New Kazzaa Virus
Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: New Kazzaa Virus

  1. #1

    Angry New Kazzaa Virus

    There is a new Kazzaa virus out there.

    W32/KWBot-A

    Alias
    W32.Kwbot.Worm, Worm.Win32.SdBot, W32/Moocow-A

    Is it a worm wich uses the kazzaa network.

    It copies itself as"explorer32.exe" in the windows systemfolder and creates 2 new
    registry entries for running on system startup.

    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\
    Windows Explorer Update Build 1142 = explorer32

    and

    HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices\
    Windows Explorer Update Build 1142 = explorer32

    The worm infected the following files in the kazzaa network (examples only):

    Star Wars Episode 2 - Attack of the Clones VCD CD1.exe
    Spiderman The Movie - The Game.exe
    Grand Theft Auto 3 CD1 ISO.exe
    ZoneAlarm Firewall Pro.exe
    Windows XP Professional iso.exe
    Unreal Tournament cracked (works on all servers).exe
    University Study Guide (cheat sheet).exe
    Quicken Pro 2002 iso.exe
    Perl Ultimate Study Guide.exe
    Office XP Corporate Ed. iso.exe
    Norton Utilities 2002.exe
    Microsoft Visual C++ 7.0 iso.exe
    MCSE Ultimate Study Guide.exe
    Max Payne full iso.exe
    Macromedia Flash 5.exe
    Kazaa Advertisement Ad remover.exe
    DSL Anonymizer.exe
    DoS Attacker.exe
    DivX Codec 6.0 beta (codec only).exe
    Credit Card number generator VERIFIER (cc cc#).exe
    cows gone wild.exe
    100 XXX Passwords (verified 3-24-02).exe

    Its possible that he attacker can control your infected system
    with commands over IRC.

    I hope my translation is not too bad, I got these informations
    from the German Website of Sophos Antivir.
    monoton

  2. #2
    Banned
    Join Date
    Oct 2001
    Posts
    55
    Thanks for the info monoton

    it's me V-I-R-U-S

  3. #3
    Banned
    Join Date
    Oct 2001
    Posts
    297
    Kazaa is becoming a Virus. Used to love it, but now its nothing more than a huge inconvience.

  4. #4
    Junior Member
    Join Date
    May 2002
    Posts
    17
    Hey man thanks for the info..... Do you know if Norton AV will detect it...?..or any other AntiVirus prog

    Thanx
    light a candle for the sinners ,set the world on fire

  5. #5
    Originally posted here by kewlphatdude
    Do you know if Norton AV will detect it...?..or any other AntiVirus prog

    Thanx
    I got this info from Sophos, I also found the English version,
    http://www.sophos.com/virusinfo/anal...32kwbota.html,
    there you can download the update for Sophos AntiVir.

    Im sure other AntiVirus software developers will provide updates in the next days.
    monoton

  6. #6
    "W32.Kwbot.Worm has backdoor Trojan capability, which allows a hacker to gain control of the compromised computer. The worm can update itself by checking for newer versions over the Internet. W32.Kwbot.Worm disguises itself as popular movie, game, or software files, and it attempts to spread across KaZaA file-sharing networks by tricking KaZaA users into downloading the program and opening it. "

    That is from Norton website and also said the protection is on the virus definition dated on June 19 so I guess is not that new... I used Norton CE and works. Virus definition 7/8/2002 Rev 5
    \"Knowledge is Power\"

  7. #7
    >>Shakes head<< Yeah, KaZaA is gonna get worse before it gets better. Just like with other warez an unknown sources, there is always that "off chance" files could be infected, it is best not to even mess with it, IMHO.

    I am sure more virii for p2p systems will be developed, and for those who continue to download: Save everybody the heartache of virii and make sure you scan, scan, scan for virii before sharing! Also, p2p could also be a great breeding ground for new and unusual backdoors, so careful out there...

  8. #8
    Now, RFC Compliant! Noia's Avatar
    Join Date
    Jan 2002
    Posts
    1,210
    OOOooooOO.....well isn't that a suprise, If you could infect an Mp3 Nappster would have done the same.....
    This is getting really stupid, I dono y ppl still use it.

    - Noia
    With all the subtlety of an artillery barrage / Follow blindly, for the true path is sketchy at best. .:Bring OS X to x86!:.
    Og ingen kan minnast dei linne drag i dronningas andlet den fagre dag Då landet her kvilte i heilag fred og alle hadde kjærleik å elske med.

  9. #9
    Senior Member cheesegoduk's Avatar
    Join Date
    May 2002
    Posts
    224
    Yeah I know it is becoming beyond a joke now, every day a new virus is on it

  10. #10
    Senior Member
    Join Date
    Jan 2002
    Posts
    244

    Re: New Kazzaa Virus

    Never download .exe with p2p like kazaa/morpheus or others!
    i m gone,thx everyone for so much fun and good info.
    cheers and good bye

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •