Virus recovery

Gary Schafer gschafer at MEDIAONE.NET
Sat Apr 29 17:24:10 EDT 2000

Hello to all

This may be of help to some.

I got bit by the wscript kak worm virus this last Friday. It seems that
quite a few others did on some of these lists as well. If any of you are
having trouble recovering, this is what I did:

The virus was attached to an email which my Norton anti virus program
caught and it did not infect my computer. However I did loose all of my
email inbox and it sounds like several others had the same thing happen.
When Norton caught the virus I selected "try to repair" as the program
suggested. That was the wrong thing to do as that is what wiped out the
inbox. The thing to do was to just "quarantine" it.

With the virus attached to an email (I am using Netscape browser by the
way) Norton would not let that email down load from the server. (even
when selecting quarantine) I could not get rid of it or get any email
down loaded. I called Norton and they were no help. Finally I ended up
disabling the Norton anti virus program so that all of the email would
download. Then before opening any of the emails I re-enabled the anti
virus program. Then opening each email I could read them and when I got
to the ones with the virus (there were several by the way) Norton warned
me and I then selected "quarantine". When I was all through the emails I
selected the quarantine folder in the Norton anti virus program and
deleted all of the quarantined files. Then just to be sure I also
deleted the trash bins too.

Through all of this the virus never got into my computer.

Norton has on their site if you look up the virus name, they tell you
how to recover from it. It is a good idea to at least search for the
*.kak and *.hta files from the virus. If they are found then they need
to be deleted and a few other things done to clean them out. This is all
explained in the norton web page.

Keep in mind I am using the Netscape browser which this virus is not
supposed to infect or bother at all. It is the Microsoft browser that it
will attach itself to if you haven't downloaded their patch to prevent
it. However even though it was not supposed to bother the Netscape
browser, I lost my email inbox as a lot of others on the list did as far
as I have gathered.

I do not know if the same technique that I used above for clearing the
emails will work if you are using the Microsoft browser.

Up and running again after a frustrating day.

Hope this is of help to someone.

Gary  K4FMX

More information about the Boatanchors mailing list