Over 1 million tech questions and answers.

Windows Police leftover help please

Q: Windows Police leftover help please

I used the Windows Police removal procedure as shown and successfully removed the program. THANKS - got my computer back! However, every time I start up my computer or a program now I get the following window notification "name of exec file - BAD IMAGE. Then it states that "globalroot\systemroot\system32\gasfkybospyfqm.dll" is not a valid Windows image. Please check it against your installation disk." I can click on OK and everything works but it comes up everytime something loads. Any information on getting rid of this screen would be appreciated. Also - all my RESTORE points have gone, I can't even get back into yesterday or last month. RESTORE is set to work so????

RELEVANCY SCORE 200
Preferred Solution: Windows Police leftover help please

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: Windows Police leftover help please

Moved from HJT to a more appropriate forum. Tw

Read other 7 answers
RELEVANCY SCORE 77.6

Hello, I originally posted this over in "Am I infected? What do I do?" and then Blade Zephon recommended I start a new topic here.Here is the original topic: http://www.bleepingcomputer.com/forums/t/257317/my-pc-iswas-infected-by-windows-police-pro/For your convenience, I'll just quote the whole thing, omitting the unnecessary parts:Now, however, I've got a newer PC virus/malware, and I don't know what to do with it! I was just on some gaming websites when my computer revved up, so I checked task manager, and saw two processes trying to run: "a.exe" and "b.exe." I ended both of them, but soon after that "Windows Police Pro" popped up. I knew what kind of malware it was, so I ended it in task manager and deleted its folder which had popped up in my C:/program files.Those two processes kept coming back, though... I tried to run Malwarebytes, but it did not, and still will not work, even though I've reinstalled it several times. I even tried running the Fixexe.reg program, but it didn't seem to help. I can't even get Malwarebytes to start up unless I reinstall it, and then it only gets about four seconds into a scan before it closes abruptly. I ran "AdAware 2008" successfully, but it only picked up four things... I downloaded "Avast," and it did a long start-up scan, apparently getting rid of several of the infected files --- lots of filenames with "SKYNET" in them --- there was one .dll I "moved to chest" and one file I could do nothing but "ignore..." Now, Avast is installed, ... Read more

A:Help me remove a rootkit leftover from a Windows Police Pro infection

Hello Bent 00,Please save this file to your desktop. Click on Start->Run, and copy-paste the following command (the bolded text) "%userprofile%\desktop\win32kdiag.exe" -f -r into the "Open" box, and click OK. When it's finished, there will be a log called Win32kDiag.txt on your desktop. Please open it with notepad and post the contents here.

Read other 31 answers
RELEVANCY SCORE 48.4

After finally getting the Windows 10 Anniversary Update to install, as expected, I had a WIndows.0ld file. Following instructions posted here and elsewhere, I used Disc Cleanup to remove most of that file.

There are still two folders remaining in Windows.old from System32, one in Drivers (IntcDaud.sys) and one in DriverStore (intcdaud.info.amd64xxxxx.) When I go directly to System32, both drivers appear in the same folders where they show in Wndows.old. Disc Cleanup no longer even recognizes Windows.old, so I cannot run it again to remove what appear to me to be extraneous entries.

Can I safely use Unlocker to try to remove the remaining Windows.old file, which likely would only work after a reboot? If not, is there some other method, short of using the Jaws of Life or a ten-pound sledge hammer to remove the leftover Windows.old file?

A:Windows.old leftover

Hello Not Myself,

Unlocker should work for you. If you like, OPTION THREE below should work as well.

Windows.old Folder - Delete in Windows 10

Read other answers
RELEVANCY SCORE 46.8

Hi,
 
Looking through the C:drive on my Widows 10 desktop PC, I have discovered a folder named ComboFix. I ran a ComboFix scan and repair a couple of years back under directions from BleepingComputer.com when i had a different username (chipparus) and adifferent OS (Windows 7 I think).
 
Out of curiosity I looked at the properties of this folder which states
Type: Folder
Location:   C:/
Size:   60.3 MB
Files    337
Folders    3
 
However, when I click on the folder it seems to contain a replication of "My PC" including six system folders and Drives: C:/, D:/, E:/, F:/ & G:/ including all content amounting to over 500GB. I am wondering if this is a duplication or some sort of false library folder and whether or not I can get rid of it?
 
Any advice would be much appreciated.
 
Many thanks
 
Roger
 
 
 
 

A:Removing leftover ComboFix folders Windows 10

Please download DelFix by Xplode and save to your Desktop.Double-click on delfix.exe to run the tool.Vista/Windows 7/8/10 users right-click and select Run As Administrator.Put a check mark next to these items:- Remove disinfection tools- Create registry backup.Click the "Run" button.When the tool has finished, it will create and open a log report (DelFix.txt)-- Doing this should remove ComboFix and all of its related files/folders as well as any other specialized tools downloaded and used for malware removal. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click on it and choose delete).

Read other 3 answers
RELEVANCY SCORE 46.8

When I delete the last email message in Win Live Mail I see that the header of the last email stays leftover in the Reading pane. Just the last message. The header of the last message I should say. When you delete messages in most programs the whole thing gets deleted. Is there something I can do to fix this or is this just another bad setting from Microsoft?
 

Read other answers
RELEVANCY SCORE 46.4

Hi,
I am using the Backup and Restore Center to backup a desktop and a PC to a local network WD My Book one TB drive. These backups are monthly. There are sets of fifteen to twenty zero length temp files of the form SDT3648.tmp for each machine for each backup. It seem obvious that the backup program should have deleted these files. Is this a common experience with Windows Vista backup for anyone else?
Thanks
Frank C

A:Windows backup, leftover zero length temp files

Hmmm, i am not sure if they are supposed to be left or not, but, temp files are just that, temporary, i use this to clean my up : TFC - Temp File Cleaner by OldTimer - Geeks to Go Forums
Hope this helps you out.

Read other 1 answers
RELEVANCY SCORE 44.8

Hi all!
 
I have MS Win XP Pro SP3 32-bit, and Windows Media Player 11, and would like to remove several files named AlbumArt.jpg, AlbumArtSmall.jpg and Folder.jpg . There is also an important file named desktop.ini, which I of course will not delete.
 
However, as I try to delete them, one of the following generic warning message(s) that comes up, is like this:
 

AlbumArtSmall.jpg is a system file.
 
If you remove it, it is possible that your computer or one of the programs on your computer will not work properly. Are you sure you would like to move it to the Recycle Bin?

