Full
Name: |
Look2Me |
Type: |
Adware |
Danger Level: |
3 |
Category Description: |
Program that delivers advertisements on your PC.
Note that many websites have their own advertising, unrelated to adware.
Adware is any software application in which advertising is displayed while the program is running. The authors of these applications include additional code that delivers the ads, which can be viewed through pop-up windows or through a bar that appears on a computer screen and sometimes through text links or in integrated search results. Adware may or may not track personal information. It may also gather information anonymously or in aggregate only. Users should check the EULA and Privacy policy to ensure if the adware on their machines conforms to their standards. |
Official Description: |
During installation a connection is made to ad-w-a-r-e.com and instructions from java script change the host and remove registry keys. Has potential to do other malicous acts.
http://www.ad-w-a-r-e.com/cgi-bin/PopupV2?ID={<some clsid here>}&type=normal&mSkip=1&rnd=", 300000, "TRUE");
sendExternalEvent('EVENT:UPDATECRC:A1EDBE54FAEA39FAAC6DF618503910E7');
sendExternalEvent('EVENT:REMOVEKEY:SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify?HKLM?DllName?0563F1C45F34E7305C57F10DD17B6E8F');
sendExternalEvent('EVENT:REMOVEKEY:SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects?HKLM');
sendExternalEvent('EVENT:HOST:127.0.0.1?www.igetnet.com');
sendExternalEvent('EVENT:HOST:127.0.0.1?code.ignphrases.com');
sendExternalEvent('EVENT:HOST:127.0.0.1?clear-search.com');
Downloads other unwanted software and displays advertisements.
Causes the cpu to be at maximum usage which causes the computer to run slow and sometimes freeze up. Displays an advertisement that lists some causes of computer problems and offers a free program to check the computer for errors. |
Comment: |
Seems to be related to VX2.
Adds other software, and sometimes creates a second "shortcut bar".
|
|
|
Properties: |
|
Manual Removal: |
Kill this process:
no.exe
Remove these entries from the registry:
HKEY_CURRENT_USER\software\look2me
Remove these files:
systemroot+\system32\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0110.dll
systemroot+\system32\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0111.dll
systemroot+\system32\msg{46b08877-2be4-4f35-8e77-034c2142321c}0115.dll
systemroot+\system32\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0110.dll
systemroot+\system32\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0111.dll
systemroot+\system32\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0110.dll
systemroot+\system32\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0111.dll
systemroot+\system32\msg{93396c3f-aea3-4ac0-bb55-81f0f0414a24}0113.dll
systemroot+\system32\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0110.dll
systemroot+\system32\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0111.dll
systemroot+\system32\msg{aac5700f-954a-47b7-9746-871ae8e634e4}0115.dll
systemroot+\system32\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0110.dll
systemroot+\system32\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0111.dll
systemroot+\system32\msg{d331b768-d6da-41e8-a7b6-78ed724126c0}0115.dll
systemroot+\system32\msg{e01b47a7-a499-4fee-83c2-b0684ca28e6b}0115.dll
systemroot+\system32\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0110.dll
systemroot+\system32\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0111.dllno.exe
|