Kozaka

Kozaka Description

ScreenshotKozaka is an adware that may display pop-up adverts, discounts, sponsored links and coupons via a pop-up box on shopping related and social networking websites that are visited by computer users. The pop-up adverts of Kozaka may be displayed as boxes, which include a variety of coupons that are available or as underlined keywords, which when clicked, may cover a screen of a PC with a pop-up advert that declares to be sent to the PC user by Kozaka. Kozaka may rapidly expand itself on the computer system. When installed on the PC, Kozaka may compromise the computer user's activities on the machine. Kozaka may embed an add-on, extension or plug-in in Mozilla Firefox, Internet Explorer and Google Chrome when PC users install free software products that might had packaged into their installation Kozaka. When web users install any free software products, they may also install Kozaka. Whenever the PC user will visit shopping related or social networking websites, Kozaka may display a 'See Similar' button on the images of the product, which when clicked may display pop-up advertisements by Kozaka. Kozaka may also display advertising banners on the websites visited by computer users, and as they browse the Internet, Kozaka may display offers, discounts, coupons and deals available on various websites.
Aliases: Artemis!171DA209E2AF [McAfee], TROJ_GEN.F47V1110 [TrendMicro-HouseCall], W32.GafitoI.Trojan [Bkav], a variant of Win32/BrowseFox.G [ESET-NOD32], Trojan.Agent/Gen-Nullo[Short] [SUPERAntiSpyware], TR/Trash.Gen [AntiVir], TROJ_GEN.F47V1228 [TrendMicro-HouseCall], Bloodhound.MalPE [Symantec], Skodna.Generic.ARC [AVG], NS:PUF.SilenceInstaller!1.9DDF [Rising], Win32/BrowseFox.B [ESET-NOD32], VIRUS_UNKNOWN [Kingsoft], AdWare/Win32.WebCake.gen [Antiy-AVL], Yontoo (fs) [VIPRE] and Adware.Plugin.124 [DrWeb].

Infected with Kozaka? Scan Your PC for Free

Download SpyHunter’s Spyware Scanner
to Detect Kozaka

Security Doesn't Let You Download SpyHunter or Access the Internet?


Solutions: Your computer may have malware hiding in memory that prevents any program, including SpyHunter, from executing on your computer. Follow to download SpyHunter and gain access to the Internet:
  • Use an alternative browser. Malware may disable your browser. If you're using IE, for example, and having problems downloading SpyHunter, you should open Firefox, Chrome or Safari browser instead.
  • Use a removable media. Download SpyHunter on another clean computer, burn it to a USB flash drive, DVD/CD, or any preferred removable media, then install it on your infected computer and run SpyHunter's malware scanner.
  • Start Windows in Safe Mode. If you can not access your Window's desktop, reboot your computer in 'Safe Mode with Networking' and install SpyHunter in Safe Mode.
  • IE Users: Disable proxy server for Internet Explorer to browse the web with Internet Explorer or update your anti-spyware program. Malware modifies your Windows settings to use a proxy server to prevent you from browsing the web with IE.

If you still can't install SpyHunter? View other possible causes of installation issues.

Technical Information

Infection Statistics


Our MalwareTracker shows malware activity across the world. Explore real-time data of Kozaka outbreaks and other threats from global to local level.

File System Details

Kozaka creates the following file(s):
# File Name Size MD5 Detection Count
1 chrome-extension_mciekghplkkgcmofonmkmlomhkamochd_0.localstorage-journal 66
2 chrome-extension_mciekghplkkgcmofonmkmlomhkamochd_0.localstorage 65
3 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\databases\chrome-extension_mciekghplkkgcmofonmkmlomhkamochd_0 36
4 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mciekghplkkgcmofonmkmlomhkamochd 35
5 %UserProfile%\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Extension Settings\mciekghplkkgcmofonmkmlomhkamochd 34
6 %LOCALAPPDATA%\Google\Chrome\User Data\Default\databases\chrome-extension_mciekghplkkgcmofonmkmlomhkamochd_0 33
7 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Extensions\mciekghplkkgcmofonmkmlomhkamochd 32
8 %LOCALAPPDATA%\Google\Chrome\User Data\Default\Local Extension Settings\mciekghplkkgcmofonmkmlomhkamochd 31
9 %PROGRAMFILES%\Kozaka 30
10 %PROGRAMFILES(x86)%\Kozaka\Kozakauninstall.exe 240,081 40125ef9cf8ec1f30070b83d140415ef 9
11 %TEMP%\Kozaka\Kozaka_Setup.exe 855,424 22a9b162aa7be080ae86833ba7b5586f 4
12 %PROGRAMFILES(x86)%\Kozaka\updateKozaka.exe 65,304 ccf2b90467c87420bfb885f90b665582 2,833
13 %PROGRAMFILES(x86)%\Kozaka\bin\utilKozaka.exe 66,328 8e204cfa278ca67bfbcb8beba1c4c146 2,258
14 %PROGRAMFILES%\Kozaka\Kozakabho.dll 249,624 ed6e31ba6f2c9d8f771b6f35545d83dc 2

Registry Details

Kozaka creates the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\Software\[APPLICATION]\Microsoft\Windows\CurrentVersion\Uninstall..{Uninstaller}
Kozaka
HKEY..\..\..\..{RegistryKeys}
SOFTWARE\Google\Chrome\Extensions\mciekghplkkgcmofonmkmlomhkamochd
Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A45E3FA8-5048-4372-94AD-C6661671F7FC}
SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mciekghplkkgcmofonmkmlomhkamochd
SOFTWARE\Wow6432Node\Kozaka
SOFTWARE\Wow6432Node\Microsoft\Tracing\updateKozaka_RASAPI32
SOFTWARE\Wow6432Node\Microsoft\Tracing\updateKozaka_RASMANCS
SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{a45e3fa8-5048-4372-94ad-c6661671f7fc}
SYSTEM\ControlSet001\services\eventlog\Application\Update Kozaka
SYSTEM\ControlSet001\services\Update Kozaka
SYSTEM\CurrentControlSet\services\eventlog\Application\Update Kozaka
SYSTEM\CurrentControlSet\services\Update Kozaka
The following CLSID's were found:
HKEY..\..\{CLSID Path}
{7357A44B-D09F-40DA-9B0B-639C741A471D}
{C5C68B66-D3BF-4EF2-9AAD-8C15B10039FF}
{a45e3fa8-5048-4372-94ad-c6661671f7fc}

Site Disclaimer

Leave a Reply

IMPORTANT! To be able to proceed, you need to solve the following simple math.
Please leave these two fields as-is:
What is 9 + 13 ?