Computer Protect Virus: Look2Me Hijacker

Look2Me description:
Look2Me Category:Hijacker,Adware
A desktop hijacker replaces the desktop wallpaper with advertising
for products and services on the desktop.
Adware are programs that facilitate delivery for advertising content
to the user and in some cases gather information from the user's computer,
including information related to Internet browser usage or other computer habits

Detection Look2Me :

Look2Me Files:
[%SYSTEM%]\aoifile.dll
[%SYSTEM%]\bzowseui.dll
[%SYSTEM%]\c8000idme80a0.dll
[%SYSTEM%]\cibcatq.dll
[%SYSTEM%]\cimrepl.dll
[%SYSTEM%]\dId9.dll
[%SYSTEM%]\dn6001jme.dll
[%SYSTEM%]\dptmsft.dll
[%SYSTEM%]\dynet.dll
[%SYSTEM%]\e6200gfme62a0.dll
[%SYSTEM%]\egts.dll
[%SYSTEM%]\en46l1hs1.dll
[%SYSTEM%]\enlql1351.dll
[%SYSTEM%]\f02m0af1ed2.dll
[%SYSTEM%]\f82m0if1e82.dll
[%SYSTEM%]\fA2m0if1e82.dll
[%SYSTEM%]\fktlib.dll
[%SYSTEM%]\fp6403jqe.dll
[%SYSTEM%]\fp8803lue.dll
[%SYSTEM%]\g622lgfo162c.dll
[%SYSTEM%]\g8220ifoe82c0.dll
[%SYSTEM%]\gE22lgfo162c.dll
[%SYSTEM%]\gou32.dll
[%SYSTEM%]\gp4ol3h31.dll
[%SYSTEM%]\gpjql3151.dll
[%SYSTEM%]\gpp6l37s1.dll
[%SYSTEM%]\gru32.dll
[%SYSTEM%]\h2l20c3oef.dll
[%SYSTEM%]\hmetcfg.dll
[%SYSTEM%]\hrl6053se.dll
[%SYSTEM%]\hrn4055qe.dll
[%SYSTEM%]\hrnu0559e.dll
[%SYSTEM%]\hrrq0595e.dll
[%SYSTEM%]\i8600ijme8oa0.dll
[%SYSTEM%]\ig50_32.dll
[%SYSTEM%]\incvid.dll
[%SYSTEM%]\insetup.dll
[%SYSTEM%]\ipmui.dll
[%SYSTEM%]\ir6ml5j11.dll
[%SYSTEM%]\ir6ql5j51.dll
[%SYSTEM%]\irlql5351.dll
[%SYSTEM%]\irnml5511.dll
[%SYSTEM%]\ixetcfg.dll
[%SYSTEM%]\j02qlaf51d2.dll
[%SYSTEM%]\j20slcd71f0.dll
[%SYSTEM%]\j2j60c1sef.dll
[%SYSTEM%]\j42q0ef5eh2.dll
[%SYSTEM%]\j4l40e3qeh.dll
[%SYSTEM%]\k4lq0e35eh.dll
[%SYSTEM%]\k880lilm18qa.dll
[%SYSTEM%]\kddhe.dll
[%SYSTEM%]\kt00l7dm1.dll
[%SYSTEM%]\kudblr.dll
[%SYSTEM%]\kzdcan.dll
[%SYSTEM%]\l04qlah51d4.dll
[%SYSTEM%]\l06olaj31do.dll
[%SYSTEM%]\l4r00e9meh.dll
[%SYSTEM%]\ljhsvc.dll
[%SYSTEM%]\luadperf.dll
[%SYSTEM%]\lv2q09f5e.dll
[%SYSTEM%]\lvj0091me.dll
[%SYSTEM%]\lvju0919e.dll
[%SYSTEM%]\lvnq0955e.dll
[%SYSTEM%]\lvrq0995e.dll
[%SYSTEM%]\m0280afued280.dll
[%SYSTEM%]\m0ju0a19ed.dll
[%SYSTEM%]\m8640ijqe8oe0.dll
[%SYSTEM%]\m8ju0i19e8.dll
[%SYSTEM%]\masign32.dll
[%SYSTEM%]\mbc40u.dll
[%SYSTEM%]\mfyuv.dll
[%SYSTEM%]\mmcat32.dll
[%SYSTEM%]\mpvcr70.dll
[%SYSTEM%]\mv2ml9f11.dll
[%SYSTEM%]\mvl8l93u1.dll
[%SYSTEM%]\mxjet35.dll
[%SYSTEM%]\n0l80a3ued.dll
[%SYSTEM%]\n44s0eh7eh4.dll
[%SYSTEM%]\n64slgh7164.dll
[%SYSTEM%]\n6n60g5se6.dll
[%SYSTEM%]\n6n6lg5s16.dll
[%SYSTEM%]\n8n6li5s18.dll
[%SYSTEM%]\n8r2li9o18.dll
[%SYSTEM%]\noobjapi.dll
[%SYSTEM%]\o4pq0e75eh.dll
[%SYSTEM%]\o8pq0i75e8.dll
[%SYSTEM%]\ojeaut32.dll
[%SYSTEM%]\okbcint.dll
[%SYSTEM%]\oktext32.dll
[%SYSTEM%]\osbc.dll
[%SYSTEM%]\oveaut32.dll
[%SYSTEM%]\oVkley.dll
[%SYSTEM%]\p0r40a9qed.dll
[%SYSTEM%]\p66slgj716o.dll
[%SYSTEM%]\p6p6lg7s16.dll
[%SYSTEM%]\pJutoenr.dll
[%SYSTEM%]\pmwrprof.dll
[%SYSTEM%]\ppdgen.dll
[%SYSTEM%]\q0680ajuedo80.dll
[%SYSTEM%]\q268lcju1fo8.dll
[%SYSTEM%]\q4nu0e59eh.dll
[%SYSTEM%]\r86ulij918o.dll
[%SYSTEM%]\rcmotepg.dll
[%SYSTEM%]\rdcss.dll
[%SYSTEM%]\rkched20.dll
[%SYSTEM%]\rlutils.dll
[%SYSTEM%]\rNsauto.dll
[%SYSTEM%]\rnvpperf.dll
[%SYSTEM%]\rQsdlg.dll
[%SYSTEM%]\sdellstyle.dll
[%SYSTEM%]\senceng.dll
[%SYSTEM%]\sjbiop.dll
[%SYSTEM%]\sjdpapi.dll
[%SYSTEM%]\sNmlib.dll
[%SYSTEM%]\sxncui.dll
[%SYSTEM%]\tBpi.dll
[%SYSTEM%]\vooy.dll
[%SYSTEM%]\VZCodec.dll
[%SYSTEM%]\wahtcpip.dll
[%SYSTEM%]\WAVADVE.DLL
[%SYSTEM%]\wcbhits.dll
[%SYSTEM%]\wnps2.dll
[%SYSTEM%]\wopencen.dll
[%SYSTEM%]\wwd_ci.dll
[%SYSTEM%]\xzlprov.dll
[%WINDOWS%]\icont.exe
[%WINDOWS%]\iconz.exe
[%WINDOWS%]\Temp\bw2.com
[%SYSTEM%]\aEaamon.dll
[%SYSTEM%]\db32gt.dll
[%SYSTEM%]\dn6o01j3e.dll
[%SYSTEM%]\en8ol1l31.dll
[%SYSTEM%]\explorer.dll
[%SYSTEM%]\fp4003hme.dll
[%SYSTEM%]\iPlmdnt5.dll
[%SYSTEM%]\j40s0ed7eh0.dll
[%SYSTEM%]\lnfax11n.dll
[%SYSTEM%]\winlog.exe
[%SYSTEM%]\wlwfax.dll
[%WINDOWS%]\$NtUninstallKB823559$\run.dll
[%SYSTEM%]\allui.dll
[%SYSTEM%]\bqotvid.dll
[%SYSTEM%]\chmpstui.dll
[%SYSTEM%]\guard.tmp
[%SYSTEM%]\iqmon.dll
[%SYSTEM%]\k6080gdue6080.dll
[%SYSTEM%]\l2p20c7oef.dll
[%SYSTEM%]\merd2x40.dll
[%SYSTEM%]\mgl_hp.dll
[%SYSTEM%]\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0110.dll
[%SYSTEM%]\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0111.dll
[%SYSTEM%]\msg{46b08877-2be4-4f35-8e77-034c2142321c}0115.dll
[%SYSTEM%]\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0110.dll
[%SYSTEM%]\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0111.dll
[%SYSTEM%]\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0110.dll
[%SYSTEM%]\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0111.dll
[%SYSTEM%]\msg{93396c3f-aea3-4ac0-bb55-81f0f0414a24}0113.dll
[%SYSTEM%]\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0110.dll
[%SYSTEM%]\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0111.dll
[%SYSTEM%]\msg{aac5700f-954a-47b7-9746-871ae8e634e4}0115.dll
[%SYSTEM%]\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0110.dll
[%SYSTEM%]\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0111.dll
[%SYSTEM%]\msg{d331b768-d6da-41e8-a7b6-78ed724126c0}0115.dll
[%SYSTEM%]\msg{e01b47a7-a499-4fee-83c2-b0684ca28e6b}0115.dll
[%SYSTEM%]\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0110.dll
