Three tools to combat Look2Me hijacker malware...

General Topics
1

Hi malware fighters,

Look2Me is irritating hijacker malware, read the description here:
http://www.ca.com/us/securityadvisor/pest/pest.aspx?id=453086545

There are three tools presented here that are being used against Look2Me:

The first is L2Mfix:

Download and use L2Mfix
http://www.downloads.subratam.org/l2mfix.exe

  • With your mouse click right on the link > “safe target as…” and save to your desktop
  • Doubleclick after downloading the file “l2mfix.exe”, click “accept” and then the “Install” button to unpack the files (standard this is to the desktop, leave it there)
  • when your av should alarm, click “allow” (faek alarm),
  • Open the folder “L2mfix” that was created at the desktop and doubleclick the file l2mfix.bat > A dos window will open with some lines, click a random key to continue
  • Choose in the next window (greenish) option 1 (Run Find Log) by typing 1 and clicking enter.

Your pc is being scanned now, without any activity for youm do not think it does not work or is idle.

  • After around 1 minute’s time (can be slightly longer) a notepad.txt file will be created named “report.txt” > copy the contents of that logfile and paste it in your next posting
    Do not do anything further with L2mfix! so do not yet start option #2 or one of the other files until you reported back and you are asked you to do so

And then continue to use L2Mfix

  • Close all other proggies (messenger, P2P, …) and sites, so your taskbar only is open at this site
  • Open the unpacked l2mfix folder which sits on your desktop and double click again at “l2mfix.bat”
  • Choose now option #2 (Run Fix) by typing 2 and give in enter
  • Click whatever key to restart your PC
  • After restart your desktop icons will be shortly shown and then will disappear (this is a completely normal procedure, so do not get startled)
  • L2mfix will continue its scan and when finished, it will open notepad again. Copy the contents of that log that appears and paste it after the further steps into your next reaction (save it or post it now)
    Furthermore do not touch the other files of lL2mfix for the mo.

When L2Mfix has finished, use Dotcomtoolbar Removal Tool from here:
http://securityresponse.symantec.com/avcenter/FxDtcmtb.exe
How to use FxDtcmtb.exe

  • At download choose save as on a site where you easily can trace it back, e.g. desktop
  • Close all internet pages, Outlook, Messenger etc…,
  • Doubleclick this tool to open
  • Click start and have it scan

Another tool to combat L2M is Look2Me-Destroyer.exe

Please download Look2Me-Destroyer.exe to your desktop from here: ttp://www.atribune.org/ccount/click.php?id=7h .

* Close all windows before continuing.
* Double-click Look2Me-Destroyer.exe to run it.
* Put a check next to Run this program as a task.
* You will receive a message saying Look2Me-Destroyer will close and re-open in approximately 1    minute. Click OK
* When Look2Me-Destroyer re-opens, click the Scan for L2M button, your desktop icons will disappear, this is normal.
* Once it's done scanning, click the Remove L2M button.
* You will receive a Done Scanning message, click OK.
* When completed, you will receive this message: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, click OK.
* Your computer will then shutdown.
* Turn your computer back on.
* Please post the contents of Look2Me-Destroyer.txt (it can be found wherever you saved Look2Me-Destroyer.exe) and a new HiJackThis log.

If Look2Me-Destroyer does not reopen automatically, reboot and try again.

Then there is also this F- LookToMe Tool from F-secure to be downloaded here:
http://www.f-secure.com/tools/f-look2me.zip

polonus