 
Obviously this is because the files are 'hidden'.
 
I rarely use Windows Media Player, as I have moved on to iTunes, which IMO is far more versatile for maintaining my music library.
 
So, now I am wondering: How do I safely remove Windows Media Player leftover jpeg files with a script?
 
Thank you very much in advance!
 
Regards,
midimusicman79

A:How do I safely remove Windows Media Player leftover jpeg files with a script?

Hi again midimusicman79 Windows Media Player is a core component of Windows. Any attempt to remove it, uninstall it or else will leave you with system files corruption. So if I were you, I would leave it be and not touch it. You cannot fully uninstall "core" components of Windows, any attempt to do so will bring you problems, I can guarantee you that.

Read other 3 answers
RELEVANCY SCORE 42

This is my first posting a thread, my computer has the Windows Police Pro virus since Friday the 9th of October. I have not used my computer since this morning. In the meantime, the following items are not allowing me to remove this virus:

Will not start in any safe mode
Disabled my task manager
Disabled my icons and start menu
Disabled my manual start command

Please help, the information stored on my computer has not been backed up.

thanks

A:Windows Police Pro

Please download Malwarebytes Anti-Malware and save it to your desktop.
If you have problems with that link, you can also download it from Here or HereMake sure you are connected to the Internet.
Double-click on mbam-setup.exe to install the application.
When the installation begins, follow the prompts and do not make any changes to default settings.
When installation has finished, make sure you leave both of these checked:
Update Malwarebytes' Anti-Malware
Launch Malwarebytes' Anti-Malware
Then click Finish.
MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.
If you encounter any problems while downloading the updates, manually download them from here
and just double-click on mbam-rules.exe to install.
On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.
Then click on the Scan button.

If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.
When the scan is finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
Click OK to close the message box and continue with the removal process.
Back at the main Scanner screen, click on t... Read more

Read other 19 answers
RELEVANCY SCORE 42

I followed the guide that is listed on this site to a T twice, and upon restarting Windows Police Pro is still here. Any assistance would be most appreciated. I followed this guide: http://www.bleepingcomputer.com/virus-remo...dows-police-proMalware Bytes Log:Malwarebytes' Anti-Malware 1.39Database version: 2464Windows 5.1.2600 Service Pack 29/21/2009 9:18:40 AMmbam-log-2009-09-21 (09-18-40).txtScan type: Quick ScanObjects scanned: 94104Time elapsed: 8 minute(s), 10 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 2Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 1Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\CLSID\{77dc0b63-1535-4ba9-8be8-d59eb676fa02} (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77dc0b63-1535-4ba9-8be8-d59eb676fa02} (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:c:\WINDOWS\system32\dddesot.dll (Rogue.ASC-AntiSpyware) -> Quarantined and deleted successfully.

A:Windows Police Pro

I tried running malware bytes in safe mode and it found nothing. When rebooting, it was back up again. This is really driving me crazy.

Read other 3 answers
RELEVANCY SCORE 42

Im infected with windows police pro. i've tried a few how to's on removal but it ends up teh same way which is some of it is removed and then when attempting to run malwarebytes i get an Open with error. along with any other desktop .exe / programs / instalers / everything except folders. i can get some programs to work using run as but not all of them.

i've made my own thread because it seems to be what everyone is doing and i need specific help.

i have used viprer - left me with open with error. went on microsoft chat support was told two commands to help me with the open with error (one was assoc .exe=exefiles and the other i forget) but windows police pro came back and i couldnt run anything yet again.

attempt 2. i downloaded a program from a website and it gave me a bit of coding to copy and paste into the program. again, leaving me with the open with program. and im stuck now. im asking for help on another forum too. im going to try a program that was suggested to me its called smitfraud i think.

also, another website told me to download this program - spynomore which pissed me off because it found a lot of infections and then asked me to purchase it. i have screenshots from mbam - before bleep got crazy (i scanned and found 2 trojans and a backdoor but left it until the next day because it was in my system32 i was going to ask for help from friends but when i came back to my computer the next day bleep was crazy) and i have screenshots from spynomore.

A:Windows Police Pro

the program i was suggested - smitfraud - wasnt able to run so im still f'd

Read other 13 answers
RELEVANCY SCORE 42

Tried (unsuccessfully) to remove Windows Police Pro using the removal guide. Everything works as described until I run Malwarebytes and Win Pro Police is NOT detected. When I reboot, it's back..So after running fixtm.exe, ending Win Police Pro and svchasts from the taskmanager, running fixexe.exe I am able to run Malwarebytes, HijackThis, and Rootrepeal. Here are my logs:***edit - just deleted the 2 items in red below using HJT***Logfile of Trend Micro HijackThis v2.0.2Scan saved at 8:52:07 PM, on 9/14/2009Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v8.00 (8.00.6001.18702)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exeC:\PROGRA~1\AVG\AVG8\avgwdsvc.exeC:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\PROGRA~1\AVG\AVG8\avgrsx.exeC:\PROGRA~1\AVG\AVG8\avgnsx.exeC:\W... Read more

A:Windows Pro Police - help!

At the risk of being put to the back of the line, I'm doing the unthinkable.. bumping my post. I've been eagerly anticipating a reply for the last 10 days. I'm amazed at the number of threads that are created on a daily basis.. I understand the delay.. but I also see initial posts that get answered the same day.. Perhaps these are "slam dunk" fixes... dunno.. Any/all help will be appreciated.Thank you!!!Paul===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastr... Read more

Read other 22 answers
RELEVANCY SCORE 42

I believe that I have Windows Police Pro on my computer. I don't know how I did this. I just know this morning I got these security warning messages that kept popping up, but the page could not be displayed. Then after that I got a screen with this writing on it, I can't remember what it said, but I had to restart my computer. After I restarted I noticed that when I tried to do a search on google.com in Opera, I got either a blank page or when I clicked a link a new tab would open to places such as searchfindsite.com, wecrawler.com, or a site called iprowl. So I did a scan with McAfee which found 11 items on my computer. The items FakeAlert-Gv, Generic Downloader.x!bff, Generic Downloader.x!yj, Generic.dx!bbc(found twice), and Generic Downloader.x!bcj (found 4 times) were quarantined; PrcViewer was detected but I removed the file; And Generic Rootkit.d!rootkit was susposed to be removed. I decided to do another scan and the Generic rootkit was found and I guessed removed again, but since the rest of it was not detected on the second scan I thought everything was okay. But I did still have the problem with google and Opera. I decided to click the gold shield on the taskbar of my computer to do updates. I did the updates a couple of times because it didn't seem to be working. Then I decided to upgrade to the latest version of Opera hoping this would help the problem with google. While I was downloading I noticed a silver on the taskbar, and when the download was ... Read more

Read other answers
RELEVANCY SCORE 42

first i got the 2010 pc pro anivirus and then window police pro. I tried to follow some file deleting processes. I was able to find some and delete but I get not get the mbwa to install and run. Please help. I was not able to download rootrepeal.

A:windows police pro

please somebody help i can not do it by myself I am not computer savy===========Hello While we understand your frustration at having to wait, please note that Bleeping Computer deals with several hundred requests for assistance such as yours on a daily basis. As a result, our backlog is quite large as are other comparable sites that help others with malware issues. Although our HJT Team members work on hundreds of requests each day, they are all volunteers who work logs when they can and are able to do so. No one is paid by Bleeping Computer for their assistance to our members.Further, our malware removal staff is comprised of team members with various levels of skill and expertise to deal with thousands of malware variants, some more complex than others. Although we try to take DDS/HJT logs in order (starting with the oldest), it is often the skill level of the particular helper and sometimes the operating system that dictates which logs get selected first. Some infections are more complicated than others and require a higher skill level to remove. Without that skill level attempted removal could result in disastrous results. In other instances, the helper may not be familiar with the operating system that you are using, since they use another. In either case, neither of us want someone to assist you who is not familiar with your issue and attempt to fix it.We ask that once you have posted your log and are waiting, please DO NOT "bump" your thread or make further r... Read more

Read other 3 answers
RELEVANCY SCORE 42

Windows Police Pro infected my PC. At this point it lets me do get on-line but I can not do the following
- Task Manager is desabled
- can not install Maleare removal programs
- keeps displaying messaged that PC in infected and to purchase their product

Please help

~Adam

A:windows police pro took over my pc

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr====================================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Press any key to exit..., press a... Read more

Read other 1 answers
RELEVANCY SCORE 42

Had originally posted in Do I have a Virus Forum...
Nothing working. Police Pro had been found and I followed directions to remove. Now, still no icons, no desktop, no start menu, no explorer. When running malwarebytes or any other scan they shut off at the very end after scanning. Malware bytes no produces no findings and completes.
DDS (Ver_09-09-29.01) - NTFSx86
Run by Theresa Chamberlain at 17:31:27.68 on Tue 10/06/2009
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.502.92 [GMT -7:00]

AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
C:\WINDOWS\system32\svchost -k rpcss
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
C:\WINDOWS\system32\svchost.exe -k NetworkService
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\... Read more

A:Windows Police Pro

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this post a fresh dds log, please.

Read other 3 answers
RELEVANCY SCORE 42

Hi all.

I have a Toshiba Satellite laptop that's a few years old. It's running Windows XP. From the time I've had this thing, I've had little to no virus problems, until recently.

In June I got the AV360 virus and couldn't fix it myself. I had to take it in and a guy repaired it for me and everything was running fine again.

Then in the last few weeks, I've been getting viruses like crazy. I had the Windows Anti-Virus Pro and Windows Police Pro, but I've been able to remove them. I use fixtm.exe, then I end the svchast.exe and windows antivirus pro processes, then I run MalwareBytes, and the problem is gone.

It came back today as Police Pro, and I can't get rid of it. It won't let me run Malwarebytes. In fact, I think it may have somehow deleted my program entirely. I tried to redownload it and it started the scan and then disappeared again. I tried Spybot Search and Destroy but it keeps shutting that down too. I ran my AVG Anti-Virus and it didn't pick anything up (because it's a pile of crap).

Another problem I have been having is that when I do a yahoo or google search, I'll click on a result and it takes me to a fake search engine site. When I try to open certain programs, an error message pops up with the location of the file.

My questions:
1. How do I get rid of this if I can't get Malwarebytes to work?
2. What is a better free anti-virus than AVG, because AVG doesn't pick up crap.
3. What can I do to better p... Read more

A:Windows Police Pro

If you're still having "new" problems then the likely cause in your case is that you didn't really get rid of the old issues.AVG is not a pile of crap. It works just fine if you keep the program updated and running properly. It has done well for me for as long as I have had it (we're talking years here) and I'm infection free. It will do just as well at finding VIRUSES as any other freeware program. (And it does a better job than Norton or McAfee's high cost programs.)I would suggest you get on another computer and download Malwarebytes. Then you'll want to rename the .exe file to something else, such as zztoy.exe (as one BC expert suggests) by right clicking on the file and choosing "Rename". Then put that file on a CD or flash drive. Use that to install the program on the infected PC. You will need to get to a point where you can run Malwarebytes in a full scan on the infected PC, so try starting in Safe Mode first. If that works and you can clean up the PC a little, try it in Normal Mode next doing a full scan.Then go and get SuperAntiSpyware to install and run a Complete Scan with that.Come back after the scans and let us know how it goes, or let us know if you need more assistance to perform the scans.Finally, and I say this in a light-hearted tone, stop doing whatever it is that you're doing that keeps getting your nasty infections. Anti-virus programs, firewalls and anti-malware programs can only do so much to protect you... Read more

Read other 1 answers
RELEVANCY SCORE 42

im infected with windows police pro. it use to be so bad that i couldnt open any programs but through the help forums i used a quick exe fix so i can run most things but not all things. iexplore frequently pops up in my task manager and doesnt pop up a window it just plays the sound from the advertisement. when using google i am forwarded to different sites upon clicking google results. im unable to run certain scans, mbam being one of them. the programs i cant run i double click them and the cursor swaps to the loading cursor and back without loading anything. when i restart my computer freezes most of the time before im able to log in. unable to use disk defragmenter also unable to autoplay cds - before i found teh fix it wouldnt even recognize cds.

this is a scan with RootRepeal. whenever everything is checked and i try to scan my computer freezes while it initializes so heres just the drivers
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/09/18 00:12
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP2
==================================================

Drivers
-------------------
Name: hjgruiimrgsbws.sys
Image Path: C:\WINDOWS\system32\drivers\hjgruiimrgsbws.sys
Address: 0xAFA9E000 Size: 163840 File Visible: - Signed: -
Status: Hidden from the Windows API!

Name: PCI_PNP8756
Image Path: \Driver\PCI_PNP8756
Address: 0x00000000 Size: 0 File Visible: No Signed: -
S... Read more

A:Windows Police Pro

bump

Read other 3 answers
RELEVANCY SCORE 42

WHat the heck? i have no idea what happened. i got a popup from my mcafee saying it had blocked a trojan, the computer froze and so when i rebooted i suddenly have this bloody annoying thing that keeps popping up called WIndows Police Pro. it will not let me run any applications, i have tried downloading various tools but when i click to execute i just get a little command prompt and then nothing. I cant even run the DDS program that is listed in the read this first. Keeps trying to get me to buy their product, it has diabled MCafee and overtaken windows security center. System restore will not work, nor will anything in the control panel.

Mcafee didnt want to know, basically useless waste of money that is.

PLEASE HELP

A:WIndows Police Pro

Hello -

Please provide as much information as you can about the system. XP, Vista? Service Pack level?

Does Task Manager work? Ctrl + Alt + Del

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

Read other 2 answers
RELEVANCY SCORE 42

Hello and thank you in advance for your help. On September 23rd, my PC became infected with Windows Police Pro. It never acted like it was scanning and did not disable task manager, but I couldn't find any of the processes the guide (on bleeping computer) referred to (svhast.exe, Windows Police Pro). It just blocked my executables, registry, etc. When I booted in safe mode, I was able to download Malwarebytes and successfully run it after choosing "run as" and then unchecking the "protect my computer and data from unauthorized program activity" box. I don't know if any of this information is helpful, but I thought I'd put it out there. Malwarebytes found something like 132 infections, but was only able to delete about 16 of them. I have pasted the dds log and have attached the Attach, HJT and Ark.txt. I should mention that I renamed one of the folders under Windows Police Pro to "Virusstuff" in an attempt to delete the files (didn't work). I am able to run programs now, but I get redirected to junk sites when doing searches on the Internet so I know it stuck around. Also, when running rootrepeal, I get an error that states "Could not enumerate files in dir\'\\?\C:\program files\windows police pro\virusstuf\ton.and\*\, with the Windows API! Error code - 0x00000003"
DDS (Ver_09-09-24.01) - FAT32x86 NETWORK
Run by Natalie at 17:16:02.34 on Sat 09/26/2009
Internet Explorer: 7.... Read more

A:Windows Police Pro

This topic can be closed. I just reformatted my hard drive since it needed it anyway. Thanks!

Read other 2 answers
RELEVANCY SCORE 42

I am new here, and am not super-handy on the computer. I have read a lot about this website and was hoping I could find some help... My computer was/is infected with Windows Police Pro. I couldnt run any programs, so I actually paid for Spy No More because I was able to download and run the scanner - free version of the program. It has worked so much as to let me run Malwarebytes when I am in Safe Mode, but my comp is still not working correctly, and I dont think I have gotten rid of the Police Pro completely. I can connect to the internet fine when in safe mode, but when I start up the computer normally, and try to use my IE, it says there is a diagnostics problem and when I go to diagnose the problem through the Tools drop down menu, it says I need to change my firewall settings. I Dont know how to check to see if everything is gone; and I really doubt my system is clean yet. I would really appreciate any help. Thank you in advance!!Matt

A:Windows Police Pro

Hey Matt, try following the instructions here:http://www.bleepingcomputer.com/virus-remo...dows-police-proHarry

Read other 4 answers
RELEVANCY SCORE 42

So i left for a few days and come back to a failing computer. Its slowly gotten worse and worse. At this point i am running in safe mode, since i don't want the problem to get any worse.
Im pretty savy with a computer, and the only reason i find myself on here is i just simply can't get it fixed. The common WPP problems i have are as listed. Cannot open any application, msconfig, new program, or any of the many good anti-spware/malware programs.
All these programs all say that they are "not a valid Win32 application".
I have also downloaded RootRepeal and OTL but neither will open, the same Win32 box opens. I have never used these apps, but i seen some threads about WPP and had some of your pros require the logs for research. I tried to download and get these on, but i can't.
I ran Spybot S&D, Malwarebytes, and Eset Nod32 for defenses. On Windows XP Pro.
Hopefully i can get back on my computer soon, my EQ double experiance weekend is almost gone

I appreciate any help you guys can give me!
P.S.
No im not on a compaq

A:Windows Police Pro

Hi and welcome.. I am moving this to the Am I Infected forum from XP as you are.You have a rootkit.As there are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by HJT team member.Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible. Now ... Download this Utility and save it to your Desktop.Double-click the Utility to run it and and let it finish.When it states Finished! Press any key to exit, press any key to close the program.It will save a .txt file to your desktop automatically. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as part of the reply in the topic you will create below..Next please go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post the Rootrepeal log and the above log.Let me know how that went.

Read other 22 answers
RELEVANCY SCORE 42

This is driving me crazy. I need help

Running from: C:\Documents and Settings\Priscilla\My Documents\Downloads\Win32kDiag.exe

Log file at : C:\Documents and Settings\Priscilla\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...

Found mount point : C:\WINDOWS\$hf_mig$\KB904706\KB904706

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB912945\KB912945

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\BDATunePIA\BDATunePIA

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehCIR\ehCIR

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\EhCM\EhCM

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\assembly\NativeImages1_v1.1.4322\ehcommon\ehcommon

Mount point destination : \Device\__max++>\^

Found mount point ... Read more

A:Windows Police Pro

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. Pleaseinclude a clear description of the problems you're having, along with any steps you may have performed so far.Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.Please download ComboFix from one of these locations:Link 2Link 3* IMPORTANT !!! Save ComboFix.exe to your DesktopTemporarily disable isable your AntiVirus and AntiSpyware applications. They may otherwise interfere with our tools
Usually this can be done via a right click on the System Tray icon, check this tutorial for disabling the most common security programs: Link

Double click on ComboFix.exe & follow the prompts.
As part of it's process, ComboFix will check to see if the ... Read more

Read other 2 answers
RELEVANCY SCORE 42

My Dad got Windows Police Pro on his computer. I have gotten the program off and deleted it from the machine... at least part of it. I no longer comes up when the machine is logged into. I got a registry fix from a computer guy I work with so that I am able to run exe files again. However, I cannot get Malwarebytes to scan or any malware program, antivirus program or anything else to run. After about 10 minutes of the machine being one it blue screens on me with various 0x0 codes. Most common is 0x0000007B. I tried running a registry repair program (registry mechanic) and it found errors and fixed them, but it didn't fix the problem.
I cannot start the computer in safe mode either.
I really don't want to have to format and start over....
Can anyone help?????
Thanks!

A:Windows Police Pro

One additional note, this is on Windows XP (home edition)

Read other 2 answers
RELEVANCY SCORE 42

Hey guys, I'm infected with this thing that shuts down malwarebytes after four seconds of running. Wont let me run HJT or Norton or safe mode. I don't really know what to do. It blocks up my internet and keeps redirecting my google searches. In my processes, I found some weird stuff like a five or six different iexplorer.exe processes running as well b.exe and c.exe. I need help What should i do?

A:Windows Police Pro

Hello and welcome . Start here Remove Windows Police Pro (Removal Guide)Scroll to Automated Removal Instructions for Windows Police Pro using Malwarebytes' Anti-Malware:when Completed post the Scan Log here.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.how is it running no?

Read other 13 answers
RELEVANCY SCORE 42

My kids got on a site that brought in Windows Police Pro.
It has completely blocked me from being able to do anything to remove it.
I have tried to download Fixtm.reg but it just jams my computer.
I've tried to access other malware sites and it jams my system.
I've truly been taken over by pirates and am being hijacked.
What can I do?

A:Windows Police Pro

Welcome to BCLet's check for rootkitsWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr=======================================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a diagnostic report Double-click on Win32kDiag.exe to run and let it finish. When it states Finished! Pr... Read more

Read other 1 answers
RELEVANCY SCORE 42

Well gang I found a seriously nasty variant of this bad guy. I'm about 100% sure it has rootkit activity. It was on a large school network and came through as a driveby install. It starts up with the usual "your infected" scare screens and over time morphs into several pop ups (fake windows security screens, pop up balloons warning of impending doom to private info) This signies there are multiple trojans at work given enough time to spawn. I would love to kill this thing understanding that it may never be TRULY clean again. I have already replaced the hard drive in the system and would like to "learn" from this infection as I maintain the network mentioned and want to be prepared. I have already eradicated many "fake alerts" like this with major success but this one seems extremely stealthy and persistent so before I started the usual techniques I thought I would run it by you folks. My dilemma is this: I cannot for obvious reasons just plug this system back in to the network and start uploading logs. Is there a proven method you have developed for sharing logs without moving the infection from the infected system to a known clean workstation? Does this family of trojans jump drives when detecting a file transfer say to CD or USB drive? I don't mind plugging in to a broadband connection at home and doing it from there but I would like to have a "starting" list of utilities you think will be needed. Where should we start? Anyone... Read more

A:Windows Police Pro

To be more helpful I am preparing a DDS and Root Repeal log to post. I am taking this system home and off the enterprise network. I hope to have the post updated with logs later this evening. Hope someone wants to join the fight!

daltom1985

Read other 6 answers
RELEVANCY SCORE 42

Computer was infected with Windows Police Pro virus. After searching on various forums I was directed the malwarebytes scanner. I ran a full system scan and after it had found 500+ infected files. The files were deleted and computer restarted. Except when I restarted the computer the desktop icons and start bar were all gone. I have been reading different forums and trying different solutions posted on them but nothing has worked. The one solution that seems to be prevalent is to type in explorer.exe into the New task option on the task manager but all that does is bring up the 'My documents" Folder. Is there anything special about that that I am missing?

A:Windows police

You are most likely still infectedFollow the directions about Task Manager in this tutorialhttp://www.bleepingcomputer.com/virus-remo...dows-police-proI would still scan for rootkits:We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr

Read other 2 answers
RELEVANCY SCORE 42

I am infected with Windows Police Pro - and it's bad. I tried to implement some of the fixes listed in other posts: task manager wouldn't open, fixtm file wouldn't open, couldn't get into safe mode. I was able to run Super Anti Spyware and it found 258 infected files. After deleting them I ran it a few more times, each time finding some more. When it stopped finding infected files I tried to start in safe mode and now the computer won't start at all. It brings up the F8 screen to choose how to boot but will not start up from there in any mode. I have Bit Defender Antivirus disk and can start up Knoppix from there, possibly in Linux but I'm not too technical. Don't know what to do from there though. I can find my way around a computer and can follow instructions so I should be able to follow any advice, though I may not know all the terminology. Is there any hope for my laptop?

A:Windows Police Pro

Try this maybe it will be enough to get it running to run some scansvipre rescue diskhttp://live.sunbeltsoftware.com/

Read other 1 answers
RELEVANCY SCORE 42

My home computer primarily used by my kids is infected by Windows Police Pro. I have attempted to use the removal guide however i cannot get past step 2, download Fixtm.reg. It will not let me run this program.
any suggestions?

Read other answers
RELEVANCY SCORE 42

OK , so here is my problem I have Malware already installed , but this Windows Police Pro , has some how disable it . what the work around at this point . I am able to use spy doctor , but its not totally removing this program

A:Windows Police Pro

Hello Lees9I split this to it's own topic.Please go here to our removal guidehttp://www.bleepingcomputer.com/virus-remo...dows-police-proScroll to the Automated Removal Instructions for Windows Police Pro using Malwarebytes' Anti-Malware:Follow those instructions. Post back the scan log and tell us how it's running.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 1 answers
RELEVANCY SCORE 42

I got a bad virus from a torrent. I've tried it all. It's Windows Police Pro. Followed instructions only to find that dds.scr won't run. Says it's a invalid windows application. I've searched for other topics/posts on this matter, and haven't found any so I'm sorry if it's been covered elsewhere. Please help. thx

A:can't run dds/windows police pro

We Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr

Read other 6 answers
RELEVANCY SCORE 42

(First post, bear with me pls)

I am trying to use the do-it-yourself Remove Windows Police Pro (Removal Guide) [post="http://www.bleepingcomputer.com/virus-removal/remove-windows-police-pro"]see here[/post]

I am hung up on step 2. I am instructed to download Fixtm.reg to my desktop, then click yes when asked to merge the data. However, I am not given yes as an option, only open or run- neither of which do anything. So my initial issue remains- I cannot access the task manager. Any suggestions?

Thank you kindly!

A:Windows Police Pro

Welcome to BCThat method does not always work. Especially with the newer variants coming outLet's try some scans that you can submit to the HJT forumWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.----------------------------------Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to HighAlso try: right-click on rootrepeal.exe and rename it to tatertot.scr=================================Please download Win32kDiag.exe by AD and save it to your desktop.alternate download 1alternate download 2This tool will create a ... Read more

Read other 3 answers
RELEVANCY SCORE 42

HP Pavilion LaptopWindows XP HomeSisters computer. Wasn't able to boot yesterday at all got use of task manager and was able to finally run MalwareBytes but it keeps shutting off at the very end. I, quite frankly, have tried much of what I have read, but am only able to do very limited actions as I can only work from Task Manager and the File/New Task (Run) command. Have been accessing spyware utils from usb drive. Please help No Desktop-No Start Menu. Thanks in advance,TonyO(Please View New Topic In Hijack This Logs Forum)http://www.bleepingcomputer.com/forums/ind...c=262661&hl

Read other answers
RELEVANCY SCORE 42

I'm not too sure what's going on with my computer. I logged on a few days ago and a few pop-ups from "Windows Police Pro" popped up, so I ran the usual "Malwarebytes","SuperAnti Spyware" and scanned with "IObit 360 Security". The pop ups stopped and everything was fine. A day later I log on and my windows explorer was gone along with my desktop icons and any time i try to run any of my antivirus programs they close themselves in a matter of seconds.The only thing I can do is navigate around with task manager and open Firefox.Any ideas? Thank you for your time.A. GrantEdit: Moved topic from XP to the more appropriate forum. ~ Animal

A:Windows Police Pro

try drwebcure and combofix

Read other 8 answers
RELEVANCY SCORE 42

Windows Police Pro guide didnt work for me, the file i download didnt let me open it up cause of the problem
my pc is windows XP media center edition 2005.
so i really need help on fixing this, and my McAfee security center have scan the file after i got it tho but cant do anything else about it since i need to view details but i cant see it
when i try run any programs it give me errors
i try run fixtm and it gave me the error of "registry editor has been disabled by adminstrator"
i also try dds and it ask me if i want to run it, i click yes(run) then the error show up as "windows cannot find 'cmd'. make sure you typed the name correctly, then try again. to search for the fire, click start button, then click search."
also the error i get when i try open things is this
"c:\PROGRA~1\mcafee\mcshell.exe" i get this error about 4 times and i click okay on it
while i got that error i also got
svchost.exe error which have an debug, send error report and fix it button, i click debug and nothing happen and then send error report nothing happens. then when i click it brings up the window police pro x.x

am also sorry for editing this so much

A:Windows Police Pro

Hi antonior, and to Bleeping Computer!ROOTREPEAL-------------We need to check for rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Zip Mirrors (Recommended)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive.Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Read other 5 answers
RELEVANCY SCORE 42

My son's computer got hit tonight. AV has been turned off. Security Warning keeps appearing with a dialog box to purchase Windows Police Pro. I tried system restore but got the error message that C:\Windows\System32\restore\restrui.exe is infected. Please activate your antivirus program. However, I can't even launch AVG at all to try to activate it.When I finally got Firefox to load, his home page didn't load, either. A window came up showing: "This is embarrassing" message.I don't even know where to start, as in order for me to post this message, I had to drag the Windows Security Center window down to the bottom of the screen so I could see what I was typing, because no matter what, it wouldn't go away. Pulling up Task Manager and ending the process does no good, either, as it ends the process, and then it starts right up again.I have not shut the computer off. This all started about an hour and half ago.Thanks for any guidance.Edit: my son just told me that the system did shut down, with a countdown from 55 seconds down. When it restarted, the Acrobat welcome screen appeared then disappeared. It's almost as if an Acrobat file launched, then the havoc began.That's where we stand.Edit again: I found the self-help guide on BC for removing this nasty thing. I was printing the guide, and all of a sudden the system shut down. It got to the Windows "Saving your Settings" screen and froze there. We... Read more

A:Windows Police Pro

Go to > Run..., then copy and paste this command into the open box: cmdClick OK.At the command prompt C:\>, copy and paste the following command and press Enter:DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txtA file called log.txt should be created on your Desktop.Open that file and copy/paste the contents in your next reply.

Read other 9 answers
RELEVANCY SCORE 42

So I managed to get this !@#$@ thing on my computer and boy am I angry. Anyways I have followed the removal guide you have. I have removed all files you say are associated with it as well as the registry. Things are working alot better now Im not getting the pop up and Im able to navigate my computer the only thing is when I try to scan my comp with Malwarebytes it scans for like 2 seconds then the programs closes and when I try to run it again it says cannot access because I might not have the right permissions. Now Im assuming this is related to this damn WPP virus but I was wondering if there is a way around this. I really need to scan my computer to insure everything is wiped out. Please let me know. Thanks.

A:Windows Police Pro

Tried to run the dds.scr and rootrepel.exe dds opened then closed and rootrepel worked for a bit then closed and I get the same permissons thing.

Read other 9 answers
RELEVANCY SCORE 42

I'm going to start from square one and it's been a long night so here goes...Searching Google, AVG flashed an incoming Virus which it could not stop. Windows Police Pro loaded and ran on my computer. Ran task manager, end program Police Pro. Opened AVG and scanned whole computer. Police Pro opened back up and ran during scan. Scan completed without finding much more that some tracking cookies and one issue in registry. All issues were claimed to be healed by AVG but Police Pro remained. Manually searched and found files to Police Pro and removed. At that point the only thing that remained was the empty file that held it which would not delete. Police Pro did not start back up but i knew i still had an issue since my Control Panel Add/Remove Programs would not open. Restarted computer and it went into a Boot Loop. Tried Safe Mode, Last Known Good Configuration, and Start Normal. All returned to Boot Loop with a random quick flash of a Blue Screen. Booted from Windows XP CD and ran repair on partition. With a few errors and restarting Windows setup it finally went through the whole repair and I made it to the Finalizing Windows and the computer stalled, reset and went back into Boot Loop. I have attempted to repair again but the Partition says XP already exists and will not repair. Now I'm also randomly getting the Blue Screen error Stop 0x0000006F. I've gone through hardware, swapped my Memory around in every possible way it can. If I let the computer run witho... Read more

A:Windows Police Pro

Ok so this is what I've done now. I've taken the hard drive and installed it as a secondary in one of my spare-not so important computers. I can access everything on the hard drive EXCEPT My Documents which...of course...holds all the files I desperately need to save. It says the Documents and Setting is not accessible. Access is Denied. I need to find a way to get in and copy the files I need. If I can get those files off I have no problem and will reformat but until then I need help getting those files!

