The symptoms I experienced during the use of Kazaa: - crazy mouse sometimes, without control after the use: - slow boot - winzip "zip and email" feature donīt work I remember to have executed a password generator exe file (I knew I shouldnīt have done it...) Norton anti virus detected a virus in two jpg images. It wasnīt benjamin or Klez, it was a weird name I canīt remember. I just deleted those files. I also scanned my computer with bitdefender anti benjamim and found it nothing. Can you tell me if the symptoms are from another virus and how to get rid of it? Thanks in advance

If you can run an online virus scan at either Panda or House Call to identify your virus, post back with what the scan finds finds

This threat is considered a Low-Profiled risk as it is not wide-spread and has gotten media attention. When this worm is run, it copies itself to %WINDIR%\SYSTEM\EXPLORER.SCR, where %WINDIR% is the directory Windows is installed in. Then it adds the registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ Run\SystemService=%WINDIR%\SYSTEM\EXPLORER.SCR To spread, the worm requires that the Kazaa software is installed on the machine. It creates a directory called %WINDIR%\TEMP\SYS32, and changes the Kazaa settings so that remote users can download from this directory. Then it copies itself to that directory under many different names which other users may search for. The size of these files can vary since the worm pads them with garbage bytes. This method of spreading is comparable to the VBS/GWV worm Presence of EXPLORER.SCR and registry key pointing to it. Presence of %WINDIR%\TEMP\SYS32 and many files inside. Since this worm offers itself over the Kazaa network under names that users may find tempting, users who are not infected may download and run the worm from infected machines, and thus spread the worm themselves. Windows ME and XP utilize a restore utility that backs up selected files automatically to the C:\_Restore folder. This means that an infected file could be stored there as a backup file, and VirusScan will be unable to delete these files. You must disable the System Restore Utility to remove the infected files from the C:\_Restore folder. WindowsME 1. Right click the My Computer icon on the Desktop and click on Properties. 2. Click on the Performance tab. 3. Click on the File System button. 4. Click on the Troubleshooting tab. 5. Put a check mark next to 'Disable System Restore'. 6. Click the 'OK' button. 7. You will be prompted to restart the computer. Click Yes. Note: To re-enable the Restore Utility, follow steps one to seven and on step five remove the check mark next to 'Disable System Restore' WindowsXP Disabling the System Restore Utility (Windows XP Users) 1. Right click the My Computer icon on the Desktop and click on Properties. 2. Click on the System Restore tab. 3. Put a check mark next to 'Turn off System Restore on All Drives'. 4. Click the 'OK' button. 5. You will be prompted to restart the computer. Click Yes. Note: To re-enable the Restore Utility, follow steps one to five and on step three remove the check mark next to 'Turn off System Restore on All Drives'