I have been having problems with Look2Me and all related sites, nothing I do works to get rid (I have checked on many forums). Do these hijackers cause your internet to disconnect? Also, can they cause SpywareGuard to not run? At this moment, I can't seem to get it to run. Should I just give up and have a professional clean up my hard drive? It is so frustrating! Thank you.

Have you used Adaware/Spybot to remove Zestyfind and Look2me? You can get them at http://wilders.org/ if you do not have them. Be sure to update both programs before you run them. Sometimes it helps to run them while you are in the "safe mode". If the problem persists, get "hijackthis" and run it and delete all the entries of those two hijackers.

Look2Me is very frusterating indeed. I spent weeks trying to get rid of it. In my case, Ad-Aware and Spybot detected it, but were unable to remove it because of the DLLs the program uses. (msg117, msg118 along with some other msg's if memory serves me right). Try the Kill2Me download here:

http://www.spywareinfo.com/~merijn/files/kill2me.zip.

Save it to your desktop, unzip it and let the program run.

Hope this helps.

-Clinton

I have tried this and it always give the message that Look2Me doesn't appear to be on my computer, but do I want to kill it anyhow. I always pick yes, but it doesn't help. I usually get pages from Zestyfind. And when I can get Spywareguard to work, I am constantly getting messages about BHOs and how my homepage and toolbars are being changed. Does Look2Me have the ability to disable SpywareGuard? Right now I can't get it to work, so who knows what is being loaded onto or being changed my computer right at this moment! I just wonder if the people who design hijackers are proud of themselves! (Sorry, I'm venting!) Thanks for your recommendations.

I am having a hard time getting rid of the same adware. I have done a couple of things based on reading other forums. I did a search for upd*.exe, which turned up several files from the "Zestyfind" redirect. The two files were upd124.exe and updinstall.exe. I deleted both of these and that seamed to help. I have also deleted msg118, however, I am sure there are still files I need to find. Hope this helps.

If you have Zestyfind or the Look2Me spyware, I have found that none of the antispywares will remove it. If you still have it please follow these directions.

To get rid of it go to this website:

http://www.pchell.com/support/look2me.shtml

Go to the automatic removal section that says this:

Try this:
1. Start -> Run -> command (or cmd)
2. Navigate to C:\Windows\System\
3. Type "dir /A:H" and hit Enter
4. Look for suspicious hidden files. In my case the following was returned:

Volume in drive C has no label
Volume Serial Number is 3CF6-738A
Directory of C:\WINDOWS\SYSTEM

FOLDER HTT 13,122 05-21-01 10:42a folder.htt
DESKTOP INI 266 05-21-01 10:42a desktop.ini
NFTOS DLL 308,584 04-30-04 4:15p NfTOS.DLL
DUCNDI DLL 308,584 05-06-04 7:59a DuCNDI.DLL
IRSETUP DLL 308,584 04-30-04 4:15p IrSETUP.DLL
CNGWIZ DLL 308,584 05-06-04 7:59a CnGWIZ.DLL
NYSWAN16 DLL 308,584 04-30-04 4:15p NySWAN16.DLL
CTGWIZ DLL 308,584 04-30-04 4:15p CtGWIZ.DLL
NNTAPI DLL 308,584 04-30-04 4:15p NnTAPI.DLL
WGOCK32 DLL 308,584 04-30-04 4:15p WgOCK32.DLL
MPTCP DLL 308,584 04-30-04 4:15p MpTCP.DLL
NMSWAN16 DLL 308,584 04-30-04 4:15p NmSWAN16.DLL
DJNDI DLL 308,584 04-30-04 4:15p DjNDI.DLL
WFOCK32 DLL 308,584 04-30-04 4:15p WfOCK32.DLL
WCOCK32 DLL 308,584 04-30-04 4:15p WcOCK32.DLL
HPF81T11 GID 8,628 03-06-03 8:22a HPF81t11.GID
IIFRARED DLL 308,584 04-30-04 4:15p IiFRARED.DLL
ILSETUP DLL 308,584 05-06-04 7:59a IlSETUP.DLL
IEFRARED DLL 308,584 04-30-04 4:15p IeFRARED.DLL
DQNDI DLL 308,584 05-06-04 7:59a DqNDI.DLL
DHNDI DLL 308,584 05-06-04 7:59a DhNDI.DLL
DBNDI DLL 308,584 05-06-04 7:59a DbNDI.DLL
WYOCK32 DLL 308,584 05-06-04 7:59a WyOCK32.DLL
NCTOS DLL 308,584 05-06-04 7:59a NcTOS.DLL
CRGWIZ DLL 308,584 05-06-04 7:59a CrGWIZ.DLL
WAOCK32 DLL 308,584 05-06-04 7:59a WaOCK32.DLL
DSCNDI DLL 308,584 05-06-04 7:59a DsCNDI.DLL
NNTDI DLL 308,584 05-06-04 7:59a NnTDI.DLL
DONDI DLL 308,584 05-06-04 7:59a DoNDI.DLL
CXGWIZ DLL 308,584 05-06-04 7:59a CxGWIZ.DLL
IZHLPAPI DLL 308,584 05-06-04 7:59a IzHLPAPI.DLL
WNOCK32 DLL 308,584 05-06-04 7:59a WnOCK32.DLL
WMOCK32 DLL 308,584 05-06-04 7:59a WmOCK32.DLL
NJSWAN32 DLL 308,584 05-06-04 7:59a NjSWAN32.DLL
34 file(s) 9,588,120 bytes
0 dir(s) 5,650.16 MB free

