Aliases: W32/Kraze
Variants: W32.Kraze.dr, W32.Kraze.a

Classification: Malware
Category: Computer Virus

Status: Active & Spreading
Spreading: Slow
Geographical info: North America
Removal: Easy
Platform: W32
Discovered: 22 Jun 2006
Damage: Low

Characteristics: The virus W32.Kraze is also known as the Lexplore.exe malware. It infects executable files and registers a Browser Helper Object (BHO) in Internet Explorer. Once this virus infects a computer, the Windows executable files will download the W32.Kraze.dr Dynamic Link Library (DLL) and executes.

More details about W32.Kraze

The virus W32.Kraze infects executable files and poses a security risk. The infected file will be installed as a Browser Helper Object (BHO). This will start Internet Explorer. Once Internet Explorer is running, the virus will scan and add the W32.Kraze virus to all windows portable executable files it finds. It infects executable files by prepending the .dll file to the host executable file.It then collates and forwards your private information to the owner of the malware. Lastly, it connects to the Web to verify the IP address of your computer. It starts Internet Explorer and periodically checks the IP address. The virus also creates the mutex KrzDL32 so that only one instance of the virus runs on the infected computer. It may cause Internet Explorer to crash.

According to reports, the W32.Kraze program may take advantage of the security flaw to gain entry to the system. This loophole offers a way to attack or invade the network or a remote platform. It is also designed to rapidly and easily distribute threats all over the network through peer to peer file sharing programs. This attribute exclusively targets the language loophole or error in various applications allowing intruders to contact the desired computer system.