x
48h OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
SPECIAL OFFER
If you're already a customer of
our homeusers protection,
renew now with a 50% off
RENEW NOW
x
HALLOWEEN OFFER
take advantage of our
terrific discounts
BUY NOW AND GET A 50% OFF
x
CHRISTMAS OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 40% OFF
x
SPECIAL OFFER
Buy the best antivirus
at the best price
BUY NOW AND GET A 50% OFF
x
BLACKFRIDAY OFFER
Buy the best antivirus
at the best price
TODAY ONLY UP TO 70% OFF
x
CYBERMONDAY OFFER
Buy the best antivirus
at the best price
(Only for homeusers)
TODAY ONLY UP TO 70% OFF
Active Scan. Scan your PC free
Panda Protection

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

Kazoa.C

 
Threat LevelModerate threatDamageHighDistributionNot widespread
Common name:Kazoa.C
Technical name:W32/Kazoa.C
Threat level:Low
Alias:W32/Gool.worm
Type:Worm
Effects:  It opens a communications port and sends the IP address of the affected computer to the virus authors. This leaves the computer exposed to remote attacks. It also ends processes belonging to antivirus programs, among others.

Affected platforms:

Windows XP/2000/NT/ME/98/95

Detection updated on:Feb. 11, 2003
StatisticsNo

Brief Description 

    

Kazoa.C is a worm that also acts as a very dangerous Trojan, as it opens a communications port in the affected computer (usually 31337). Then it sends the IP address and the number of the open port to the attackers. This leaves the affected computer vulnerable to remote attacks.

Kazoa.C uses KaZaA and IRC chat channels in order to spread quickly. KaZaA is a program that allows Internet users to share files containing music, videos, texts, images, etc.

Kazoa.C creates a large number of infected files whose names can refer to erotic photos of famous people or IT utilities, among others. The worm does this in order to trick KaZaA users into downloading the infected files.

Visible Symptoms 

    

Kazoa.C is very easy to recognize as it reaches computers in an executable file with the following icon:

NOTE: The icon of the executable file is the bear icon that appears above. However the file name will be the name of the file that the user has downloaded (for example PAMELA_ANDERSON_NAKED.TXT.EXE). It is important not to confuse the file that carries out the Kazoa.C infection with an important Windows sytem file (JDBGMGR.EXE) that has the same icon and can be found in all Windows computers.

When the executable file is run, Kazoa.C carries out its infection and displays a window with the title: Are you feeling Haxxored?