F'ing Windows Police Pro

View previous topic View next topic Go down

F'ing Windows Police Pro

Post by stanfield214 on 23rd October 2009, 12:39 pm

OK>>.maybe 2 weeks ago a sudden and annoying page came up as if it was doing a scan on my computer, and said I had all these infections. I admit I have not been doing my due diligence, and have only been using Windows Defender. It was windows police pro, and of course I could "pay" to have them remove all the infections. I was finally able to remove this garbage with the help of a link I found (unfortunately don't remember the link now). I don't do a lot of gaming or sensitive stuff on this computer so I wasn't greatly concerned, however right now it is the only computer I have. Well, it came back and with a vengeance. The first time around, I did have to go in and reset the registry settings..start-run-command...etc..etc..
This time around (3 days ago) the same annoying scan came up, BUT..this time it will not allow me to change the registry. Things I have tried....(unsuccesfully)

start-run-gpedit.msc This is supposed to allow me to access the group policy editor window
I have tried re-enabling the registry editor by using the Visual Basic Script created by a Doug Knox of Microsoft.
I have tried regedit and a bunch of other commands associated with that..when I get to the end it tells me that registry editing has been turned off by the administrator
I bought Fix-It-Utilities 10 but I can't run it because it will not load, and I can't get it started from the start-run menu either.
right now, I can access the internet, and I can get into control panel, but I can't run any exe applications.
I tried----an application called unhook exe....enable exe....regcureset....etc...etc...each and every time it comes up with a box that tells me windows cannot open this file...ex...FILE: REG.exe
To open this file windows needs to know what program created it....etc..etc. and at the bottom it asks me if I want to use the web service to find the appropriate program or select it from a list.

I may have tried other things that I have forgotten about because it has been a long 3 days trying a million different things. Any help would be appreciated. By the way...Windows xp the computer is maybe 3 years old it is a compaq presario.

One other thing I just tried

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=-
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title]

save as fix.reg
double click to run
yes to registry merge prompt

When I did this an error box appeared that said

Cannot import C:\Documents: Error opening the file. There may be a disk or file system error


Last edited by stanfield214 on 23rd October 2009, 7:29 pm; edited 1 time in total (Reason for editing : To post yet another thing that I have tried to solve my problem)

stanfield214
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2009-10-20
OS OS : XP
Points Points : 26073
# Likes # Likes : 0

View user profile

Back to top Go down

Re: F'ing Windows Police Pro

Post by Dr Jay on 23rd October 2009, 7:17 pm

Please transfer this download from another computer to the infected one.

Please download ComboFix from [You must be registered and logged in to see this link.]

Rename ComboFix.exe to commy.exe before you save it to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools A guide to do this can be found [You must be registered and logged in to see this link.]
  • Click Start>Run then copy paste the following command into the Run box & click OK "%userprofile%\desktop\commy.exe" /stepdel
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console


Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.

Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


  • Click on Yes, to continue scanning for malware.
  • When finished, it shall produce a log for you. Please include the contents of C:\ComboFix.txt in your next reply.

I would also like to see a list of installed programs, so please do this:
Click Start > Run then copy/paste the following single-line command into the Run box and click OK:

C:\Qoobox\Add-Remove Programs.txt

In your next reply, please include the ComboFix log and the Add-Remove Programs log.


Dr. Jay (DJ)


[You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.] ~ [You must be registered and logged in to see this link.]

Dr Jay
Head Administrator
Head Administrator

Posts Posts : 14309
Joined Joined : 2009-09-06
Gender Gender : Male
OS OS : Windows 10 Home & Pro
Arch. Arch. : x64 (64-bit)
Protection Protection : Bitdefender Total Security
Points Points : 302960
# Likes # Likes : 10

View user profile

Back to top Go down

Re: F'ing Windows Police Pro

Post by stanfield on 27th October 2009, 3:43 pm

[You must be registered and logged in to see this link.] wrote:OK>>.maybe 2 weeks ago a sudden and annoying page came up as if it was doing a scan on my computer, and said I had all these infections. I admit I have not been doing my due diligence, and have only been using Windows Defender. It was windows police pro, and of course I could "pay" to have them remove all the infections. I was finally able to remove this garbage with the help of a link I found (unfortunately don't remember the link now). I don't do a lot of gaming or sensitive stuff on this computer so I wasn't greatly concerned, however right now it is the only computer I have. Well, it came back and with a vengeance. The first time around, I did have to go in and reset the registry settings..start-run-command...etc..etc..
This time around (3 days ago) the same annoying scan came up, BUT..this time it will not allow me to change the registry. Things I have tried....(unsuccesfully)

start-run-gpedit.msc This is supposed to allow me to access the group policy editor window
I have tried re-enabling the registry editor by using the Visual Basic Script created by a Doug Knox of Microsoft.
I have tried regedit and a bunch of other commands associated with that..when I get to the end it tells me that registry editing has been turned off by the administrator
I bought Fix-It-Utilities 10 but I can't run it because it will not load, and I can't get it started from the start-run menu either.
right now, I can access the internet, and I can get into control panel, but I can't run any exe applications.
I tried----an application called unhook exe....enable exe....regcureset....etc...etc...each and every time it comes up with a box that tells me windows cannot open this file...ex...FILE: REG.exe
To open this file windows needs to know what program created it....etc..etc. and at the bottom it asks me if I want to use the web service to find the appropriate program or select it from a list.

I may have tried other things that I have forgotten about because it has been a long 3 days trying a million different things. Any help would be appreciated. By the way...Windows xp the computer is maybe 3 years old it is a compaq presario.

One other thing I just tried

Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableRegistryTools"=-
[-HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title]

save as fix.reg
double click to run
yes to registry merge prompt

When I did this an error box appeared that said

Cannot import C:\Documents: Error opening the file. There may be a disk or file system error


Today 10/27..Over the weekend I downloaded combofix but was unable to open it on this computer. I can't get anything to boot from the disk drive. I found another post, and went to the eset online scanner site, and downloaded the scanner and ran it. I said I had 137 threats and it said that it removed them...I apologize, but I can't find the previous post (computer is moving slowwwww now) so I don't recall what the instructions were to obtain the scan log, so that I can post it. I have been using windows defender, but all this malware just turns it off. I also bought Fix-It-Utilities 10 but have been unable to install it for the same reason as everything else, because I can't run exe programs or get anything to boot from the disk drive. I greatly appreciate the response earlier, and any help is greatly appreciated... ThanksexeHelper by Raktor
Build 20091021
Run at 16:11:11 on 10/27/09
Now searching...
Checking for numerical processes...
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\87558437
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\44843124
Deleting file C:\Documents and Settings\All Users\Application Data\78855942\7885
5942.exe
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\78855942
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\36374528
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\73425829
Removing HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\28289231
Checking for bad processes...
Checking for bad files...
Deleting file C:\WINDOWS\system32\opeia.exe
Deleting file C:\WINDOWS\system32\BtwSrv.dll
Error deleting C:\WINDOWS\system32\BtwSrv.dll
Deleting file C:\WINDOWS\system32\nuar.old
Deleting file C:\WINDOWS\system32\skynet.dat
Deleting file C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup
\scandisk.dll
Deleting file C:\Documents and Settings\Compaq_Owner\Start Menu\Programs\Startup
\scandisk.lnk
Checking for bad registry entries...
Removing HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Login Software 2009
Removing HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper
Objects\{A2234B15-23F2-42AD-F4E4-00AAC39C0004}
Resetting filetype association for .exe
exefile="%1" %*
.exe=exefile
Resetting filetype association for .com
comfile="%1" %*
.com=comfile
Resetting userinit and shell values...
Resetting policies...
--Finished--

Press any key to continue . . .


Last edited by stanfield on 27th October 2009, 8:13 pm; edited 1 time in total (Reason for editing : post results of exe helper)

stanfield
Beginner
Beginner

Posts Posts : 1
Joined Joined : 2009-10-20
OS OS : xp
Points Points : 26071
# Likes # Likes : 0

View user profile

Back to top Go down

Re: F'ing Windows Police Pro

Post by Belahzur on 27th October 2009, 5:45 pm

Lets try running this.

Please download exeHelper from one of the two links.
[You must be registered and logged in to see this link.]
[You must be registered and logged in to see this link.]

  • Double-click on exeHelper.com or exeHelper.scr to run the fix.
  • A black window should pop up, press any key to close once the fix is completed.
  • Post the contents of log.txt (Will be created in the directory where you ran exeHelper.com)
Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Posts Posts : 34918
Joined Joined : 2008-08-03
Gender Gender : Male
OS OS : 7 Home Premium x64
Points Points : 245101
# Likes # Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum