Malwarebytes update

hello there. im new here too.
im andrei from romania, and i found this site when looking for info about how to get rid of it. didnt find the info yet but im still trying. will make a post with detailed info about my problem.

 

Re: About myself _ new member

i can update my malwarebytes and access antivirus manufacturer sites again. looks like my problem is gone ... for now.
Sophos conficker removal kit showed me the dll i had to remove. thanks to them. i had to ask a friend to dld it for me and pass it to me as my virus was blocking my access to virus removal tools.
i tried the basic steps described on this site, everything worked except RootR which blocked my puter or ended in a critical error blue screen. blocked puter even in safe mode.
thx for the advices i found here, now i just need to find that crytical windows vulnerability patch and i'll be okai.

 

If all of your security programs do not run correctly go here and test your machine: http://www.confickerworkinggroup.org/wiki/ I have been finding this popping up again!

Phil

 

yes, it was conficker.
removing the only hidden dll in system 32 made wonders for me.
i can now access all anti-virus websites and i can update malwarebytes. some sophos conficker removal tool said that the virus was located there and in C:\System Volume Information. that's wat gave me the ideea to remove that dll. now i dunno how to deal with C:\System Volume Information as it's an empty folder or, atleast that's what windows says. but all the rest is working fine, that link to test for conficker now show's me as not having it, all the scans are showing me clean, except RootR which blocks my computer.
i run XP SP2 and now i fixed the 08-067 vulnerability, installed firewall, updated java and deleted MS java and old updates, i pretty much followed all the advices i found on this forum, including reg clean, delete windows messenger, upgraded to IE 8, but i now know i should use FF more. i have FF, IE and Chrome, i sometimes create webpages and i wanna see how they look in diff browsers.

 

turned it off and the system restore tab is gone. i right click my computer properties, and the tab is no longer there.
also, i installed Sygate Personal Firewall. but i am not sure what traffic should i allow and what traffic should i block. like ntoskrnl, svchost and ndisuio. is it normal that these are requesting to access the network?
thx heaps again.
happy new year and best geek new years eve party !

 

You not having the "restore tab" anymore seems to me there is still something wrong, it may take finer minds then mine to sort it out.

Phil

 

regarding my firewall, it seems to me that even when i click yes every time i am asked to allow something to access the network, i still can't browse normally.
i can access major geeks, i can log in with my name, i can push reply but when i push submit it fails to submit my message. i can open my yahoo mail, login, go to inbox, but when i click a mail i fail to open it. that happens even when i click allow to all i am asked for. makes me wanna check whatever i set as always blocked and don't ask me again again. i'll go check that list, hope its easy to find.
as for my 2nd problem, " If you experience any of the above, it is likely caused by a corrupt <DriveLetter:>\System Volume Information folder." i'll try what i see there. i do suspect a corrupt C:\System Volume Information. that's y i turned off system restore in the 1st place.

 

hi
1st i wanna tell that the trick with deleting that folder worked, i had to do it in safe mode for my main drive ( C ) and now system restore tab is there and working.
the firewall is the only "live" application i run, other that that i only use applications i found mentioned on this forum and only use em to scan, not to monitor.
listed from Add/Remove Programs:
CCleaner
Malwarebytes
SUPERAntiSpyware free edition
Sygate Personal Firewall
i too feel i mite have remains of some malware on my puter, superantispyware and malwarebytes wont find anything, i'll start the rest and tell what happens
if i can't run RootRepeal, should i run GMER instead ? i did but i can't really read those logs.