| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 52063 | 2004-12-08 11:53:00 | Bat.Kak virus! Helllp! | Apteryx (294) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 300995 | 2004-12-08 11:53:00 | Hi, have 12 wireless files infected with this virus according to ZAL security suite. Unable to repair. Ive downloaded kakafix and followed instructions but when I open autoexec.bat and configsys thru sysedit these are totally blank. Should they be? Wini ini has nothing but MPEG Video, which I dont use. I also find the latest ZAL upgrade wont install after a lengthy download. Is there a connection? Using OS: MSWinXP Home Version 5.1.2600 Service Pack 1 Build 2600 And: MSN IE vers6.0.2800.1106xpsp2.03404; cipher strength 168bit with all updates ON. Intel ® Pentium 4 HTT CPU 300x2 GHz, With HTT -1.00GB RAM 120 GB HD Any help appreciated Apteryx |
Apteryx (294) | ||
| 300996 | 2004-12-08 12:25:00 | Sorry I don't have more to say, but try in Safe Mode. To get into Safe Mode, press F8 just before the Starting Windows screen. |
george12 (7) | ||
| 300997 | 2004-12-08 15:16:00 | Thanks george | Apteryx (294) | ||
| 300998 | 2004-12-08 15:25:00 | Do you have the XP CD? If so try booting with it in the drive. I have never needed to myself, I believe there is a repair option, or something similar. Vince |
Vince (406) | ||
| 300999 | 2004-12-08 16:20:00 | Thanks Vince I have the Cd will try that | Apteryx (294) | ||
| 301000 | 2004-12-08 19:01:00 | > when I open autoexec.bat and configsys thru sysedit these are totally blank Autoexec.bat Thats normal for it to be blank. In xp, autoexec.nt controls 16 bit application access. I suspect the same could be said for config.sys but not sure |
beama (111) | ||
| 301001 | 2004-12-08 20:06:00 | Hmm according to the Symantec site, if its this Wscript.KakWorm, aka VBS.Kak.Worm, VBS.Kak.Worm.dr, Kagou-Anti-Krosoft, Wscript.Kak.A, JS/Kak.Worm [Panda], Mid/Kakworm, JS_KAKWORM.A [Trend], I-Worm.KakWorm [Kaspersky], JS/Kak@M [McAfee], VBS/Kakworm [Sophos] Although this worm can be forwarded or detected in email on a Windows NT or Windows 2000 system, it infects only Windows 95/98 systems. And yup config.sys and autoexec.bat are usually blank. So, if this is the worm you have, it looks like it doesnt infect XP, altho it says XP is affected on the Symantec site. (It can get detected in XP). BUT nothing actually runs or happens in XP. As its the wrong os to infect. |
Spacemannz (808) | ||
| 301002 | 2004-12-09 00:14:00 | Thanks for that. Thats interesting, and relieving, I think, relieving but confusing. If it doesnt affect XP why have I got it? I dont have IE5 or Outlook either. ( But i did open a spurious Christmas card from a friend which wasnt from her at all.) Perhaps thats why Microtrends Housecall found nothing, but ZAL says all my wireless files are infected? (I only have keyboard and mouse) ZAL says this worm goes for wireless peripherals. On the other hand my mouse which I scrupulously turn off to save batteries keeps turning back on which I assumed was the virus. Now my biggest worry is why I cant install the latest uprgrade of ZAL |
Apteryx (294) | ||
| 301003 | 2004-12-09 00:28:00 | What happens when u try and update ZA?? Any message / error? Well XP (scanners) can still detect it, BUT as the symantec site says it doesnt infect XP PC's . And whats the mouse? battery and what?? USB ?? If USB and optical then USB would turn the light on (if the mouse has a light, when connected to USB) . I think this worm would do more than just switch a mouse on and off lol . Its a worm that affects other PC's that havent been patched . |
Spacemannz (808) | ||
| 301004 | 2004-12-14 00:51:00 | Thanks all for your help. I managed to get rid of it, altho I couldnt install the Kakafix from Symantec, I deleted( I hope) it by uninstalling the Trend Micro program where the infected files were located. Thanks Apteryx |
Apteryx (294) | ||
| 1 | |||||