[%SYSTEM%]\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0111.dll
[%SYSTEM%]\mtdart.dll
[%SYSTEM%]\mvgsvc.dll
[%SYSTEM%]\namarta.dll
[%SYSTEM%]\tgkwks.dll
[%SYSTEM%]\wbdmtpdr.dll
[%SYSTEM%]\wgvadvd.dll
[%WINDOWS%]\iconu.exe
[%WINDOWS%]\system\msg{15dd85c0-1b81-11d8-a1e4-00a0cc251329}0113.dll
[%SYSTEM%]\aoifile.dll
[%SYSTEM%]\bzowseui.dll
[%SYSTEM%]\c8000idme80a0.dll
[%SYSTEM%]\cibcatq.dll
[%SYSTEM%]\cimrepl.dll
[%SYSTEM%]\dId9.dll
[%SYSTEM%]\dn6001jme.dll
[%SYSTEM%]\dptmsft.dll
[%SYSTEM%]\dynet.dll
[%SYSTEM%]\e6200gfme62a0.dll
[%SYSTEM%]\egts.dll
[%SYSTEM%]\en46l1hs1.dll
[%SYSTEM%]\enlql1351.dll
[%SYSTEM%]\f02m0af1ed2.dll
[%SYSTEM%]\f82m0if1e82.dll
[%SYSTEM%]\fA2m0if1e82.dll
[%SYSTEM%]\fktlib.dll
[%SYSTEM%]\fp6403jqe.dll
[%SYSTEM%]\fp8803lue.dll
[%SYSTEM%]\g622lgfo162c.dll
[%SYSTEM%]\g8220ifoe82c0.dll
[%SYSTEM%]\gE22lgfo162c.dll
[%SYSTEM%]\gou32.dll
[%SYSTEM%]\gp4ol3h31.dll
[%SYSTEM%]\gpjql3151.dll
[%SYSTEM%]\gpp6l37s1.dll
[%SYSTEM%]\gru32.dll
[%SYSTEM%]\h2l20c3oef.dll
[%SYSTEM%]\hmetcfg.dll
[%SYSTEM%]\hrl6053se.dll
[%SYSTEM%]\hrn4055qe.dll
[%SYSTEM%]\hrnu0559e.dll
[%SYSTEM%]\hrrq0595e.dll
[%SYSTEM%]\i8600ijme8oa0.dll
[%SYSTEM%]\ig50_32.dll
[%SYSTEM%]\incvid.dll
[%SYSTEM%]\insetup.dll
[%SYSTEM%]\ipmui.dll
[%SYSTEM%]\ir6ml5j11.dll
[%SYSTEM%]\ir6ql5j51.dll
[%SYSTEM%]\irlql5351.dll
[%SYSTEM%]\irnml5511.dll
[%SYSTEM%]\ixetcfg.dll
[%SYSTEM%]\j02qlaf51d2.dll
[%SYSTEM%]\j20slcd71f0.dll
[%SYSTEM%]\j2j60c1sef.dll
[%SYSTEM%]\j42q0ef5eh2.dll
[%SYSTEM%]\j4l40e3qeh.dll
[%SYSTEM%]\k4lq0e35eh.dll
[%SYSTEM%]\k880lilm18qa.dll
[%SYSTEM%]\kddhe.dll
[%SYSTEM%]\kt00l7dm1.dll
[%SYSTEM%]\kudblr.dll
[%SYSTEM%]\kzdcan.dll
[%SYSTEM%]\l04qlah51d4.dll
[%SYSTEM%]\l06olaj31do.dll
[%SYSTEM%]\l4r00e9meh.dll
[%SYSTEM%]\ljhsvc.dll
[%SYSTEM%]\luadperf.dll
[%SYSTEM%]\lv2q09f5e.dll
[%SYSTEM%]\lvj0091me.dll
[%SYSTEM%]\lvju0919e.dll
[%SYSTEM%]\lvnq0955e.dll
[%SYSTEM%]\lvrq0995e.dll
[%SYSTEM%]\m0280afued280.dll
[%SYSTEM%]\m0ju0a19ed.dll
[%SYSTEM%]\m8640ijqe8oe0.dll
[%SYSTEM%]\m8ju0i19e8.dll
[%SYSTEM%]\masign32.dll
[%SYSTEM%]\mbc40u.dll
[%SYSTEM%]\mfyuv.dll
[%SYSTEM%]\mmcat32.dll
[%SYSTEM%]\mpvcr70.dll
[%SYSTEM%]\mv2ml9f11.dll
[%SYSTEM%]\mvl8l93u1.dll
[%SYSTEM%]\mxjet35.dll
[%SYSTEM%]\n0l80a3ued.dll
[%SYSTEM%]\n44s0eh7eh4.dll
[%SYSTEM%]\n64slgh7164.dll
[%SYSTEM%]\n6n60g5se6.dll
[%SYSTEM%]\n6n6lg5s16.dll
[%SYSTEM%]\n8n6li5s18.dll
[%SYSTEM%]\n8r2li9o18.dll
[%SYSTEM%]\noobjapi.dll
[%SYSTEM%]\o4pq0e75eh.dll
[%SYSTEM%]\o8pq0i75e8.dll
[%SYSTEM%]\ojeaut32.dll
[%SYSTEM%]\okbcint.dll
[%SYSTEM%]\oktext32.dll
[%SYSTEM%]\osbc.dll
[%SYSTEM%]\oveaut32.dll
[%SYSTEM%]\oVkley.dll
[%SYSTEM%]\p0r40a9qed.dll
[%SYSTEM%]\p66slgj716o.dll
[%SYSTEM%]\p6p6lg7s16.dll
