W95.LoRez


Aliases: Win95.Lorez.1766.b, W95/Lorez.intd, W95.LoRez,  Win95.Lorez.1766, W95/Lor1766-B
Variants: PE_LOREZ.1766.B, W32/Lorez.1766.B, Win95:Lorez-B, W95/Lorez.1766, Win32.Lorez.1766.B 

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: Asia, North and South America, and some parts of Europe and Australia
Removal: Easy
Platform: W32
Discovered: 13 Feb 2007
Damage: Low

Characteristics: The W95.LoRez program contaminates all of the files having .exe extension that are being executed.

More details about W95.LoRez

It is a program that allegedly claims to have the capability of detecting and removing spyware or any other software that could pose as a threat to the computer. The program makes fake assertions on spyware detection and removal for the purpose of encouraging the user to purchase a paid version of the software. To entice the users, the W95.LoRez program presents fake or counterfeit scan results to make it look like the user’s system is infected by different types of threats. The user is then advised to purchase a license that would resolve the fake infections. Users also claim that the program also has the capacity to further download spyware or any other unsolicited applications. These programs pose as additional threats to the computer.

The W95.LoRez program creates a number of files in the system. It commonly uses random strings of alphanumeric characters. This is done to prevent detection. They are placed in a number of folders. Some of the more common locations are the Windows directory and the System folder. Anti-malware programs report the software may also inject its code in executable files already in the system. This can include core system processes. This may cause the system to become unstable.