Please HELP! Trojan lookme.me

I recently have installed and utilized hijackthis, killbox, spfix, sysbot r&d, and adaware. I also have installed spywareblaster, spywareguard and ie-spyad.

However, I have just received the following message from free version of AVG anti-virus:

Trojan Horse found
Downloader lookme.A
c:\system volume information \-restore- {70ddf097-848e-4259-a692-dd299b913b2e3-1rp282\a0209041.dll


I have run av but it is does not locate the virus in order to heal it.

All help is appreciated!

Thank you,


Gary

 

Hello Gary
do i understand you see it only in that one location? That's the system restore. Would not know a way to get it out and send it to a developer for additional advice.
So what you can do:
disable system restore, reboot enable system restore again and make manually a new restore point.
So all old system restore points have gone, including your possible infected older restore point.

Do anothjer scan after this, also with another scanner, for example an online scanner like http://housecall.trendmicro.com

 

trendmicro scanner does not detect downloader.lookme.A

 

Pity we never heard Gary back.

Are you infected too?
Try another scanner first then; which scanner did you use?
SpybotS&D, Ad-aware? TDS? Most downloaders are found with those.

 

yes, it came up last night on mine. I have Spysweeper, AVG antivirus, scanned with Trend, and install The cleaner, none of which seem to get rid of it. BTW, my system restore is off but can someone tell me why WinTools keeps appearing on my computer? I even removed it from the system registry.

 

my friend has the lookme.A downloader ....
we cant find the folder it says its in with AVG. antivirus software.
the thing just dont exist ..and i have remote administrator on his computer helpinghim...cant find .dll in the folder it says it is in and i have the SHOW HIDDEN FOLDERS on in folder options.. He has windows 2000 pro.
does this have a system restore?

 

Hi allen

Welcome to Wilders.

I believe System Restore doesn't exist in Windows 2000 Professional.



snowbound

 

If you connect (using Remote Administrator) via "File transfer mode", you should be able to see the hidden files/folders and where they are located.

Nick

 

http://www.theeldergeek.com/system_volume_information_folder1.htm should work for windows 2000 to

 

System Restore is not available in Windows 2000: How to Disable System Restore in Windows ME or Windows XP.

Nick

 

if you read that page it tells you how to delete the folder. And it is more for just system restore, havent found a doc that explains it all but here is something http://blogs.msdn.com/oldnewthing/archive/2003/11/20/55764.aspx http://forum.tweakxp.com/forum/forum_posts_view.asp?TID=18082&PN=1
fount somethint else dont know if it is on the other 2 pages http://www.microsoft.com/windows2000/techinfo/howitworks/management/w2kservices.asp
Note: The DLT Client service monitors activity on NTFS volumes and stores maintenance information in a file called Tracking.log, which is located in a hidden folder called System Volume Information at the root of each volume. This folder is protected by permissions that allow only the system to have access to it. The folder is also used by other Windows services, such as Indexing Service

 

Thanks Nick...we did find it..sorry..i cry alot lol.
but we ended up buying a two year subscription to AVG.
and that took care of it...we hope...we did delete that file
it made and hid in.
so far no trouble..and the system is running super fast..
Thanks all of you who helped.
allen