 PM
I've "been Kak'd" 3 times in the past month.
Running Win NT and using Netscape mail, here's what I do:
1. Delete the 'infected' email by holding down shift while pressing 'delete'. Pressing the shift key keeps it from moving to the trash folder.
2. Find your inbox folder file in Windows explorer (not internet explorer, windows explorer) - It will probably be called "inbox" and be found at c:program files/netscape/users/"your profile name"/mail
3. Open that file using Wordpad
4. You'll see all of the email contained in that file/folder as a text document, including the infected one (even though you deleted it). Remove the infected email/text and save.
Voila!
It's worked for me 3 times, but I make no guarantees or take any responsibility! Again, I'm using Win NT, so it may not work in other Windows versions.
|
Shoshanah
|
posted on September 9, 2000 02:46:27 PM
http://www.ukans.edu/~acs/virus/kak.shtml
********************
Shosh
http://www.oldandsold.com/cgi-bin/auction.cgi?justdisp&Rifkah
http://members.ebay.com/aboutme/rifkah/
[ edited by Shoshanah on Sep 9, 2000 02:47 PM ]
|
KatyD
|
posted on September 9, 2000 05:01:40 PM
abaxi  I use Eudora Pro. Never get ANY of these email viruses. Eudora, folks. The best email program around.
KatyD
|
uaru
|
posted on September 9, 2000 05:17:42 PM
I feel for you Reddeer, I've had similar problems in the past, Norton quarantined my entire mailbox, really a pisser.
|
bhearsch
|
posted on September 9, 2000 05:40:04 PM
Hey reddeer, I posted a topic a while ago about a new FREE antivirus email scanning program just released by the Swedish company, Wkit Security which is owned by the Effnet Group. The reviews are excellent for this product. I have been paying a yearly fee to use all of the products and services of the McAfee Clinic but their antivirus program has some compatibility issues with Win 98 Second Edition and since email born viruses are so prevalent I decided to try the Effnet program.
You might want to check it out:
http://www.effnet.com/pressroom/releaser/00.08.22eng.html
Blanche
[ edited by bhearsch on Sep 9, 2000 05:41 PM ]
|
texas1958
|
posted on September 9, 2000 05:43:08 PM
Been there, done that twice!
But did learn (no guarantee) that you can right click (for Outlook Express), then choose Properties. . .Details .... and then Source. You can read the entire message in HTML without actually opening it.
I did this after removing the virus in an attempt to find where it was coming from and was never reinfected.
Towards the bottom of the source page you will see the program written into the e-mail KAK-Worm and all.
Then be sure to block that e-mail from your account.
***Special Note***
KAK-Worm Program is written so you may have it for up to 30 days before you realize it.
Makes The Case to UPDATE YOUR VIRUS SCAN REGULARLY
tex
|
jtw74
|
posted on September 9, 2000 06:22:06 PM
I got it about 6 wks ago and in trying to get Norton 2000 to do it's thing, the pc froze up and I rebooted. It also took out my entire netscape inbox
|
scrabblegod
|
posted on September 9, 2000 06:35:20 PM
Kak? Kak?? Kak???..Hmmm....
LINUX
|
shartelona
|
posted on September 9, 2000 07:28:39 PM
Just out of curiosity...can you get the KAK worm from reading an email in a web-based email system like Hotmail?
|
reddeer
|
posted on September 9, 2000 08:31:36 PM
Thanks everyone! I had to leave for the day after starting this thread & just finished reading up on all the various tips on how to avoid this down the road.
Greatly appreciated!
|
toomanycomics
|
posted on September 10, 2000 07:42:57 AM
got 2 so far.... and they were caught by my Norton AntiVirus and ZoneAlarm
yippie! 
|
silviron
|
posted on September 10, 2000 03:20:53 PM
Once again people:
TURN OFF YOUR ACTIVE-X CONTROLS
They are only good for "stupid computer tricks" on "cutting edge" internet sites. The only time they are really useful is at Microsoft.com Windows Update.
Here is the email I send out when someone sends me KAK. Maybe it will help some of you too.
------------------------
HI-
I hate to tell you this, but you have a computer "virus".
It is probably the KAK worm, and you most likely got it through an infected e-mail
I highly recommend that you send no more emails until you get your computer "cleaned", as you will just be passing the virus on to other vulnerable people.
Here is a place you can get information and download a little program that will get rid of it for you:
http://www.samcool.com/check4kak.html
That page also has a link to microsoft to download a security patch. Do that first, then download the check4kak program at samcool. Install it and follow the directions.
Also, I highly to recommend that you turn of all your Active-X controls in Internet Explorer :{ Click on : Tools-> Internet Options-> Security-> Custom Level-> then click "DISABLE" on the first five settings.}
This will plug one of the major security holes and give you much more "privacy" in your surfing and email (it controls both) You don't need Active-X on 90% of the "legitimate" sites you visit. About the only time you really need it is when you go to microsoft for Windows Updates etc.
Some of the other legitimate sites use it to for "stupid computer tricks" and fancy mullti-media displays, but many others use Active-X to gather information on YOU, or install things on your computer that you may not necessarily want.
Disabling Active-X should make your computer impervious to KAK and a few other nasties, even without using an anti-virus program.
After you have done this, then you need to go through all of your emails that you have stored in your computer, and find infected ones (a little window will popup saying that "An Active-X control on this page is not safe..." ) and completely delete them-
Of course, I highly recommend using a good Anti-virus program, and update it at least once a month, preferably twice, as the there are thousands of other "viruses" that don't operate through Active-X. Norton Anti Virus and Mcaffee are the best
Good Luck!
[ edited by silviron on Sep 10, 2000 03:32 PM ]
|
jeanyu
|
posted on September 10, 2000 04:35:59 PM
Just checked--my computer had it--since March of this year. Thanks Shosh for a great straight forward web-site that I followed step by step. Also a big thanks to Silviron for the steps to disactivate the x-controls.(So I have to type in my blame user and password--no problems with that here!--yep --disabled the cookies while I was over there.) Whew--what an interesting last hour this has been.
Now the dilemma---I sure must have hundreds of emails I have sent since March---either personally or through enet business. I want to warn people I may have infected them. Any 5 to 15 step instructions on this huge headache? Thanks all again---this board rules.
|