5. As you can tell, all those files with 308,584 bytes in size look very suspicious. In fact, those files are the heart of the ZestyFind and Look2Me spyware.

6. To remove them, you will have to boot from a floppy. Don’t worry, if you don’t have a boot floppy available, you can download one from our good friends at http://www.bootdisk.com/. The one I used is located here: http://www.24by7.ca/files/boot98se.exe

7. Also, download, install, and update Ad-Aware 6.0.

8. Finally create a file in your floppy called clean.bat that contains the commands needed to remove the hidden, system, and read only properties of the infected files and also delete them from the system. Mine looks like this (watch to include only those files that reported 308, 584 bytes in size):

a:\attrib -r -h -s NfTOS.DLL
a:\attrib -r -h -s DuCNDI.DLL
a:\attrib -r -h -s IrSETUP.DLL
a:\attrib -r -h -s CnGWIZ.DLL
a:\attrib -r -h -s NySWAN16.DLL
a:\attrib -r -h -s CtGWIZ.DLL
a:\attrib -r -h -s NnTAPI.DLL
a:\attrib -r -h -s WgOCK32.DLL
a:\attrib -r -h -s MpTCP.DLL
a:\attrib -r -h -s NmSWAN16.DLL
a:\attrib -r -h -s DjNDI.DLL
a:\attrib -r -h -s WfOCK32.DLL
a:\attrib -r -h -s WcOCK32.DLL
a:\attrib -r -h -s IiFRARED.DLL
a:\attrib -r -h -s IlSETUP.DLL
a:\attrib -r -h -s IeFRARED.DLL
a:\attrib -r -h -s DqNDI.DLL
a:\attrib -r -h -s DhNDI.DLL
a:\attrib -r -h -s DbNDI.DLL
a:\attrib -r -h -s WyOCK32.DLL
a:\attrib -r -h -s NcTOS.DLL
a:\attrib -r -h -s CrGWIZ.DLL
a:\attrib -r -h -s WaOCK32.DLL
a:\attrib -r -h -s DsCNDI.DLL
a:\attrib -r -h -s NnTDI.DLL
a:\attrib -r -h -s DoNDI.DLL
a:\attrib -r -h -s CxGWIZ.DLL
a:\attrib -r -h -s IzHLPAPI.DLL
a:\attrib -r -h -s WnOCK32.DLL
a:\attrib -r -h -s WmOCK32.DLL
a:\attrib -r -h -s NjSWAN32.DLL

del NfTOS.DLL
del DuCNDI.DLL
del IrSETUP.DLL
del CnGWIZ.DLL
del NySWAN16.DLL
del CtGWIZ.DLL
del NnTAPI.DLL
del WgOCK32.DLL
del MpTCP.DLL
del NmSWAN16.DLL
del DjNDI.DLL
del WfOCK32.DLL
del WcOCK32.DLL
del IiFRARED.DLL
del IlSETUP.DLL
del IeFRARED.DLL
del DqNDI.DLL
del DhNDI.DLL
del DbNDI.DLL
del WyOCK32.DLL
del NcTOS.DLL
del CrGWIZ.DLL
del WaOCK32.DLL
del DsCNDI.DLL
del NnTDI.DLL
del DoNDI.DLL
del CxGWIZ.DLL
del IzHLPAPI.DLL
del WnOCK32.DLL
del WmOCK32.DLL
del NjSWAN32.DLL

9. Boot from your floppy and navigate to C:\Windows\System\.
10. Run your batch file. Type A:\clean to execute it. (Enjoy seeing all that junk go away!!)
11. Finally, boot in SAFE MODE (F8 at bootup) and run ad-aware with the latest definitions. Among other things, Ad-Aware will find an item called VX2.BetterInternet. Let Ad-Aware remove everything and then reboot one last time.

I know this is lengthy, but after two weeks of researching this spyware, I realize this is the best way to remove it. Good luck.