W32/Looked-AF

Category: Viruses and Spyware Protection available since:07 Oct 2006 00:00:00 (GMT)
Type: Win32 executable file virus Last Updated:07 Oct 2006 00:00:00 (GMT)
Prevalence: Small Number of Reports

Download Download our free Virus Removal Tool - Find and remove threats your antivirus missed

W32/Looked-AF is a virus for the Windows platform.

W32/Looked-AF includes functionality to access the internet and communicate with a remote server via HTTP.

W32/Looked-AF creates a file "_desktop.ini" in many folders on the infected computer. These are harmless text files, containing just the date of the infection. W32/Looked-AF is a virus for the Windows platform.

W32/Looked-AF includes functionality to access the internet and communicate with a remote server via HTTP.

W32/Looked-AF creates a file "_desktop.ini" in many folders on the infected computer. These are harmless text files, containing just the date of the infection.

When first run W32/Looked-AF copies itself to <Windows>\rundl132.exe and creates the following files:

<Windows>\Dll.dll - also detected as W32/Looked-AF

The following registry entry is created to run rundl132.exe on startup:

HKCU\Software\Microsoft\Windows NT\CurrentVersion\Windows
load
<Windows>\rundl132.exe

Registry entries are created under:

HKLM\SOFTWARE\Soft\DownloadWWW\

download Try Sophos products for free
Download now

© 1997 - 2012 Sophos Ltd. All rights reserved. Legal Privacy