Windows Police Pro [Solved]

• Please open your MalwareBytes AntiMalware Program
• Click the Update Tab and search for updates
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish, so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected. <-- very important
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

• Disable any script blocking protection
• Double click dds.pif to run the tool.
• When done, two DDS.txt's will open.
• Save both reports to your desktop.

• Extract the contents of the zipped file to desktop.
• Double click GMER.exe. If asked to allow gmer.sys driver to load, please consent .
• If it gives you a warning about rootkit activity and asks if you want to run scan...click on NO.
  
  
  Click the image to enlarge it
  
• In the right panel, you will see several boxes that have been checked. Uncheck the following ...
  • Sections
  • IAT/EAT
  • Drives/Partition other than Systemdrive (typically C:\)
  • Show All (don't miss this one)
• Then click the Scan button & wait for it to finish.
• Once done click on the [Save..] button, and in the File name area, type in "Gmer.txt" or it will save as a .log file which cannot be uploaded to your post.
  
• Save it where you can easily find it, such as your desktop, and post it in your next reply.

Edited by CatByte, 05 September 2009 - 07:15 AM.

• Double-click My Computer.
• Click the Tools menu, and then click Folder Options.
• Click the View tab.
• Clear "Hide file extensions for known file types."
• Under the "Hidden files" folder, select "Show hidden files and folders."
• Clear "Hide protected operating system files."
• Click Apply, and then click OK.

Edited by CatByte, 05 September 2009 - 07:33 AM.

• Extract it to Desktop and double click SREngLdr.EXE to run it
• Select System Repair from the left pane.
• Click on File Association
• Select all entries that have an Error status click [Repair]
• Refer to this image for an example:
  
  
  
• Close SREng now.

• Double click Sysprot.exe to start the program.
  
• Click on the Log tab.
• In the Write to log box select ALL ITEMS
• Look near the bottom left, and Check Hidden Objects Only
• Click on the Create Log button on the bottom right.
• After a few seconds a new window should appear.
• Select Scan Root Drive. Click on the Start button.
• When it is complete a new window will appear to indicate that the scan is finished.
• The log will be saved automatically in the same folder Sysprot.exe was extracted to.
  
• Open the text file and copy/paste the log here.

• Download Win32kDiag from any of the following locations and save it to your Desktop.
  • Download Win32kDiag (Win32kDiag.exe) - #1
  • Download Win32kDiag (Win32kDiag.exe) - #2
  • Download Win32kDiag (Win32kDiag.exe) - #3
• Double-click Win32kDiag.exe to run Win32kDiag and let it finish.
• When it states "Finished! Press any key to exit...", press any key on your keyboard to close the program.
• Double-click on the Win32kDiag.txt file that is located on your Desktop and post the entire contents of that log as a reply to this topic.

Edited by CatByte, 05 September 2009 - 07:58 AM.