Kazmor is a P2P (peer to peer) and network worm with backdoor abilities.
This worm is very closely related to another worm - Worm.Win32.Apart.
The backdoor routine allows a remote master to perform the following actions on victim computers:
- send out detailed computer information
- steal cached passwords, MSN account login and password, as well as .NET Messenger information.
Kazmor also performs the following routines, it:
- spreads over local networks and to P2P networks
- receives files or download files from a Web site
- executes a file
- performs DoS attacks on remote computers
- pings a remote computer
- scans ports and IP addresses
- redirects PC ports
- sends spam messages through AOL Instant Messenger and to a mIRC channel
Find and delete the following key in the system registry:
Windows = %WindowsDir%\Windows.exe
Still have a problem? Ask for help at our discussion forum.