cancel
Showing results for 
Search instead for 
Did you mean: 

Trojan Horse - kazaspool32.exe

N/A

Trojan Horse - kazaspool32.exe

Hi,

I recently noticed that after booting, my firewall would show a program named kazaspool32.exe was trying to connect to an address on the internet. I then noticed that the named file was a process that was running. After doing some searching it showed up in the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run registry key.

I searched my PC for all files beginning with kaza and found 3 files in my C:\Windows\ folder that appeared suspicious:

kazaspool32k.dat
kazaspool32.exe
kazaspool32.dat

On examination, kazaspool32.dat had a list of numerous .exe files belonging to security software (norton antivirus, blackice defender, etc.). When I inspected kazaspool32k.dat I found it had a list of keypresses and text that was displayed on the screen!!!!!!! I have since deleted the files and removed the entry from the registry. Obviously it was tracking the keystrokes and uploading them to somebody!!!!!!!

I felt it was necessary to let others know of this as I didn't find any references to this on the web. You may want to confirm this with others, or not. I am just trying to help out.

Hope this is useful to whoever finds out about it.
3 REPLIES
N/A

RE: Trojan Horse - kazaspool32.exe

I find what you say very interesting as I suspect that my friend became a victim to this kind of behavour recently. Suddenly some of her programs became corrupted and when you boot up the pc it tries to connect to the Internet after the icons have loaded. I have now installed the latest version of Zone Alarm for her but have not yet found the reason why her pc wants to connect to the internet straight away, so I'll be taking your comments on board next time I visit her.

Regards

Melodytune
N/A

RE: Trojan Horse - kazaspool32.exe

Check internet options:

Make sure it's not set to dialup a connection when a network connection is not present.
if it's not set like this then it could be anything. just an idea. Smiley
--
Jason
=====
N/A

RE: Trojan Horse - kazaspool32.exe

> Check internet options:
>
> Make sure it's not set to dialup a connection when a network connection is not present.
> if it's not set like this then it could be anything. just an idea. Smiley
>
> --
> Jason
> =====

I had something similar a while back just before i installed zone alarm. I had some wierd virus warnings - cant remember what they were but they stopped after i ran a scan over night - but nothing was detected so i thought it had gone away. Until i tried to use my work bt phonecard ... it was set up in one of my dialup connections appropriately named "AT&T BT PHONECARD" ... and it had been blocked by bt as it had over 160 squids worth of porno calls on it ... also i had messenger say i was logged in at another location once as well ... so i did the rename all passwords thing and istalled zone alarm ... ah well ... bt refunded it all for me ...
GREAT!