Read other 3 answers
RELEVANCY SCORE 42

Hello. I was instructed to come here from here. Anyways, my DDS program refuses to run. Most of my programs (except firefox) are not able to open up. It will always say ERROR. I can surprisingly search google on firefox without my links getting hijacked, but that's about it. The only thing I have is this Root Repeal Log....ROOTREPEAL ? AD, 2007-2009==================================================Scan Start Time: 2009/08/30 16:30Program Version: Version 1.3.5.0Windows Version: Windows XP Media Center Edition SP3==================================================Drivers-------------------Name:Image Path:Address: 0xF73E3000 Size: 98304 File Visible: No Signed: -Status: -Name:Image Path:Address: 0x00000000 Size: 0 File Visible: No Signed: -Status: -Name: 1394BUS.SYSImage Path: C:\WINDOWS\system32\DRIVERS\1394BUS.SYSAddress: 0xF769C000 Size: 57344 File Visible: - Signed: -Status: -Name: ACPI.sysImage Path: ACPI.sysAddress: 0xF7527000 Size: 187776 File Visible: - Signed: -Status: -Name: ACPI_HALImage Path: \Driver\ACPI_HALAddress: 0x804D7000 Size: 2150400 File Visible: - Signed: -Status: -Name: AegisP.sysImage Path: C:\WINDOWS\system32\DRIVERS\AegisP.sysAddress: 0xF1BC0000 Size: 17920 File Visible: - Signed: -Status: -Name: afd.sysImage Path: C:\WINDOWS\System32\drivers\afd.sysAddress: 0xA294D000 Size: 138496 File Visible: - Signed: -Status: -Name: AGRSM.sysImage Path: C:\WINDOWS\system32\DRIVERS\AGRSM.sysAddress: 0xF2C25000 Size: 1149888 File Visible: - Signed: -Status: -Name: ar... Read more

A:Windows Police Pro

Hello Zincous, You have a nasty rootkit on this computer. Step 1Download and run Win32kDiag: Download Win32kDiag from any of the following locations and save it to your Desktop. Download Win32kDiag (Win32kDiag.exe) - #1 Download Win32kDiag (Win32kDiag.exe) - #2 Download Win32kDiag (Win32kDiag.exe) - #3 Double-click Win32kDiag.exe to run Win32kDiag and let it finish. When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.Step 2Download and run a batch file (peek.bat): Download peek.bat from the download link below and save it to your Desktop.Download peek.bat Double-click peek.bat to run it.A black Command Prompt window will appear shortly: the program is running. Once it is finished, copy and paste the entire contents of the Log.txt file it creates as a reply to this post.Please post back with:Win32kDiag.txtContent of the log.txt

Read other 2 answers
RELEVANCY SCORE 42

I need some help.. I keep getting a Windows Police Pro pop up. I'm unable to access anything except internet. I'm currently running in safemode.

I have Windows XP Build2600
Hijackthis log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:14:46 PM, on 9/20/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Inst... Read more

Read other answers
RELEVANCY SCORE 42

I have a screen that pops up and is titled Antivirus Pro at the tab and the complete screen is titled Windows Police Pro.I cannot access any of my programs and anytime time I try an Anti-Spyware (or any program) a box pops up tab says it is not a valid Win32 application. Because I had Bleeeping Computer saved in my -email I was able to save mbam setup.exe to my desktop. But when I clicked on it I got "it is not a valid Win32 application." It will not even allow me to use my restore to a previous date. PLEASE HELP!!!!

A:Windows Police Pro Also

Hello peggy58 I am splitting you to your own topic in this forum. Titled Windows Police Pro AlsoYou have a rootkit.As there are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by HJT team member.Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible. Now ... Download this Utility and save it to your Desktop.Double-click the Utility to run it and and let it finish.When it states Finished! Press any key to exit, press any key to close the program.It will save a .txt file to your desktop automatically. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as part of the reply in the topic you will create below..Next please go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post the Rootrepeal log and the above log.Let me know how that went.

Read other 1 answers
RELEVANCY SCORE 42

Hoping you can help me with this!

2 days ago I started getting loads of popups and error messages on my computer, and a WINDOWS POLICE PRO message saying I was infected with hundreds of viruses and to buy their antivirus! I didn't of course, knowing it was malware but I can't run any anti-malware programs our even open my anti-virus (mcafee) or many other programs on my computer! I tried following the instructions on your site but it hasn't worked!

In the task manager processes I didn't have the Windowspolicepro.exe files so couldn't end process I did have svchast.exe so ended that one. I was able to find some of the related files and have deleted them form my computer.

I am still however unable to run any of the antimalware programs that should allow me to remove the program and although I no longer have any of the popups I'm obviously still infected!

I appreciate the help!

Ginzaboom

A:Windows Police Pro

Welcome to BCWe Need to check for Rootkits with RootRepealDownload RootRepeal from the following location and save it to your desktop.Direct Download (Recommended)Primary MirrorSecondary MirrorSecondary MirrorSecondary MirrorZip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
Primary MirrorSecondary MirrorSecondary MirrorRar Mirrors - Only if you know what a RAR is and can extract it.
Primary MirrorSecondary MirrorSecondary MirrorExtract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).Open on your desktop.Click the tab.Click the button.Check all seven boxes: Push OkCheck the box for your main system drive (Usually C:), and press Ok.Allow RootRepeal to run a scan of your system. This may take some time.Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.

Read other 3 answers
RELEVANCY SCORE 42

A search on this software led me to this forum, where it seemed that special instructions were required based on one's system. Yes, my computer is infected, yes I'm getting a pretty steady stream of false alerts and errors, and now I can't seem to run exe files. I had been getting my google searches hijacked for some time now, but hadn't gotten around to figuring out how to fix it. Now I wish I had been a bit more prompt in dealing with that.I went to http://remove-malware.net/how-to-remove-wi...1/#comment-6614and attempted to download and run their scanner/remover. I thought it might make things worse, although I don't really have any options other than to follow the advice of some stranger at this point. Luckily, my inability to run the exe meant I never had to test out their remover.Since the previous thread (started by Andy500) had andy run RootRepeal, I'll go ahead and try getting a scan out of that and posting it soon as well.Of course any help in cleaning this threat out of my system would be much appreciated.Edit 1: I found a way to work around the inability to run exe files for now. As such I was also able to get a HijackThis report (as well as run RootRepeal)which I can post if that helps

A:Windows Police Pro

Didn't see anyplace to attach a txt file, so I'm just going to do the old copy/paste from what I got from RootRepeal. If there is more info I need to provide, or I need to format it differently, let me know:
Name: arp1394.sys
Image Path: C:\WINDOWS\system32\DRIVERS\arp1394.sys
Address: 0xB763D000 Size: 60800 File Visible: - Signed: -
Status: -

Name: atapi.sys
Image Path: atapi.sys
Address: 0xB7EF3000 Size: 95360 File Visible: - Signed: -
Status: -

Name: ATMFD.DLL
Image Path: C:\WINDOWS\System32\ATMFD.DLL
Address: 0xBFFA0000 Size: 286720 File Visible: - Signed: -
Status: -

Name: audstub.sys
Image Path: C:\WINDOWS\system32\DRIVERS\audstub.sys
Address: 0xB875B000 Size: 3072 File Visible: - Signed: -
Status: -

Name: b57xp32.sys
Image Path: C:\WINDOWS\system32\DRIVERS\b57xp32.sys
Address: 0xB6D9B000 Size: 132352 File Visible: - Signed: -
Status: -

Name: Beep.SYS
Image Path: C:\WINDOWS\System32\Drivers\Beep.SYS
Address: 0xB85EA000 Size: 4224 File Visible: - Signed: -
Status: -

Name: BOOTVID.dll
Image Path: C:\WINDOWS\system32\BOOTVID.dll
Address: 0xB84B8000 Size: 12288 File Visible: - Signed: -
Status: -

Name: Cdfs.SYS
Image Path: C:\WINDOWS\System32\Drivers\Cdfs.SYS
Address: 0xB75FD000 Size: 63744 File Visible: - Signed: -
Status: -

Name: cdrom.sys
Image Path: C:\WINDOWS\system32\DRIVERS\cdrom.sys
Address: 0xB82080... Read more

Read other 2 answers
RELEVANCY SCORE 42

Hi everyone.

I just came upstairs to my dad saying that there is something popping up on the desktop saying that it's infected.
I turn on the computer and see "Windows Police Pro".
I go to run firefox to start searching how to remove this (dealt with something similar to this before) and a error comes up saying:

"This application has failed to start because the application configuration is incorrect. Reinstalling the application may fix this problem."

I am able to open firefox by going under Start and picking it in there.
I found info on removing it from the registry and everything(done this before with a similar virus(very similar in fact)), but I get the same error as when I was opening firefox when I try to open regedit.

Please help?

P.S. I subscribed to the forum already, don't need to post that :]

A:Windows Police Pro

Please download Malwarebytes Anti-Malware and save it to your desktop.alternate download link 1alternate download link 2MBAM may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.Make sure you are connected to the Internet.Double-click on mbam-setup.exe to install the application.When the installation begins, follow the prompts and do not make any changes to default settings.When installation has finished, make sure you leave both of these checked:Update Malwarebytes' Anti-MalwareLaunch Malwarebytes' Anti-MalwareThen click Finish.MBAM will automatically start and you will be asked to update the program before performing a scan.If an update is found, the program will automatically update itself. Press the OK button to close that box and continue.If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.On the Scanner tab:Make sure the "Perform Quick Scan" option is selected.Then click on the Scan button.If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.The scan will begin and "Scan in progress" will show at the top. It may take some time to complete so please be patient.When the scan is finished, a message box will say "The... Read more

Read other 11 answers
RELEVANCY SCORE 42

Looks like it is something new, and from the amount of posts, it appears to be rampant.

ANyway, keep getting the pop up for Windows Police Pro saying I am infected. Can't open anything.

IE, FireFox, Regedit, Command prompt....None of them will open.

I was able to delete the C:\Program Files\Windows Police Pro directory.

I deleted the directory, and renamed the .exe and rebooted. Then I was able to delete the folder completely. THis allows me to run without popups constantly. I have the machine off the network...

I had put mbam-setup.exe on a flash drive and was going to install it and run it, and it seems to have gotten deleted from the flash drive before I could run it.

I not have RootRepeal.exe and mbam-setup.exe and mbam-rules.exe on a CD and I'm ready to run them or whatever else I need to run. Let me know and let the fun begin....

EDIT: Found desote.exe in the C:\Windows\System32 folder. Everytime I tried to do properties, or something else, I would see a command window flash up with running desote.exe and then go away and nothing would happen. Now that I have renamed desote.exe to something else, I get a rundll32.exe not found error. Now if I do a Start-Run and try to run Regedit.exe, I get an "OPen With" Dialog box.

EDIT 2: I was unable to run anything. However, after renaming the desote.exe file, I was able to do Start - Run and type Regedit.exe and hit enter. Then at the "Open With" Dialog box, I was... Read more

A:Windows Police Pro

Hello actually you are not. You have a rootkit.As there are some new variants of rootkits in the wild right now that will require custom scripts to remove the infection, the process must be completed by HJT team member.Failure to follow the proper removal process can and will cause serious damage to a machine. Recovery of the machine may be difficult, if not impossible. Now ... Download this Utility from any of the following locations and save it to your DesktopDouble-click the Utility to run it and and let it finish.When it states Finished! Press any key to exit, press any key to close the program.It will save a .txt file to your desktop automatically. Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as part of the reply in the topic you will create below..Next please go here HijackThis Logs and Virus/Trojan/Spyware/Malware Removal ,click New Topic,give it a relevant Title and post the Rootrepeal log and the above log.Let me know how that went.

Read other 3 answers
RELEVANCY SCORE 42

I have no idea what website this came from but I'm sure it got it from using Internet Explorer for a few seconds (usually use Firefox).

This thing keeps alerting me about "viruses" on my computer such as "Virus.Win32.Gpcode.ak" and asks me to pay money to remove it.

I've been trying to remove it all day.

When I first got it I had several processor intensive programs running (a MMO, web browsers, etc.), so I decided to restart my computer and then tackle the problem. Upon restart none of my virus scanners would start. In fact no .exe file would start I believe.

Then I decided to restart and boot in Safe Mode. On another computer I read people (this forum actually) suggesting Malwarebytes' Anti-Malware. I already had it on my computer, but I could not start the program. I kept getting a command-prompt like window titled: C:\System32\desote.exe and in the window it said something like, "This program's memory is too large" or something. So I went into system32 and deleted desote.exe. The program still wouldn't start, so I uninstalled MBAM from the control panel, downloaded a new installer from another computer, put it on a flash drive, and then put the on my computer (had to reboot on standard mode). I then rebooted in safemode and installed/tried to get it to work/uninstalled multiple times. I also booted on standard mode a few times as well. At one point, my computer looked like it was on Safe Mode even though it w... Read more

A:Windows Police Pro

Someone please help? :S

I found the blue screen error:

Stop: 0X0000008E (0XC0000005, 0X8CB55072, 0XA46FF018, 0X00000000)

Read other 3 answers