Most files that are accessible using Kazaa
originate from other users. This means that there will always
be the risk of irresponsible users introducing viruses. The
Sharman Networks team is working hard to develop solutions
to make Kazaa a safe peer-to-peer
(P2P) application, and there are some things you can do
to protect yourself. Read
more.
Kazaa v2 (and above) includes integrated virus
protection provided by BullGuard.
To find out how to activate it click here.
It is useful to be aware of the latest viruses found on P2P.
Sharman Networks has received reports of the following viruses:
Swen
Known as Win32.Swen.A@mm
Aliases: W32/Gibe@mm
Primarily spread through email, Internet chat rooms, and instant messaging,
the Swen worm can also spread through p2p applications by copying itself into
the shared folder as a choosing from a list of different filenames. The worm
usually comes as an e-mail, often disguised as a Microsoft Patch. The email
messages are quite realistic and may fool some users to open the infected attachment.
It also scans email address books and sent-mail folders for addresses to mail
itself on to. When the user clicks the infected attachment, the worm takes
control and installs itself into the system. Then, it fakes an error in the
Windows Messaging API (MAPI) and asks the user to enter confidential information
like password, account, SMTP server, etc.
More info on Swen.
Fizzer Worm
Known as Win32.Fizzer.A@mm
Aliases: W32/Fizzer-A, I-Worm.Fizzer, W32.HLLW.Fizzer@mm,
W32/Fizzer@MM
Primarily spread through email, Internet
chat rooms, and instant messaging, the Fizzer virus can
also spread through p2p applications by copying itself
into the shared folder as a random filename. It has backdoor
and keylogger abilities. The backdoor component uses Mirc
and AIM (AOL Instant Messenger) thus allowing the author
to issue commands on the victim's computer.
More info on Fizzer
Worm.
Lirva
A and Lirva
B
The virus steals the cached Windows 95/98/ME dial-up networking
password and attempts and tries to de-activate firewall and
anti-virus applications. It also scans Outlook address books
and sent-mail folders for addresses to mail itself on to.
The virus maybe distributed through the following files:
Resume.exe, Download.exe, MSO-Patch-0071.exe, MSO-Patch-0035.exe,
Two-Up-Secretly.exe, Transcripts.exe, Readme.exe, AvrilSmiles.exe,
AvrilLavigne.exe, Complicated.exe, Singles.exe, Sophos.exe,
Cogito_Ergo_Sum.exe, CERT-Vuln-Info.exe, Sk8erBoi.exe, IAmWiThYoU.exe.
More info on Lirva
A and Lirva
B
Magic Eightball
Magic Eightball skin is reported to be a trojan virus that attempts to delete files on the C: directory. The file has been packaged as a Zip file with the filename eightball2.zip.
Once executed, rather than adding a skin to your Kazaa, the trojan creates a batch file (Abracadabra.bat). The file contains instructions on deleting all the files on the root of the C: drive and also on the Windows folder. The trojan would display a series of dialog boxes and pressing the OK button on the last dialog box, the batch file is executed.
Please check any file carefully before executing, and use caution before installing any skins.
Benjamin.A
and Benjamin.B
The Benjamin worm virus is reported to share the files of
Kazaa users without their knowledge or authorisation.
When the virus is started, it shows a fake error message
to the user: “Access error #03A:94574: Invalid pointer
operation File possibly corrupted.” The worm distributes
itself by creating hundreds of files to the hard drive
and shares them to other Kazaa users.
The worm also displays the Web site benjamin.xww.de.
More info on Benjamin.A and Benjamin.B
Read more
about viruses and how to protect your PC.
Kazaa v2 (and above) includes integrated virus
protection provided by BullGuard. To find out how to activate
it click here.