[%SYSTEM%]\pJutoenr.dll
[%SYSTEM%]\pmwrprof.dll
[%SYSTEM%]\ppdgen.dll
[%SYSTEM%]\q0680ajuedo80.dll
[%SYSTEM%]\q268lcju1fo8.dll
[%SYSTEM%]\q4nu0e59eh.dll
[%SYSTEM%]\r86ulij918o.dll
[%SYSTEM%]\rcmotepg.dll
[%SYSTEM%]\rdcss.dll
[%SYSTEM%]\rkched20.dll
[%SYSTEM%]\rlutils.dll
[%SYSTEM%]\rNsauto.dll
[%SYSTEM%]\rnvpperf.dll
[%SYSTEM%]\rQsdlg.dll
[%SYSTEM%]\sdellstyle.dll
[%SYSTEM%]\senceng.dll
[%SYSTEM%]\sjbiop.dll
[%SYSTEM%]\sjdpapi.dll
[%SYSTEM%]\sNmlib.dll
[%SYSTEM%]\sxncui.dll
[%SYSTEM%]\tBpi.dll
[%SYSTEM%]\vooy.dll
[%SYSTEM%]\VZCodec.dll
[%SYSTEM%]\wahtcpip.dll
[%SYSTEM%]\WAVADVE.DLL
[%SYSTEM%]\wcbhits.dll
[%SYSTEM%]\wnps2.dll
[%SYSTEM%]\wopencen.dll
[%SYSTEM%]\wwd_ci.dll
[%SYSTEM%]\xzlprov.dll
[%WINDOWS%]\icont.exe
[%WINDOWS%]\iconz.exe
[%WINDOWS%]\Temp\bw2.com
[%SYSTEM%]\aEaamon.dll
[%SYSTEM%]\db32gt.dll
[%SYSTEM%]\dn6o01j3e.dll
[%SYSTEM%]\en8ol1l31.dll
[%SYSTEM%]\explorer.dll
[%SYSTEM%]\fp4003hme.dll
[%SYSTEM%]\iPlmdnt5.dll
[%SYSTEM%]\j40s0ed7eh0.dll
[%SYSTEM%]\lnfax11n.dll
[%SYSTEM%]\winlog.exe
[%SYSTEM%]\wlwfax.dll
[%WINDOWS%]\$NtUninstallKB823559$\run.dll
[%SYSTEM%]\allui.dll
[%SYSTEM%]\bqotvid.dll
[%SYSTEM%]\chmpstui.dll
[%SYSTEM%]\guard.tmp
[%SYSTEM%]\iqmon.dll
[%SYSTEM%]\k6080gdue6080.dll
[%SYSTEM%]\l2p20c7oef.dll
[%SYSTEM%]\merd2x40.dll
[%SYSTEM%]\mgl_hp.dll
[%SYSTEM%]\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0110.dll
[%SYSTEM%]\msg{1e253d5d-6add-4fe9-829c-f51038158be5}0111.dll
[%SYSTEM%]\msg{46b08877-2be4-4f35-8e77-034c2142321c}0115.dll
[%SYSTEM%]\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0110.dll
[%SYSTEM%]\msg{5bef546a-e3c1-489c-996a-c9688d985ae0}0111.dll
[%SYSTEM%]\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0110.dll
[%SYSTEM%]\msg{63de1ad9-f0c6-4dac-886a-5a9707b0d23c}0111.dll
[%SYSTEM%]\msg{93396c3f-aea3-4ac0-bb55-81f0f0414a24}0113.dll
[%SYSTEM%]\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0110.dll
[%SYSTEM%]\msg{9d4f5b7c-2a4b-46c5-99a7-4c775b688d45}0111.dll
[%SYSTEM%]\msg{aac5700f-954a-47b7-9746-871ae8e634e4}0115.dll
[%SYSTEM%]\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0110.dll
[%SYSTEM%]\msg{b9a9ac6a-2cc9-4a24-a250-bea974703ff8}0111.dll
[%SYSTEM%]\msg{d331b768-d6da-41e8-a7b6-78ed724126c0}0115.dll
[%SYSTEM%]\msg{e01b47a7-a499-4fee-83c2-b0684ca28e6b}0115.dll
[%SYSTEM%]\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0110.dll
[%SYSTEM%]\msg{e8d8ffef-30a4-4df1-a618-e0599a0d0a15}0111.dll
[%SYSTEM%]\mtdart.dll
[%SYSTEM%]\mvgsvc.dll
[%SYSTEM%]\namarta.dll
[%SYSTEM%]\tgkwks.dll
[%SYSTEM%]\wbdmtpdr.dll
[%SYSTEM%]\wgvadvd.dll
[%WINDOWS%]\iconu.exe
[%WINDOWS%]\system\msg{15dd85c0-1b81-11d8-a1e4-00a0cc251329}0113.dll

