Google Answers: can't remove infected virus file that Norton 2003 doesn't detect, but NAV does

View Question

Q: can't remove infected virus file that Norton 2003 doesn't detect, but NAV does ( Answered 4 out of 5 stars

, 0 Comments )

Question

Subject: can't remove infected virus file that Norton 2003 doesn't detect, but NAV does
Category: Computers
Asked by: beadee-ga
List Price: $3.00

Posted: 03 Jan 2003 23:00 PST
Expires: 02 Feb 2003 23:00 PST
Question ID: 137292

NavAntivirus has detected JS/kak.gen* in this file
c:\WINDOWS\Application
Data\Identities\{9A883940-96A7-11D3-8CA8-84681C27E32B}\Microsoft\Outlook
Express\Sent Items.dbx->Message.816: ("BD" [Fw:
])->(part0002:)->(SCRIPT0000)
Norton 2003 has never found it.  I no longer use Outlook Express.  How
do I rid this file from my pc, please? ps...I'm a first time user so
if I am not pricing correctly, please let me know.

Answer

Subject: Re: can't remove infected virus file that Norton 2003 doesn't detect, but NAV does
Answered By: clouseau-ga on 03 Jan 2003 23:59 PST
Rated: 4 out of 5 stars

Hello beadee,


Thank you for your question.

Whenever I have a virus problem, I search the Symantec Virus
Definitions library at www.symantec.com. Searching for [js/kak] I
found the following:

Wscript.KakWorm
http://securityresponse.symantec.com/avcenter/venc/data/wscript.kakworm.html

"Wscript.KakWorm spreads using Microsoft Outlook Express. It attaches
itself to all outgoing messages using the Signature feature of Outlook
Express and Internet Explorer newsgroup reader.

The worm utilizes a known Microsoft Outlook Express security hole so
that a viral file is created on the system without having to run any
attachment. Simply reading the received email message causes the virus
to be placed on the system.

Microsoft has patched this security hole. The patch is available at:

http://www.microsoft.com/technet/ie/tools/scrpteye.asp "

At the bottom of the page you will find that this worm also has other
names:

Also Known As: VBS.Kak.Worm, VBS.Kak.Worm.dr, Kagou-Anti-Krosoft,
VBS/Kakworm, Wscript.Kak.A, JS/Kak, JS/Kak.worm, Mid/Kakworm,
JS.Kakworm, VBS_Kakworm.A

There are a number of links on this page, and I urge you to read the
entire page to inform yourself prior to running removal tools. Then
check:

Symantec has also created an interactive tutorial to help you get rid
of this worm.

http://www.symantec.com/techsupp/virusremoval/virusremoval_info_tutorial.html

And...

If you have a patched version of Outlook Express, this worm will not
work automatically. Click here to download a tool to repair
Wscript.Kakworm damage.

http://www.sarc.com/avcenter/venc/data/wscript.kakworm.fix.html


I trust my research will help you cleanse your system of this worm. If
a link above should fail to work or my research require further
explanation, please do post a Request for Clarification.


Regards,

-=clouseau=-

beadee-ga rated this answer: 4 out of 5 stars

sent me to correct places

Comments

There are no comments at this time.

Important Disclaimer: Answers and comments provided on Google Answers are general information, and are not intended to substitute for informed professional medical, psychiatric, psychological, tax, legal, investment, accounting, or other professional advice. Google does not endorse, and expressly disclaims liability for any product, manufacturer, distributor, service or service provider mentioned or any opinion expressed in answers or comments. Please read carefully the Google Answers Terms of Service.

If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you.

Search Google Answers for

Google Home - Answers FAQ - Terms of Service - Privacy Policy