Home Forums Windows 7 Security Tips

Windows 7
Windows Vista
Windows XP

Security Tips
Keyboard Shortcuts


Internet Terms
Computer Terms

File Extensions (75)
File Extensions (15K+)

Startup Applications
Necessary Files
Useless Files
At Your Option Files
Dangerous Files
Browser Objects

DLL Files
SYS Files
INF Files
OCX Files
VXD Files

Virus Database
Virus Warnings

Easter Eggs
Tips and Tricks
Hot Downloads

Privacy Policy
Contact Us


Name Kazza.exe



Backdoor.OptixPro.12.c, a variant of the Backdoor.OptixPro.12 Trojan Horse.
Allows unauthorized remote access to an infected computer on port 3410.
If the file "Kazza.exe" is present, is it an indication of a possible infection.

Also Known As: Backdoor.Optix.Pro.12 [KAV], Backdoor.Optix.1_2 [RAV], BackDoor-ACH [McAfee]
Variants: Backdoor.OptixPro.12, Backdoor.OptixPro.12.b, Backdoor.OptixPro.13
Type: Trojan Horse
Infection Length: 321,536 bytes

1. This virus copies itself as %System%\Kazza.exe.
Note: %System% = C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).

2. Adds the value:
"InternalSystray" = "%System%\Kazza.exe"
to the registry key:
so that the Trojan runs when you start Windows.

3. Sets the registry value:
"EnableAutodial" = "00 00 00 00"
in the registry key:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings

4. Notifies the hacker through ICQ.
Listens on TCP port 3410 and waits for commands from the Trojan's creator.

5. Provides its creator with:
Cached passwords
Full remote access to your computer, such as turning the power on and off, modifying files, and monitoring your system.

6. Attempts to stop about 200 of antivirus and monitoring tool processes.

Instuction to delete:

1. Disable System Restore (Windows Me/XP).
2. Run a full system scan and delete all the files detected as Backdoor.OptixPro.12.c.
3. Delete the value that was added to the registry. Make it better with Greatis antivirus (also check How To Remove section)

delete the value:
"InternalSystray" = "%System%\Kazza.exe"

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current\Software\Microsoft\windows\CurrentVersion\Internet Settings
change the value of "EnableAutodial" to its original settings.

Still have a problem? Ask for help at our discussion forum.

Search Dangerous Files :

: : Recent posts at Forums : :

Fatal error: Incompatible file format: The encoded file has format major ID 1, whereas the Loader expects 7 in /home/software/public_html/forum/includes/functions_vbseo.php on line 0