Jump to content

Had Police pro now Can't run Malwarebytes,hjt etc etc


Recommended Posts

I cant run any anti-virus/malware removers, Application tries to open then closes immediately, Im getting New hardware alerts, and rerouted on Google searches. I had the police pro virus earlier this month, but thought I removed it all, Please help! since I cant run hjt heres a win32k log:

Also when I open the win32k log in notepad it only stays open for 2sec before being closed out.

When I try and open Malwarebytes it says "inspecific path" Ive tried Renaming it, D/l onto usb drive and install on infected computer renamed and nothing.

Running from: C:\Documents and Settings\HTA\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\HTA\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\windows'...

Found mount point : C:\windows\$hf_mig$\KB915865\KB915865

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\addins\addins

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1E4.tmp\ZAP1E4.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP20.tmp\ZAP20.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29.tmp\ZAP29.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\NativeImages_v2.0.50727_32\Temp\ZAP29C.tmp\ZAP29C.tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\temp\temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\assembly\tmp\tmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Config\Config

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Connection Wizard\Connection Wizard

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Debug\UserMode\UserMode

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\ime\imejp\applets\applets

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\ime\imejp98\imejp98

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Installer\$PatchCache$\Managed\0DC1503A46F231838AD88BCDDC8E8F7C\3.2.30729\3.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Installer\$PatchCache$\Managed\DC3BF90CC0D3D2F398A9A6D1762F70F3\2.2.30729\2.2.30729

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\java\classes\classes

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\java\trustlib\trustlib

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Microsoft.NET\Framework\v1.1.4322\Temporary ASP.NET Files\Bind Logs\Bind Logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files\Temporary ASP.NET Files

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Minidump\Minidump

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\msapps\msinfo\msinfo

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\mui\mui

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\ERRORREP\QHEADLES\QHEADLES

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\ERRORREP\QSIGNOFF\QSIGNOFF

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\helpctr\BATCH\BATCH

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\helpctr\Config\CheckPoint\CheckPoint

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\helpctr\HelpFiles\HelpFiles

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\helpctr\InstalledSKUs\InstalledSKUs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\pchealth\helpctr\Temp\Temp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Registration\CRMLog\CRMLog

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\security\logs\logs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\SoftwareDistribution\AuthCabs\AuthCabs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\SoftwareDistribution\Download\37ea7d9587e54acc7afa27dc26096f4f\backup\backup

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\SoftwareDistribution\EventCache\EventCache

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\SoftwareDistribution\SelfUpdate\Registered\Registered

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Sun\Java\Deployment\Deployment

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1025\1025

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1028\1028

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1031\1031

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1037\1037

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1041\1041

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1042\1042

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\1054\1054

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\2052\2052

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\3076\3076

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\3com_dmi\3com_dmi

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\aliedit\aliedit

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Adobe\Acrobat\8.0\Collab\Collab

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Adobe\Acrobat\8.0\Preferences\Preferences

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Adobe\Flash Player\AssetCache\3J9BDAV8\3J9BDAV8

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\HPAppData\HPAppData

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Identities\{4C84D448-2821-45F2-B017-A89D09E8529E}\{4C84D448-2821-45F2-B017-A89D09E8529E}

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\InstallShield\ISEngine12.0\ISEngine12.0

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Macromedia\Flash Player\#SharedObjects\XRXJF5VV\XRXJF5VV

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\Credentials\Credentials

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\Crypto\RSA\RSA

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\Media Player\Media Player

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\Certificates\Certificates

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CRLs\CRLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Application Data\Microsoft\SystemCertificates\My\CTLs\CTLs

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Bluetooth Software\sync\sync

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Adobe\Updater5\Install\Install

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\CD Burning\CD Burning

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Credentials\Credentials

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Media Player\Transcoded Files Cache\Transcoded Files Cache

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Portable Devices\Portable Devices

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Works\Portfolio\Portfolio

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\My Documents\Bluetooth Exchange Folder\Bluetooth Exchange Folder

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\NetHood\NetHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\config\systemprofile\PrintHood\PrintHood

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\dhcp\dhcp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\drivers\disdn\disdn

Mount point destination : \Device\__max++>\^

Cannot access: C:\windows\system32\eventlog.dll

[1] 2008-04-15 00:00:00 61952 C:\windows\system32\eventlog.dll ()

[2] 2008-04-15 00:00:00 56320 C:\windows\system32\logevent.dll (Microsoft Corporation)

Found mount point : C:\windows\system32\export\export

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\inetsrv\inetsrv

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\LogFiles\WUDF\WUDF

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\Microsoft\Crypto\RSA\MachineKeys\MachineKeys

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\mui\dispspec\dispspec

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\oobe\html\ispsgnup\ispsgnup

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\oobe\html\oemcust\oemcust

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\oobe\html\oemhw\oemhw

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\oobe\html\oemreg\oemreg

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\oobe\sample\sample

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\ShellExt\ShellExt

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\spool\PRINTERS\PRINTERS

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\wbem\mof\bad\bad

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\wbem\mof\good\good

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\wbem\snmp\snmp

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\wins\wins

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\system32\xircom\xircom

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\Temp\IXP001.TMP\IXP001.TMP

Mount point destination : \Device\__max++>\^

Found mount point : C:\windows\WinSxS\InstallTemp\InstallTemp

Mount point destination : \Device\__max++>\^

Finished!

Link to post
Share on other sites

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.