Look2Me Registry Keys:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\App Management
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\BITS
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Control Panel
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Controls Folder
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\CSCSettings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Dynamic Directory
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\explorer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Hints
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Installer
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Internet Settings
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\IPConfTSP
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Media Center
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MediaContentIndex
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Nls
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OemStartMenuData
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\OptimalLayout
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\policies
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Reliability
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Run
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnce
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\RunOnceEx
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SharedDlls
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Shell Extensions
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellCompatibility
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellServiceObjectDelayLoad
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Syncmgr
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Telephony
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Unimodem
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\URL
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WindowsUpdate
HKEY_CLASSES_ROOT\clsid\{3c874920-bb96-452c-94c4-bdd73e451be3}
HKEY_CLASSES_ROOT\clsid\{3ec78605-05b4-4b17-b84c-80087b3e02e3}
HKEY_CLASSES_ROOT\clsid\{b8ffec76-fd26-4bc4-bcd5-6c7bb2b02b14}
HKEY_CLASSES_ROOT\clsid\{ddffa75a-e81d-4454-89fc-b9fd0631e726}
HKEY_CURRENT_USER\software\look2me
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\guardianorvcb

Look2Me Registry Values:
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run Services
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices_Disabled
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\main
HKEY_CURRENT_USER\software\microsoft\internet explorer\search
HKEY_CURRENT_USER\software\microsoft\internet explorer\search
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\main
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\search
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\app paths
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\control panel
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\optimallayout
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\runonce
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\syncmgr
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\telephony
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\user agent\post platform
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\internet settings\user agent\post platform
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved
HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shell extensions\approved

Removing Look2Me:

you can run trial version of ExterminateIt, or remove Look2Me manually.

To completely manually remove Look2Me malware from your computer, you need to delete the Windows registry keys and registry values, the files and folders associated with Look2Me.

Also Be Aware of the Following Threats:
Removing EZToolbar Adware
Micro.Bot RAT Removal instruction
eShopee Trojan Information
SillyDI.CPH Trojan Removal
Remove Trojan.Downloader.Win32.Small.csn Trojan

Computer Protect Virus

Thursday, November 13, 2008

Look2Me Hijacker

Detection Look2Me :

Removing Look2Me:

0 Comments:

Previous Posts