1. /
  2. Security Response/
  3. Adware.Weblookup

Adware.Weblookup

Updated:
February 13, 2007 11:46:44 AM
Type:
Adware
Risk Impact:
Medium
File Names:
weblookup.dll
Systems Affected:
Windows 2000, Windows 95, Windows 98, Windows Me, Windows Server 2003, Windows XP

When Adware.Weblookup is installed, it performs the following actions:
  1. Creates the following registry keys:

    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID
    \{DC8240DF-E60D-4193-B984-5111847DC7E6}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface
    \{D7988033-BDE1-4A36-BBE0-633F658BE770}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib
    \{DEDE7333-91F2-4064-8557-0EB2E3D37155}
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Redirect.RedirectPage
    HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Redirect.RedirectPage.1
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
    \CurrentVersion\Explorer\Browser Helper Objects\{DC8240DF-E60D-4193-B984-5111847DC7E6}
    HKEY_CURRENT_USER\Software\weblookup


  2. Creates the following legitimate registry key if it doesn't exist:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\DownloadManager

  3. Contacts [http://]www.web-redirect.com/[REMOVED] to obtain configuration information.

  4. Displays popups based on the response it recieves in the previous step.


Summary| Technical Details| Removal

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report
Symantec DeepSight Screensaver