List apology

[Don Muirhead]

Lester:

You may have installed anti-virus software but it you're still sending out 
the worm so you have to clean it out of your PC.  Perhaps this will help 
you.  There are dozens of sites on the WWW that can provide with a method 
of removal as well.

Good luck
Don
----------------------------------------
Removal procedure for wscript.kakworm
Thanks to Jaco Engelbrecht from Intekom and Avon Rhoda from Gas Software 
for providing these removal instructions.
A description of the virus can be found on www.f-secure.com
If the worm has just dropped the "kak.hta", but the system hasn't been 
restarted yet, the deletion of it ("C:\Windows\Start Menu\Startup\kak.hta") 
is sufficient.
However, if the system has been rebooted then check if the root directory 
contains a file "AK.KAK". If so, replace "autoexec.bat" with it.
Then search for the following files, and delete if found:
C:\Windows\Start Menu\Startup\kak.hta
C:\Windows\kak.htm
C:\Windows\System\*.hta
Files are marked as hidden.
Next, remove the Run entry from the registry
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\cAg0u
Finally, remove the default signature ("Signature #1") from Outlook Express
(Tools/Options/Signatures).
If FSAV is used, then just scan the system, delete infected files and 
remove the Run entry and default signature.