请哪位告诉我一下：W32.Looked.O 是什么病毒？怎么老往我的电脑中钻啊？

W32.Looked.O是一个会透过档案分享进行散播并会企图感染.exe档的病虫。它也会降低安全性的设定且会下载一个远端的档案并执行。

当W32.Looked.O执行时会产生以下动作:

1. 产生下列档案:

%Windir%\rundl132.exe - detected as W32.Looked.O

%CurrentFolder%\vDll.dll - detected as Downloader

Note:

%Windir% is a variable that refers to the Windows installation folder. By default, this is C:\Windows or C:\Winnt.

%CurrentFolder% is a variable that refers to the folder where the risk was originally executed.

2. 增加这个值:

"auto" = "1"

到这登录档:

HKEY_LOCAL_MACHINE\SOFTWARE\Soft\DownloadWWW

当作一个感染的记号，假如上述登录值已经不存在。

3. 增加这个值:

"load" = "%Windir%\rundl132.exe"

到这登录档:

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows

当系统启动时它就会跟著执行

4.企图停止下列服务: