Jump to content

Police Pro, System security, etc virus


Recommended Posts

Hi hi!

I managed to install MBAM 1.41 and run Quick scan and Full scan once each in Save Mode. I've attached the logs.

I couldn't update the definitions as it gave me a 732, 0, 0 error.

MBAM, HJT and Spybot cannot run now. Going into Normal sorta hangs. All ".exe" gives an error.

I tried to run MBAM again but it stops after 4 seconds after I did an offline update for the definitions.

My PC system configurations:

Windows XP Home Edition with SP3

IE 8

I have 2 user accounts.

Thanks for looking and helping!



Link to post
Share on other sites

Hi Again

After some experimentation, I managed to run GMER.exe and Win32Diag.exe from a flash drive in Save Mode. Attached are the logs for it.

I know that everyone seems to have the same problems and it's going to be awhile before some expert can get to this so, I'll be patiently experimenting on my own until I get some help.

Thanks. This is a very nasty bug!!



Link to post
Share on other sites

Alright, I've been rather patient here and yet there doesn't seem to be any help coming anytime soon even though it's been more than 48 hours since I originally posted. I've seen others getting help within a few minutes of posting, so I'm a bit disappointed.

In the meantime, I've experimented a bit more and the results are as below:

1. I unplugged my hard drive and moved it to another clean PC to run a MBAM and NAV scan on it. The results of that is a somewhat clean hard drive. Which I then replugged it back to the original PC.

2. Re-installed MBAM 1.41 and updated the definitions to the on dated 09.19.2009. Ran Quick Scan and Full scan on each User Account. I've attached all the logs. I've also done the Remove Objects after each scan.

3. Ran RootRepeal to get the report.

4. Ran HiJackThis to get the report.

Right now, the networking drivers and protocols are messed up, as far as I can figure out so no Internet access on that particular PC. I'm still trying to figure out how to rectify that. Once I can get it to clean out that "hjwhatever.sys" root virus that is still hidden, I should be able to get the PC going.

All the logs have been attached. Some help here would be appreciated.









Link to post
Share on other sites

Finally, someone answered!! Thanks for the welcome sjpritch25.

Yes, I still need some help here. At last check, all the network adapters and protocols are not working. Somehow something is blocking the drivers to be loaded. Whenever I removed and re-install the adapters, it still won't address the issue. I even installed a new adapter to make sure its not the adapter which is giving the problem.

I removed CA Security which I thought was blocking the network settings but that didn't help. And I found a number of entries which I suspect is Malware entries in the registry but have yet to delete them as I'm not sure. I've rectified the BITS and WAUSERV entries which was modified to %fystem etc% by some virus, but that is just the Windows Update entries. Well, I guess I'll still have to experiment some more.

So any help is appreciated.

Link to post
Share on other sites

Download Combofix from this webpage: http://www.bleepingcomputer.com/combofix/how-to-use-combofix

**Note: It is important that it is saved directly to your desktop**


1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.


Double click on combofix.exe & follow the prompts.

  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.


Do not mouseclick combofix's window while it's running. That may cause it to stall

Link to post
Share on other sites

Hi, sjpritch25

This is just to report that I don't need any more help on this issue. Over the weekend, before I could run the Combofix, ONE impatient idiot did a reformat on the hard drive while I was away. T_T

Thanks for your input anyway. I really wanted to solve this problem but s**t happens.

Thanks again.

Link to post
Share on other sites

This topic is now closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.