|
Look2Me |
  
|
|
Look2Me |
|
Look2Me is an advertising and information network that uses a shell extension to attach itself to Windows and display pop up advertising for its clients. It monitors visited web sites and submits this information to a server.
How to Remove Look2Me
Because the software highly integrates itself with Explorer, it can be hard to remove. Included below is a basic manual removal method for Look2Me as well as an excellent Visual Basic Script that can be run to help remove it.
http://www.look2me.com/cgi-bin/UnInstaller
How to manually remove Look2Me
| • | Click on Start, Run, and type REGEDIT and click Ok to start the Registry Editor |
| • | Now open the Windows Task Manager |
On Windows 95/98/ME, Press CTRL+ATL+DEL
On Windows NT/2000/XP, Press CTRL+ALT+DEL, Select the Task Manager if needed, and click on the Processes tab
| • | In the list of programs, click on EXPLORER.EXE and select End Task or End Process. Repeat this procedure until no explorer.exe process is running (The Start Menu, Task Bar, and System Tray will disappear) |
| • | Select the Registry Editor (you may have to press ALT + Tab) |
| • | Delete the following registry keys if they exist |
HKEY_LOCAL_MACHINE \SOFTWARE\Classes\CLSID\{DDFFA75A-E81D-4454-89FC-B9FD0631E726}
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ ShellExtensions \ Approved \ {DDFFA75A-E81D-4454-89FC-B9FD0631E726}
| • | Close the Registry Editor |
| • | Restart your computer |
| • | Now open My Computer and Drive C, open the Windows directory, and then the System directory |
Note: %SystemDir% is a variable. By default, this is C:\Windows\System (Windows 95/98/Me), C:\WINNT\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
| • | Delete all files that look similar to the following, where * represents a letter or number |
msg{********-****-****-****-************}****.dll
The known variants of Look2Me are associated with the following files:
msg{*.dll
msg116.dll
msg117.dll
msg118.dll
msg119.dll
msg120.dll
msg121.dll
msg122.dll
| • | Open Internet Explorer |
| • | Click Tools, Internet Options |
| • | Click the Programs tab and then click Reset Web Settings to restore default settings for home page, search page, and other settings. |
If Look2Me remains or popups from NicTechNetworks remain, then proceed with the following extra instructions
| • | Download and run VX2.BetterInternet Finder http://download.broadbandmedic.com/ (VX2Finder.exe) which will search for files that are tied to Explorer and very tough to remove. These files usually are .dll files found in the Windows\System32 directory with backup files similar to *.cpy.dll |
| • | Write these files down for later removal |
| • | To remove these files, you'll need to boot into the Recovery Console. Reboot your computer with your Windows XP or 2000 cd now. If your computer does not boot from the CD-ROM disk, you'll have to change settings in your BIOS to do this to boot from the CD-ROM first. |
| • | During the loading of the Windows XP or Windows 2000 CD, you'll eventually be given the choice to load the "Recovery Console" by pressing R. |
| • | Next, Choose your Windows Installation, usually by pressing 1 and pressing Enter. |
| • | You'll have to enter the Administrator password, if you dont know the password try leaving it blank. Once logged into the Recovery Console, you'll be at a C:\WINDOWS> prompt. |
| • | If the system does not let you in because of a bad password or you cant access the recovery console from the CD-ROM, you'll have to use the alternate instructions below to access the Recovery Console. |
| • | At the C:\WINDOWS> prompt type CD SYSTEM32 and press Enter |
| • | At the C:\WINDOWS\SYSTEM32> prompt, use the DEL command to delete the files you wrote down previously. |
Ex: DEL AYMPARSE.DLL and press Enter
DEL AYMPARSE.CPY.DLL and press Enter
| • | After you have deleted the files, type EXIT and restart your computer in normal mode. Look2Me and the files that were previously unable to be deleted should be removed. |
For Automatic Removal of Look2Me (option 1)
Download and run the program Killbox or Kill2Me
For Automatic Removal of Look2Me (option 2)
| • | Download http://www.pchell.com/downloads/removel2me.vbs (a VB script provided by Mosaic1, a member of Spywareinfo, and save it to c:\removel2me.vbs |
This is a Visual Basic Scripting file, so you'll have to have the Windows Scripting Host installed. You can download the following file to disable or reenable the Windows Scripting Host. http://www.pchell.com/virus/noscript.exe
| • | Now open the Windows Task Manager |
On Windows 95/98/ME, Press CTRL+ATL+DEL
On Windows NT/2000/XP, Press CTRL+ALT+DEL, Select the Task Manager if needed, and click on the Processes tab
| • | In the list of programs, click on EXPLORER.EXE and select End Task or End Process. Repeat this procedure until no explorer.exe process is running (The Start Menu, Task Bar, and System Tray will disappear) |
| • | Click the Applications tab, click the New Task Button, and type the path to the script you saved. |
c:\removel2me.vbs
| • | Click Ok |
| • | Click Shutdown on the Task Manager toolbar and scroll down to Restart your computer. |
 |
 |
 |
Page url:
http://www.tje.net/PCSupport/index.html?look2me.htm
Page content was last updated: 10/6/2008
|
|
