kazza.exe - Dangerous
kazza.exe
Manual removal instructions:
Antivirus Report of kazza.exe:
kazza.exe
OPTIXPRO.12.C VIRUS!
Backdoor.OptixPro.12.c, a variant of the Backdoor.OptixPro.12 Trojan Horse.
Allows unauthorized remote access to an infected computer on port 3410.
If the file "Kazza.exe" is present, is it an indication of a possible infection.
Also Known As: Backdoor.Optix.Pro.12 [KAV], Backdoor.Optix.1_2 [RAV], BackDoor-ACH [McAfee]
Variants: Backdoor.OptixPro.12, Backdoor.OptixPro.12.b, Backdoor.OptixPro.13
Type: Trojan Horse
Infection Length: 321,536 bytes
1. This virus copies itself as %System%\Kazza.exe.
Note: %System% = C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Adds the value:
"InternalSystray" = "%System%\Kazza.exe"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
3. Sets the registry value:
"EnableAutodial" = "00 00 00 00"
in the registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings
4. Notifies the hacker through ICQ.
Listens on TCP port 3410 and waits for commands from the Trojan's creator.
5. Provides its creator with:
Cached passwords
Full remote access to your computer, such as turning the power on and off, modifying files, and monitoring your system.
6. Attempts to stop about 200 of antivirus and monitoring tool processes.
Instuction to delete:
1. Disable System Restore (Windows Me/XP).
2. Run a full system scan and delete all the files detected as Backdoor.OptixPro.12.c.
3. Delete the value that was added to the registry. Make it better with Greatis RegRun.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
delete the value:
"InternalSystray" = "%System%\Kazza.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings
change the value of "EnableAutodial" to its original settings.
| kazza.exe | Malware |
| kazza.exe | Dangerous |
| kazza.exe | High Risk |
Backdoor.OptixPro.12.c, a variant of the Backdoor.OptixPro.12 Trojan Horse.
Allows unauthorized remote access to an infected computer on port 3410.
If the file "Kazza.exe" is present, is it an indication of a possible infection.
Also Known As: Backdoor.Optix.Pro.12 [KAV], Backdoor.Optix.1_2 [RAV], BackDoor-ACH [McAfee]
Variants: Backdoor.OptixPro.12, Backdoor.OptixPro.12.b, Backdoor.OptixPro.13
Type: Trojan Horse
Infection Length: 321,536 bytes
1. This virus copies itself as %System%\Kazza.exe.
Note: %System% = C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Adds the value:
"InternalSystray" = "%System%\Kazza.exe"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
3. Sets the registry value:
"EnableAutodial" = "00 00 00 00"
in the registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings
4. Notifies the hacker through ICQ.
Listens on TCP port 3410 and waits for commands from the Trojan's creator.
5. Provides its creator with:
Cached passwords
Full remote access to your computer, such as turning the power on and off, modifying files, and monitoring your system.
6. Attempts to stop about 200 of antivirus and monitoring tool processes.
Instuction to delete:
1. Disable System Restore (Windows Me/XP).
2. Run a full system scan and delete all the files detected as Backdoor.OptixPro.12.c.
3. Delete the value that was added to the registry. Make it better with Greatis RegRun.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
delete the value:
"InternalSystray" = "%System%\Kazza.exe"
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings
change the value of "EnableAutodial" to its original settings.
Dmitry Sokolov:
I created UnHackMe in 2006 to fix the problem that antivioruses did not fix: detecting rootkits.
Since that time I work every day to fix the issues that antiviruses cannot.
If your antivirus have not helped you solve the problem, you should try UnHackMe.
We are a small company and you can ask me directly, if you have any questions.