That's correct Maggie, it only affects PC's but it's pretty fierce.

Here's the current information on both forms of Kakworm from Norton's
site.  If you're worried, update your virus package and back up your
data.  For the source of the data below and more information, click on
this hyperlink
http://www.sarc.com/avcenter/venc/data/wscript.kakworm.html

Wscript.KakWorm
VBS.KakWorm spreads using Microsoft Outlook Express. It attaches itself
to all outgoing messages via the Signature feature of Outlook Express
and Internet Explorer newsgroup reader.
The worm utilizes a known Microsoft Outlook Express security hole so
that a viral file is created on the system without having to run any
attachment. Simply reading the received email message will cause the
virus to be placed on the system.
Microsoft has patched this security hole. The patch is available from
Microsoft's website
<http://www.microsoft.com/TechNet/security/bulletin/ms99-032.asp>. If
you have a patched version of Outlook Express, this worm will not work
automatically
Also known as </avcenter/refa.html>: VBS.Kak.Worm, Kagou-Anti-Krosoft
Category </avcenter/refa.html>: WORM
Infection length </avcenter/refa.html>: 4116 Bytes
Virus definitions </avcenter/refa.html>: December 30, 1999
The worm appends itself to the end of legitimate outgoing messages as a
signature. When receiving the message, the worm will automatically
insert a copy of itself into the appropriate StartUp directory of the
Windows operating system for both English and French language versions.
The file created is named KAK.HTA.
The worm utilizes a known Microsoft Outlook Express security hole,
Scriptlet.Typelib, so that a viral file is created on the system without
having to run any attachment. Simply reading the received email message
will cause the virus to be placed on the system.
Microsoft has patched this security hole. The patch is available from
Microsoft's website
<http://www.microsoft.com/technet/security/bulletin/ms99-032.asp>. If
you have a patched version of Outlook Express, this worm will not work
automatically.
HTA files are executed by current versions of Microsoft Internet
Explorer or Netscape Navigator. The system must be rebooted for this
file to be executed. Once executed, the worm modifies the registry key:
HKCU/Identities/<Identity>/Software/
Microsoft/Outlook/Express/5.0/signatures
in order to add its own signature file, which is the infected KAK.HTA
file. This causes all outgoing mail to be appended by the worm. In
addition, the registry key:
HKLM/Software/Microsoft/Windows/
CurrentVersion/Run/cAgOu
is added which causes the worm to be executed each time the computer is
restarted.
Finally, if it is the first of the month and the hour is 17 (5:00pm),
the following message is displayed:
 Kagou-Anti-Kro$oft says not today!
and Windows is sent the message to shutdown

=========================================================
Important Subscriber Information:

The Museum-L FAQ file is located at http://www.finalchapter.com/museum-l-faq/ . You may obtain detailed information about the listserv commands by sending a one line e-mail message to [log in to unmask] . The body of the message should read "help" (without the quotes).

If you decide to leave Museum-L, please send a one line e-mail message to [log in to unmask] . The body of the message should read "Signoff Museum-L" (without the quotes).