Kazaa Vírus Það er búin að vera að ganga vírus með Kazaa forritinu og ég veit að mjög margir hugarar nota þetta forrit.

W32.Benjamin.Worm
Discovered on: May 19, 2002
Last Updated on: May 21, 2002 at 09:08:55 PM PDT


W32.Benjamin.Worm comes disguised as popular music, movie, or software files. It spreads across KaZaA file-sharing networks by tricking KaZaA users into downloading the program and opening it.

The size of the worm can vary because the worm pads copies of itself with garbage bytes.



Type: Worm
Infection Length: Variable
Systems Affected: Windows 95, Windows 98, Windows NT, Windows 2000, Windows XP, Windows Me
Systems Not Affected: Unix, Linux


Virus Definitions (Intelligent Updater)*
May 20, 2002

Technical details:

When W32.Benjamin.Worm is executed, it does the following:

It copies itself as C:\%System%\Explorer.scr.

NOTE: %System% is a variable. The worm locates the \Windows\System folder (by default this is C:\Windows\System or C:\Winnt\System32) and copies itself to that location.

It then adds the \Syscod subkey under the registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft

It also adds the value

System-Service C:\%SYSTEM%\EXPLORER.SCR

to the registry key

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

This causes the worm to run when you start Windows.

How it spreads

NOTE: For W32.Benjamin.Worm to spread, it requires that the KaZaA software be installed on the computer.

The worm creates the C:\%Windows%\Temp\Sys32 folder. It then changes the KaZaA download folder settings so that this new folder is accessible to other KazaA network users. This allows other KaZaA users to download files from that location.

The worm then copies itself into this folder using many different names that are chosen randomly from a list that the worm carries. Here are some examples:

Chterbahn Designer -full-downloader
Acrobat Capture 3.0 -full-downloader
Age of Empires-Games-full-downloader
American Pie 2 -divx-full-downloader
Baseball 2001-Games-full-downloader
Metallica - Blackened
ac dc - Fight For Your Right

Þetta er tekið af slóðinni:

http://securityresponse.symantec.com/avcenter/venc/data/w32.benjamin.worm.html

Það eru aðeins meiri upplýsingar þar, ég lenti í því að fá vírus þarna í gegn, sem var rosalega leiðinlegt, því að það er erfitt að sjá hann. Og ég veit að það er lítil umræða um þennan vírus á Íslandi. Þetta er hreinlega spurning um að hafa augun opin fyrir þessu.

Mekara