Content

Adware-Look2Me.dldr

Type
Program
SubType
Downloader
Discovery Date
04/28/2005
Minimum DAT
4479 (04/28/2005)
Updated DAT
4602 (10/11/2005)
Minimum Engine
5.1.00
Description Added
04/28/2005
Description Modified
12/26/2005 9:40 PM (PT)

Tab Navigation

Characteristics

McAfee(R) AVERT™ recognizes that this program may have legitimate uses in contexts where an authorized administrator has knowingly installed this application. If you agreed to a license agreement for this, or another bundled application, you may have legal obligations with regard to removing this software, or using the host application without this software. Please contact the software vendor for further information.
See http://vil.nai.com/vil/DATReadme.asp for a list of Program detections added to the DATs.
See http://vil.nai.com/vil/pups/configuration.htm for information about how to enable, disable, and exclude detection of legitimately installed programs.

Summary

This is not a virus or a Trojan. On execution of the application it installs with visible windows. It makes multiple internet connections with "ad-w-a-r-e.com", "z404.com", "dadamobile.com", "health-yshopping.com", "abcsearch.com", "partypoker.com", "uniqueoffer-s.com" etc. It gives a lot of pop-up ads and opens too many browser windows while browsing the internet.

Privacy

EULA is displayed during installation.

System Changes

File Name: “ffInst.exe”
MD5Hash: “232a0dda734f593b97be71029cefae34”

Following files are added into %SYSTEM32% directory:

  • iletcplc.dll
  • ivsmsnap.dll
  • pzfmgr.dll
  • qydit.dll

The following registry entries are added:

  • HKEY_CLASSES_ROOT\CLSID\
    {1041F7D5-A9CB-4382-8311-0C5451CBCAC8}
  • HKEY_CLASSES_ROOT\Interface\
    {57A0E747-3863-4D20-A811-950C84F1DB9B}
  • HKEY_CLASSES_ROOT\TypeLib\
    {57A0E746-3863-4D20-A811-950C84F1DB9B}

Network Impact

Additional overhead in bandwidth may occur due to download of content.

Aliases

Aliases

  • Adware.Look2Me - Symantec
  • Adware/Look2Me - Panda