请哪位告诉我一下:W32.Looked.O 是什么病毒?怎么老往我的电脑中钻啊?
来源:百度知道 编辑:UC知道 时间:2024/06/04 03:18:52
W32.Looked.O是一个会透过档案分享进行散播并会企图感染.exe档的病虫。它也会降低安全性的设定且会下载一个远端的档案并执行。
当W32.Looked.O执行时会产生以下动作:
1. 产生下列档案:
%Windir%\rundl132.exe - detected as W32.Looked.O
%CurrentFolder%\vDll.dll - detected as Downloader
Note:
%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.
%CurrentFolder% is a variable that refers to the folder where the risk was originally executed.
2. 增加这个值:
"auto" = "1"
到这登录档:
HKEY_LOCAL_MACHINE\SOFTWARE\Soft\DownloadWWW
当作一个感染的记号,假如上述登录值已经不存在。
3. 增加这个值:
"load" = "%Windir%\rundl132.exe"
到这登录档:
HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows
当系统启动时它就会跟著执行
4.企图停止下列服务: