Over 1 million tech questions and answers.

PCEU Removal - Defined PRocess?

Q: PCEU Removal - Defined PRocess?

Hi there

I am a relative noddy to resolving issues on pcs so please bear with me!

I seem to have picked up the ' pceu' virus / malware issue, and cant seem to locate a means of removal

I have tried Malware Bytes, Run Virgin and AVG AV, and also spybot etc.

I am nervous of doing much more especially as i believe ( after reading the net) this manifests itself in my registery.

I have searched around and dont seem able to locate a definite resolution ??

Any help appreciated...im at a loss and nervous with tinkering further..

RELEVANCY SCORE 200
Preferred Solution: PCEU Removal - Defined PRocess?

I recommend downloading and running Reimage. It's a computer repair tool that has been proven to identify and fix many Windows problems with a high level of success.

I've used it in the past to identify and fix everything from blue screens (BSOD's), ActiveX errors, corrupt files and processes, dll/exe/sys errors, recover lost memory, Windows update problems, defragging, malware removal etc.

You can download it direct from this link http://downloadreimage.com/download.php. (This link will automatically start a download of Reimage that you can save to your computer.)

A: PCEU Removal - Defined PRocess?

Read other 15 answers
RELEVANCY SCORE 61.6

I have managed to contract this PCeU hijacker which has locked me out of my laptop.[XPS M1210] AMD chip. I searched online for fixes but cant find a solution that I can use or that works on the Laptop. Im running an old version of XP Pro 5.1 so cannot use 'Safe Mode with Networking' as the PCEU page loads once that I have logged on to the user account. I have tried 'Safe Mode with Command Prompt' then typing > CD Restore > rstrui.exe to get to system restore to choose a restore point before the infection. However the system cannot find the path specified when I type the initial cd restore command.

I have Malwarebytes on my desktop but cant access it and the machine im typing this on is a Linux OS and wont let me download to a stick. Can anyone provide instruction to remove this properly, I have searched through the topics and cant find a solution and im not very proficient at fixing problems without a guide.
Thanks in advance.

A:PCeU Hijacker removal in XP Pro - help please

Removal instructions, http://www.bleepingcomputer.com/virus-removal/remove-police-central-e-crime-unit-reveton-ransomware .

One of the most important parts of the removal instructions...suggests initiating a topic in the appropriate forum, beginning with "If you still have problems..." Please follow the instructions and ensure that you post in the correct forum.

Good luck .

Louis

Read other 3 answers
RELEVANCY SCORE 61.2

DDS (Ver_2012-10-19.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16421
Run by Edward at 11:12:58 on 2012-11-04
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.1788.1054 [GMT 0:00]
.
AV: Trend Micro Internet Security Pro *Enabled/Updated* {68F968AC-2AA0-091D-848C-803E83E35902}
SP: Trend Micro Internet Security Pro *Enabled/Updated* {D3988948-0C9A-0693-BE3C-BB4CF86413BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Trend Micro Personal Firewall *Enabled* {70A91CD9-303D-A217-A80E-6DEE136EDB2B}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_ccf0dd3cb081af84\STacSV64.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\conhost.exe
C:\Windows\Sy... Read more

A:PCEU (UKASH) trojan removal

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

Read other 24 answers
RELEVANCY SCORE 59.6

I followed the instructions removing PCEU virus using combofix. Everything went well, I got the report but after restarting my laptop it won't start in the normal mode at all: it prompts me to choose normal or safe mode, I choose normal, XP logo shows and then black screen as if the log-in box to my usr account was about to show but nothing happens. I waited 5-10 mins and nothing. When I switch it off again and start in the safe mode it's ok then. What can be the problem? PS. Before removing the virus, I was able to go to the normal mode but the 'virus pceu' screen would pop up straight away; now I cannot log in to my user account at all - the screen is black. What do I do please?
 

Read other answers
RELEVANCY SCORE 58

Hi guys, been trying to resolve this stubborn bleep of ransomware from my brothers system, had this myself previously and removed with tools found elsewhere, but on this occasion, It seems somewhat more stubborn, 
 
Have tried 2 Bootable usb removal tools without success:
 
Panda virus removal tool
 
Kapersky virus removal tool
 
and following on from Kapersky, a system restore was attempted, but failed, as said the restore point could not be loaded and the file has apparently been deleted
 
Cannot load to desktop to be able to use the DDS tool.
 
System: Windows 7 Home Premium 64 bit
 
Have been unable to backup any data, but if possible I need to preserve files/ photos already on the machine.
 
Any help or instructions, much appreciated.
 
Thanks

A:PCEU Police E Crime Unit Ransomware removal help - Safe mode disabled - Stu

Hello Kruger I would like to welcome you to the Malware Removal section of the forum.Around here they call me Gringo and I will be glad to help you with your malware problems.Very Important --> Please read this post completely, I have spent my time to put together somethings for you to keep in mind while I am helping you to make things go easier, faster and smoother for both of us!Please do not run any tools unless instructed to do so.We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", ... Read more

Read other 4 answers
RELEVANCY SCORE 51.6

I am continually getting the error "Run Time error 1004: Application defined or object defined error," each time a user clicks one of the cells within this excel file. It comes up as apparently a visual basic error. I've search other sites and unfortunately do not know enough about macros or excel formulas to know what to do next, so I thought I would post about it here. One user apparently has no trouble opening it while every other user has the same issue. Here is the debug code:

Private Sub Worksheet_Deactivate()

End Sub

Sub Worksheet_SelectionChange(ByVal Target As Excel.Range)
Cells.Interior.ColorIndex = -4142
Target.EntireRow.Interior.ColorIndex = 8
Target.EntireColumn.Interior.ColorIndex = 8
End Sub

The "Cells.Interior.ColorIndex = -4142" portion is highlighted in yellow, so I assume that's where the error is. From there, I'm not sure what to do to change it. Please let me know as soon as possible what direction I should take.

Thanks

A:run time error 1004 application defined or object defined error

To be honest...I would assume that the file is corrupt and try to replace it. All seemingly meaningful links on this error involve VBA coding and things that can go wrong with it...way overhead my head and out of my interest arena .

If it truly is a coding error (as seems implied), I would take it to the originator of that file, since it throws an error.

Very strange that e pluribus unum...manages to use it without problems .

Louis

Read other 1 answers
RELEVANCY SCORE 46

My son has a one year old computer running Vista that's really bogging down(Vista Basic and it's awful). I made a modest Ram upgrade but the problem really lies with all the nonsense he has running. It has 82 processes running.

I know about the simple things to do like remove rarely used programs and use the disk clean-up and defrag functions. What I know next to nothing about are the services and processes in windows and how to safely remove those you don't have to have. I'm just looking to avoid making a mistake and having to re-install the whole OS.

Read other answers
RELEVANCY SCORE 45.2

Someone was having problems on youtube, so I did a bit of googling, and came up with this: http://electronicerror.blogspot.com/2009/0...gsexevirus.html, but it's really the only solid source of information I can find.Avira and symantec have nothing that I found, kaspersky and avg don't seem to have a searchable database (from what little I've been digging through so far). So, I come to BC hoping someone's seen this, or developed a fix. Or is what I linked a reliable enough fix to trust?

Read other answers
RELEVANCY SCORE 45.2

Following the online removal instructions for AntiVirus2010, I have reached the step #9 for performing the GMER file scan. I am not sure the scan completed because of this pop-up message: WARNING!!! GMER has found system modifications caused by ROOTKIT activity. There is a second pop-up that says "Windows was unable to save all the data for the file \$Mft. The data has been lost. This error may be caused by a failure of your computer hardware or network connections. Please try to save this file elsewhere."

Info: XP IE8, having to use Safe Mode as nothing else works including IE because of this Bleeping Malware. As such, I am submitting the results text via another computer. Also, I am a complete amature at this kind of thing so please dumb down your responses to layman's terms - Thanks!

The results of the scan are as follows:

GMER 1.0.15.15477 - http://www.gmer.net
Rootkit scan 2010-10-29 14:36:17
Windows 5.1.2600 Service Pack 3
Running: gmer.exe; Driver: C:\DOCUME~1\VOGELM~1\LOCALS~1\Temp\pgrcypow.sys
---- System - GMER 1.0.15 ----

SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreateKey [0xF7477E22]
SSDT PCTCore.sys (PC Tools KDS Core Driver/PC Tools) ZwCreat... Read more

A:AntiVirus2010 removal process

Hello TheVoge ,Were you able to complete any of the other scans in the guide for posting logs? I'm interested in a DDS log, if you were able to get one. In the meantime, let's see if this gets the rootkit you said gmer mentioned:Download TDSSKiller.zipExtract it to your desktopDouble click TDSSKiller.exePress Start Scan
If Malicious objects are found then ensure Cure is selectedThen click Continue > Reboot nowCopy and paste the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\)Thanks,tea

Read other 16 answers
RELEVANCY SCORE 44.8

Hi everyone.
First time here and am a bigginer in spyware removal. Did this a few days ago, with my friend's computer. Win XP had shout down message at startup or after first application run. Took me 2days x 2hours to accomplish. I ran Spybot and AdAware and had about 20 entries or more. And after every fix and reboot it was there again. Magic key was to disable sys restore, which i remembered after 3 or 4 attempts to clean.
What I need is someone to recommend where to get some detail info about spyware removal procedures. Not only the order of steps to do, but why. I like more details on this subject. And i would like to know more about registry entries that are commonly used by malware. is there some listing or classification?
Thanks

A:need more info about spyware removal process

G'Day longhorn,

Have a look at this.......

http://www.techsupportforum.com/showthread.php?t=15968

Once you've had a good read and followed the 5 Steps, submit a HJT [HiJackThis] Log in the HJT Forum, and let the experts there help you...they're fantastic !!

You'll find the HiJackThis Download at the bottom of Step One, its highlighted as HiJackThis

Good Luck.
Regards,
Dave T.

Read other 5 answers
RELEVANCY SCORE 44.8

Hello,
 
I've been having problems with the Windows Process Manager malware. After running several Malwarebytes and Malwarebytes Anti Rootkit Beta scans in safe mode, it doesn't seem to be causing any problems. Earlier, it was eating up CPU power, and there were also tons of pop-ups and Sonora error messages (I've never installed Sonora before). The only remnant of these issues seem to be the Windows Process Manager process that still shows up in the Task Manager, (I'm also seeing atbwezx (32bit), Hcontrol (32bit), and "Microsoft Content" which look suspicious/unfamiliar).
 
Any help would be appreciated. 

A:Windows Process Manager removal

Hi satyamsivam My name is Aura and I'll be assisting you with your malware issue. Since we'll be working together, you can call me Aura or Yoan, which is my real name, it's up to you! Now that we've broke the ice, I'll just ask you a few things during the time we'll be working together to clean your system and get it back to an operational state.As you'll notice, the logs we are asking for here are quite lenghty, so it's normal for me to not reply exactly after you post them. This is because I need some time to analyse them and then act accordingly. However, I'll always reply within 24 hours, 48 hours at most if something unexpected happensAs long as I'm assisting you on BleepingComputer, in this thread, I'll ask you to not seek assistance anywhere else for any issue related to the system we are working on. If you have an issue, question, etc. about your computer, please ask it in this thread and I'll assist youThe same principle applies to any modifications you make to your system, I would like you to ask me before you do any manipulations that aren't in the instructions I posted. This is to ensure that we are operating in sync and I know exactly what's happening on your systemIf you aren't sure about an instruction I'm giving you, ask me about it. This is to ensure that the clean-up process goes without any issue. I'll answer you and even give you more precise instructions/explanations if you need. There's no shame in asking questions here, better be safe than sorry!If you ... Read more

Read other 14 answers
RELEVANCY SCORE 44.8

Please help! I followed the steps here Remove Bestmobapp.net pop-up ads (Virus Removal Guide)
but they did not work (kept getting random popups and redirected) so I was directed here! Pleasssseeee help!
 

Read other answers
RELEVANCY SCORE 44.8

I am trying to obtain a solution to a hyjack problem I have with my Google searches. When I do a search, I get the correct responses but when I try to click on a link, my request in redirected to what is usually an advertizing site.I registered with Bleepingcomputer.com and started by follwing the pinned topic "Preparation Guide For Use Before Using Malware Removal Tools and Requesting" I sucessfully followed the Item 1 through 7 disabling the CD Emulation Software and saving "DDS.txt" and "Attach.txt." to my Desktop. I then downloaded GMER and attempted to run the scan as directed in the tutorial. Things started fine and the scan window listed 31 items when the screen changed to my desktop wallpaper without the icons and then to a blue screen with the hourglass. I had to restart my computer and tried the scan again. This time listed the items and then went to a blue screen saying the operation had stopped and said "PFN_LIST_CORRUPTI appreciate any help that can be provided. This Google Hyjack is driving me crazy!!!!P.S. I have already tried Malwarebytes, AdvancedSystemCare, Spybot and Windows Live Care but none of these cured the problem.

A:Problem with Malware Removal Process

I have been attempting to obtain assistance with the problem of search engine redirects but have not received and responses yet. I have been waiting a couple of days and this morning I start up my computer and get a blue screen stating my computer has been stopped to prevent damage. At the end of the message it lists the following message:Stop: 0x0000007E (0xC000001D, 0x80537008, 0xBA4C72B8, 0xBA4C70B4)I tried starting up in the safe mode but I get 24 lines of info such as:Multi (0) disk (0) rdisk (0) partition (2)\windows\System 32\Drives\WMLIB:SYSI am operating a Dell desktop Pentium 4 with XP HomeAny help greatly appreciated.

Read other 16 answers
RELEVANCY SCORE 44.8

Hello all,

I would like someone to please link me the complete process from start to finish for removing a 'unknown device' using vista home prem, from start to finish so i can remove all the entries in the regedit + cache files + start up blah in the windows world today.

Im a network engineer by trade, and i focused on DSB and Unbuntoo so my XP/vista is seriously lacking besides AD and netbios.

I have broken my device drivers for a orbicam built into a acer 5100. Its appearing as an 'unknown device'. I have got psexec to delete keys in regedit. And also have the admin account running + for all hidden devices showed in device manager.

Simply if i can clear out completely a USB device in vista i can run the reinstall prog for my webcam, and get it working again, (i broke it using yahoo and switching ports, i know, im a n00b) if some registry/file master for vista could point me in the right direction that would be awesome.

Fyi, i have a case of the cbfs, so please dont tell me to run system restore as its switched off as im not running an AV, (i know i broke it) and i dont have a backup (silly me) but ive put alota time into this build.

Due to XP ability to rebuild drivers dynamically, there must be a method in vista if someone knows it.

Ive microsoft.com general help files, but as im outa the loop due to networking, im only getting nab pages for troubleshooting.

Link me some proper techniques please, if possible in vista home prem.

TY.

Read other answers
RELEVANCY SCORE 44.4

Hi,I recently acquired some viruses from TAFE and have installed mcaffee and removed the virus known as amvo.exe. this has fixed the problem that amvo creates which is bringing up the "open with" box instead of the open box for peripherals such as usbs and just other HDDS. it also (when you double click on a HDD) would open up another window. this has stopped and I can find no trace of the virus on my computer however, I still cannot see any of my hidden files and when i go into msconfig it still says amvo.exe. I have unchecked this box to load on startup (there was no process loaded or that i could see in the system processes anyway) and have done a HJT scan and log as shown below. I'm wondering if there is any program that i can use to view and delete hidden files if i still have this virus (which obviously I still do or anotherthat is much alike as I still cannot see hidden files). any help is much appreciated! thanks in advanceAlso, a related issue that may be as a result of malware or a virus or something! I have about 6 svchost.exe running and they each take up about 30,000K which is rather significant. One of them is taking up 75,000K as well.... my cpu is not so happy...however if i end some basic processes (like word and my steam account which was also running) my CPU usage goes down to between 3 and 8%. (although I still have the 6 svchost.exe's and they are still high in mem usage, also explorer is hitting 236,660K and firefox is at about 134,900.... Read more

A:Help With Amvo.exe Full Removal And Also Svchost.exe Process

Sorry for the delay. If you are still having problems please post a brand new HijackThis log as a reply to this topic. Before posting the log, please make sure you follow all the steps found in this topic:Preparation Guide For Use Before Posting A Hijackthis LogPlease also post the problems you are having.

Read other 3 answers
RELEVANCY SCORE 44.4

Can someone help out with a removal process to get rid of Trojan-BNK.Win32.Keylogger.gen for Windows 7? Thanks in advance for your help.

Read other answers
RELEVANCY SCORE 44.4

After turning on my pc today i got hit with another one of these malware viruses called "Windows Recovery".
After searching online for possible removals basically told me to use malware bytes to search for malware to remove problem.
So i downloaded malwarebytes which brought up some problems which i then deleted. Windows recovery does not function anymore however is still present on my system, it is still in my all programs section and still a shortcut on my desktop however, neither lead anywhere as it cannot find the files.
I would just delete them to recycle bin however most of my desktop items have still vanished and on Start>All Programs most of my Programs have disapeared, is their anyone that can help me restore my programs so that they appear again and get rid of the rest of this virus that malware bytes no longer picks up

Kind regards
Dan

A:Windows Recovery Removal Process Problem

Hi Dan

I have just acquired the same virus - haven't got aroungd to removing it yet. Checking on line, someone posted that it changed items on the desktop to 'hidden'. So I think if you undo that it should restore your missing items.

Steve

Read other 4 answers
RELEVANCY SCORE 44.4

There are dozens of sites that deal with removing this fake software. They all recommend Spyware Doctor. But I cannot follow their instructions. That is because Spyware Doctor refuses to remove Security Shield until I pay.

Nowhere on these sites does it mention payment or that it should be anything other than a free download. Nowhere does anyone else with this malware say they eventually had to pay. So why is it just me?

I am working overtime in the office and don't have the authority to spend the company's money on Spyware Doctor. I need to remove this malware that is slowing down my PC right now, so that I can continue working.

I don't get many issues, but TSF solved one for me over 2 years ago. So, can someone here please, please tell me how I can remove Security Shield under my present circumstances without being charged money I have no access to?

Thanxxx, Jon DeMassey

A:Security Shield. Is there a free removal process?

Hi,

Sorry for delayed response. Forums have been really busy. If you still need help with this do following, please.


Download DDS and save it to your desktop from here or here or here.
Disable any script blocker, and then double click dds file to run the tool.When done, DDS will open two (2) logs: DDS.txt
Attach.txt

Save both reports to your desktop. Post them back to your topic.

Read other 2 answers
RELEVANCY SCORE 44.4

Is there any way to stop, preferably disable entirely?
The process that grinds on and on with thumbs.db files.
Related issue:
Why does windows explorer grind to a halt on a multi-core cpu?

Read other answers
RELEVANCY SCORE 44

Hello Everyone ,
 
this is my first time posting here and i'm all desperate for your help 
 
last night 3/9/2016 I intended to do a malware scan as i do this periodically to keep my laptop safe 
 
i used
-Malwarebytes Anti-Malware 
-adwcleaner
 
then i proceed to restart the system to complete the act then i put my laptop on sleep mode
 
this morning i open my laptop and started up FireFox as it is the only browser i'm comfortable  with and every site i try to enter show "Server not found" page 
 
i tried the Internet Explorer which i don't use and it also show " This page can’t be displayed "
 
i'm writing this using google chrome as i pre-installed the program prior to the incident and i can browse the internet a download only using the browser .
 
i also can't download using internet download manger as it show connecting error and suggest that it is blocked by a fire wall or a problem in DNS
 
i use all my knowledge in computers but all in vein
 
things i tried :
 
- restart the laptop
- reinstall firefox
- netsh winsock reset 
- using farbar mini tool box 
 
i really hope that i would find a solution by using your help
 
thank You  
    

A:unable to Browse internet After malware Removal process

Download Windows Repair. Run the program in an admin account and check the Repair Network box, After the the repair reboot.
 
Edit: make sure you are not running a proxy server in IE. This is under Options > Connections.

Read other 3 answers
RELEVANCY SCORE 44

Redirect virus that effects search engine only. No pop-ups or system performace decrease. Have tried several methods of removal (Malwarebytes, combofix, cccleaner and superantispyware). I will need some help with a manual removal??? Attached is Hijackthis log.

A:Redirect Virus - Common removal process has failed

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 2 answers
RELEVANCY SCORE 44

Hello Everyone ,
 
this is my first time posting here and i'm all desperate for your help 
 
last night 3/9/2016 I intended to do a malware scan as i do this periodically to keep my laptop safe 
 
i used
-Malwarebytes Anti-Malware 
-adwcleaner
 
then i proceed to restart the system to complete the act then i put my laptop on sleep mode
 
this morning i open my laptop and started up FireFox as it is the only browser i'm comfortable  with and every site i try to enter show "Server not found" page 
 
i tried the Internet Explorer which i don't use and it also show " This page can’t be displayed "
 
i'm writing this using google chrome as i pre-installed the program prior to the incident and i can browse the internet a download only using the browser .
 
i also can't download using internet download manger as it show connecting error and suggest that it is blocked by a fire wall or a problem in DNS
 
i use all my knowledge in computers but all in vein
 
things i tried :
 
- restart the laptop
- reinstall firefox
- netsh winsock reset 
- using farbar mini tool box 
 
i really hope that i would find a solution by using your help
 
thank You  
    

Read other answers
RELEVANCY SCORE 43.6

Hi. I recently discovered the pickle.exe virus on my computer. It keeps popping up on every site and attaches itself to words on the screen I am reading. I followed the prompts for removing malware and help on you site. All worked until I downloaded the GMER and got to the scan window. GMER came up with the following boxes already checked; services, registry files, C and ADS. It would not let me check any other boxes. I went ahead and ran the scan. GMER found no system modifications. But again, it was only a limited scan that I could not change in any way. I have copied the DDS.txt file below and attached the Attach. txt files. What do you suggest I do now?

I have

Thanks, Faye

.
DDS (Ver_2011-08-26.01) - NTFSAMD64
Internet Explorer: 8.0.7601.17514 BrowserJavaVersion: 1.6.0_26
Run by 3NICHOLSONS at 10:29:42 on 2011-09-14
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3839.2202 [GMT -7:00]
.
AV: Norton Internet Security *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Internet Security *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\... Read more

A:GMER Performed Limited Scan in Malware Removal Process

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/418939 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 43.6

Hi

My AVG scanner recently detected Trojan horse Backdoor.Generic10.AICG

The free AVG scanner does not remove it. I don't know what kind of harm it can do and I really don't know how I should go about removing it.

Can someone please help me?

Thanks
 

Read other answers
RELEVANCY SCORE 43.6

A little background:
I have a Win98 system with 5 users. 6, if you count the default user (click on cancel at the Windows Login dialog box). When I found I was infected the other day, I manually cleaned up my PC while logged in as a user. Or so I thought. I then logged in under the users to make sure it was clean. I found other malware on these logins, and now the one I thought I had cleaned up is re-infected. Also, sometimes I get a lot of "rundll32 has performed an illegal operation" errors, sometimes I get none. Periodically, I restore rundll32.exe from the CAB files, which seems to help for awhile. But then it comes back. I am now trying to work through the guide before posting HijackThis logs.

Questions:
1. Do I have to go through the malware removal cycle (scan, post HijackThis logs, etc.) for each of these users?

2. Should the scans such as Ad-Aware, Spybot, SuperAntiSpyware, etc. be run all in safe mode, or logged in as a user?

3. Are the rundll32 errors caused by malware?

Thanks,

Tim

A:A Couple Or Three Easy General Questions Re: Malware Removal Process

I have already replied to you here. If you have additional questions related to the thread you already started, please confine them there. Posting a new thread for each question is confusing and makes it harder to provide the assistance you may need.Thanks for your cooperation. I am closing this thread.

Read other 1 answers
RELEVANCY SCORE 43.2

Hello,

I am trying to help a friend dig this bugger out of their system, but I cannot get the FixNCR.reg file to work. I've tried running a browser as admin and loading it off of a usb drive, but each time I get the error message "This file does not have a program associated with it for performing this action. Create an association in the Set Associations control panel". Without completing this step, I can't run RKill, Malwarebytes, etc.

Suggestions?

Thank you,
Gith

A:Trouble starting the vista internet security 2012 removal process

What Windows version is it?

Read other 2 answers
RELEVANCY SCORE 42.4

After removing System Internals Process Explorer the old Resource Monitor windows is blank with the exception of the File Menu items (which do not respond).  How do I get it back?  I really don't want to reinstall, so please don't call that a fix.

Thanks - Art

Read other answers
RELEVANCY SCORE 42
Q: PCEU

http://www.bleepingcomputer.com/forums/topic482905.html

Apologies - i misinterpreted the 3 day help post

A:PCEU

Closing this,has help in MRL.

Read other 1 answers
RELEVANCY SCORE 42
Q: Pceu

Hi iv got a pceu virus that had taken over my dell Inspiron. I can't acces my laptop unless on safe mode. Have ran my virus protection and it picks up nothing. Can someone help me?Edit: Moved topic from Windows Vista to the more appropriate forum. ~ Animal

A:Pceu

Welcome aboard  Run following tools from safe mode.  Download Security Check from here or here and save it to your Desktop. Double-click SecurityCheck.exe Follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.NOTE 1. If one of your security applications (e.g., third-party firewall) requests permission to allow DIG.EXE access the Internet, allow it to do so.NOTE 2 SecurityCheck may produce some false warning(s), so leave the results reading to me. Please download Farbar Service Scanner (FSS) and run it on the computer with the issue.Make sure the following options are checked:
Internet ServicesWindows FirewallSystem RestoreSecurity Center/Action CenterWindows UpdateWindows DefenderOther ServicesPress "Scan".It will create a log (FSS.txt) in the same directory the tool is run.Please copy and paste the log to your reply. Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList Winsock EntriesList last 10 Event Viewer logList Installed ProgramsList Devices (do NOT change any settings here)List Users, Partitions and Memory sizeClick Go and post the result. Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop.* Double-click mbam-setup.exe and follow the prompts to install the program.* At the end,... Read more

Read other 1 answers
RELEVANCY SCORE 41.6

Hi Tommy, I realize you are new. The DDS log needs to be posted here in Virus, Trojan, Spyware, and Malware Removal Logshttp://www.bleepingcomputer.com/forums/forum22.htmlThanks

Read other answers
RELEVANCY SCORE 41.6

Turned on the laptop tonight 10 minutes later PCEU Met Police Trojan.

Sony Vaio VGN FS315 Windows XP Home Edition(no idea where disc is)

Spent 3 hours trying solutions but cannot start up in any safe mode (never even gets to command page) or if in safe-networking when i get to administrator or my account - have a few seconds and PCEU screen appears - no time to do anything.

Have picked up that this may be a newer version perhaps and does not allow safe mode solution.

Any help most gratefully received.

Cheers

A:PCEU infection

I'll report this topic to appropriate helpers.
Hold on....

Read other 50 answers
RELEVANCY SCORE 41.6

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 9.0.8112.16457 BrowserJavaVersion: 10.13.2
Run by Owner at 17:32:39 on 2013-02-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.44.1033.18.2047.653 [GMT 0:00]
.
AV: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: AVG Anti-Virus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
c:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k Loca... Read more

A:PCEU virus

Hello, TommytheCat1.My name is etavares and I will be helping you with this log.Here are some guidelines to ensure we are able to get your machine back under your control.Please do not run any unsupervised scans, fixes, etc. We can work against each other and end up in a worse place.Please subscribe to this topic if you have not already done so. Please check back just in case, as the email system can fail at times.Just because your machine is running better does not mean it is completely cleaned. Please wait for the 'all clear' from me to say when we are done.Please reply within 3 days to be fair to other people asking for help.When in doubt, please stop and ask first. There's no harm in asking questions!Step 1I don't see it in your startup folder which is how this virus loads. I also see that you were able to run the scan in normal mode? When does it pop up? Did you use another account to run this scan?Step 2Two Antiviruses WarningI do not recommend that you have more than one anti virus product installed and running on your computer at a time. The reason for this is that if both products have their automatic (Real-Time) protection switched on, then those products which do not encrypt the virus strings within them can cause other anti virus products to cause "false alarms". It can also lead to a clash as both products fight for access to files which are opened again this is the resident/automatic protection. In general terms, the two programs may conflict and cause:1) False ... Read more

Read other 4 answers
RELEVANCY SCORE 41.6

Hi Guys,
It seems i have aquired this PCeU virus thing,
I have windows 8 64bit.
I can run my PC in safe mode
I have tried finding the registry entry and i have tried running my AVG software.

so thoughts?

cheers
 

A:PCeU Virus

Right its all fixed now i asked my friend and he told me to download malwarebyte, there is a free version and it scanned the whole of my computer and deleted the virus, i would recommend it as you dont have to screw around in the registory editor and you can alway uninstall it once the problem is fixed
 

Read other 1 answers
RELEVANCY SCORE 41.6

Hi, I have been hit by the notorious PCEU trojan/virus. I have tried rebooting in Safe Mode w/networking but can't access my desktop. Nor will it let me reset my PC to a previous configuration. I'm running XP. I'm also running MalwareBytes and AVG so I'm not impressed to have been hit by this

Any ideas guys? Thanks in Advance!

A:PCEU Attack

Hi again, before anyone wastes time on this I should say that I seem to have sorted this via Safe Mode with Command Prompt and running a little app I found which seems to have removed it. Phew!

Read other 2 answers
RELEVANCY SCORE 41.6

Hello there, If this is not in the right forum, my apologies, please redirect me.

A while ago I got the PCEU virus, locked computer, telling me I had to pay 100 to unlock it.

I've tried looking for a solution to this online and there seemed to be numerous fixes, but they didn't work for me, usually because they only applied to windows 8.

I have windows 8 pro and a 32 bit os, are there any solutions you could give me? I've tried hitman pro, malwarebytes and combofix already.

Thank you to anyone who replies.
 

Read other answers
RELEVANCY SCORE 41.6

hi
I have the pceu virus
I have a black screen when I boot up
I have no mouse no controls what ever
I can get the safe mode options up but wen I use any of the modes they just start to load up and don't have any time to type anything (its real quick)
I have the tosh satellite pro c660 2fc
running windows 7
got no backups, no other users

thanks

brian

A:pceu virus

What was your ant-virus program, and was it fully updated? Did you always install the latest Windows Updates?

I would suggest booting with Windows Defender Offline

Some more options here for you to try - http://malwaretips.com/blogs/pceu-virus/

Read other 1 answers
RELEVANCY SCORE 41.6

Got the pceu trojan. locks screen on bootup in normal safe or safe network, also system restore shows no restore point any otherway i can access to run mal bytes ? i do have malwarebytes on a stick if that helps. thx in advance.

A:PCEU trojan

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

Read other 3 answers
RELEVANCY SCORE 41.6

My Norton Internet Security 2012 protected Dell Inspiron laptop running Windows 7 has just become infected with the PCEU virus.

The laptop is completely locked even in PF8 safe mode and says it won't unlock unless I pay the ransom.

Please can you advise how I can rid myself of this virus as the laptop is currently unusable?

I have a USB stick if required.

Many thanks in anticipation.

A:PCEU Virus

Greetings and Welcome to The Forums!!My name is Gringo and I'll be glad to help you with your malware problems.I have put together somethings for you to keep in mind while I am helping you to make things go easier and faster for both of usPlease do not run any tools unless instructed to do so.
We ask you to run different tools in a specific order to ensure the malware is completely removed from your machine, and running any additional tools may detect false positives, interfere with our tools, or cause unforeseen damage or system instability.Please do not attach logs or use code boxes, just copy and paste the text.
Due to the high volume of logs we receive it helps to receive everything in the same format, and code boxes make the logs very difficult to read. Also, attachments require us to download and open the reports when it is easier to just read the reports in your post.Please read every post completely before doing anything.
Pay special attention to the NOTE: lines, these entries identify an individual issue or important step in the cleanup process.Please provide feedback about your experience as we go.
A short statement describing how the computer is working helps us understand where to go next, for example: I am still getting redirected, the computer is running normally, etc. Please do not describe the computer as "the same", this requires the extra step of looking back at your previous post.NOTE: At the top o... Read more

Read other 22 answers
RELEVANCY SCORE 41.6

Hi there,

Some weeks ago my PC (a Dell 380) was infected with PCeU ransomware. On that occasion, I was able to access the command prompt via Safe Mode and run a utility which seemed to sort the issue.

However, I have been reinfected; the screen I receive looks slightly different (pretty much the same content but a different appearance) and I cannot access safe mode at all, so I suspect this might be a new "upgraded" version of the virus?

I have tried everything I can think of. Safe Mode with Networking and Last Good Configuration both lead to the PCeU screen. Safe mode with cmd just "loops", taking me back to the screen with the Safe Mode options.

So if any of you good people could help, I'd be grateful!!! Obviously because I can't access the cmd prompt I can't run DDS/GMER (unless I'm missing something, I'm not very computer minded!)

Also, WHY does anti virus software (I'm running AVG and MalwareBytes) not spot this and block the threat....? It seems to be everywhere at the moment, I spoke to a computer savvy guy in my local bar for advice and he said he and a friend of his were all in the same position having been binfected in the last couple of days and are awaiting a reply to this post as keenly as I am!!

Many thanks in advance....

A:PCeU - new version?

PS:
PCEU Attack

Read other 3 answers
RELEVANCY SCORE 41.6

Hi
 
I've read your instructions for using hitmanpro on usb to remove the pceu virus.
 
My problem is how can I set up hitman pro 32bit if i only have access to a clean 64bit machine?
 
Sorry - I'm not the best with computers
 
J

A:pceu virus

Should work normally. Do as instructed.

Read other 4 answers
RELEVANCY SCORE 41.6

Hello,

Im running xp home and have managed to get the pceu virus.

I have read other helps, however I am unable to reboot in safe mode.

When I try to reboot, it just goes back to the advanced boot options screen.

I am unable to get any access to the desktop as the screen just goes into lockdown.

Can anyone offer any help.

Thanks

G

A:PCEU Virus

HI,

what happens when you try normal mode?

Read other 2 answers
RELEVANCY SCORE 41.6

Hi I have just picked up a pceu metropolitan police virus. This has locked up my pc. I have tried starting in safe mode but am unable to do so the pc keeps defaulting to the options screen and will only star windows normally!! Any ideas please!!EDIT > Moved to Virus, Trojan, Spyware, and Malware Removal LogsGlo Mod boopme

A:pceu virus

Hi rev stew,Welcome to BleepingComputer Virus, Trojan, Spyware, and Malware Removal Logs Forum. My name is sundavis, I will be helping you to deal with your Malware problems today.Do you have XP Install Disk handy? We need to make a rescure CD if the following approach can't do the trick. or Can you borrow one? Advise me in your next time. Thanks.Step1Please downlaod PC Regedit bootable CD iso Here from a working computer.Place a blank CD in your CD-Rom to burn the iso to a bootable CD. If you need a free burner, please go to Here.Boot the sick computer using the boot CD you just created, and the computer must be set to boot from the CD first.For information click Here Please insert your bootable CD into CD/DVD rom and Restart your computerNavigate to the following filepath ---> config > SOFTWARE > root > Microsoft > Windows NT > CurrentVersion > WinlogonClick on Winlogon and look for Shell in the right pane, right click on Shell and select Value edit.Note down the whole filepath on value box before editing the value, After that, replace the legit value Explorer.exe on the value box and Yes to the Save Change.Get the bootable CD out of CD/DVD rom and reboot normally. For more info: Here .If you are able to bootup normally, please proceed the following step2 accordinglyStep2Please download OTL and save it to your desktop.Double click on the icon on your desktop.Click the "Scan All Users" checkbox.Click the "Quick Scan" butt... Read more

Read other 2 answers
RELEVANCY SCORE 41.6

Hello there

I believe I have gotten rid of the PCeU virus using Combifix in safe mode with networking. I ran combifix again once I was able to boot normally and this is the log. Can someone look and see if it is all gone or if I am still infected by anything? Thanks

nesbit

A:PCeU virus

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.Download DDS by sUBs from one of the following links if you no longer have it available. Save it to your desktop.DDS.scr <- not recommended if you use Chrome to download this .scr file. Use the other options.DDS.pifDDS.COMDouble click on the DDS icon, allow it to run. A small box will open, with an explanation about the tool. No input is needed, the scan is running. Notepad will open with the results. Follow the instructions that pop up for posting the results.Please note: You may have to disable any script protection running if the scan fails to run.Please just paste the contents of the DDS.txt log in your next post. DO NOT attach the log.Please post the logs for my review.

Read other 12 answers
RELEVANCY SCORE 41.6

I seemed to have picked up the pceu virus from somewhere and none of the anti-virus softwares I've tried (avg free, kaspersky, malwarebytes) have managed to remove it. I've seen a few screenshots and video tutorials on how to remove it but it looks slightly different which suggests to me it's a more recent version.Can anyone offer any help???Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

A:Pceu virus help

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Read other 2 answers
RELEVANCY SCORE 41.6

Hi,

I seem to have picked up the Pceu malware and my windows 7 machine is now unusable. I could really do with some urgent help as I have no idea where to go from here.

Any and all help gratefully received..

Thanks in advance.

Additional: all that I can see is my windows Libraries folder but I can access windows explorer from this. My desktop wallpaper is visible but no icons or system bar, system tray, etc.
I was browsing multiple windows in a version of Firefix that I believed to be fully patched and had a fully up to date version of McAfee running.

A:Pceu on windows 7

Hello, this is a difficult fraud app to remove.We need a deeper look. Please go here....Preparation Guide ,do steps 6-9.Create a DDS log and post it in the new topic explained in step 9 which is here Virus, Trojan, Spyware, and Malware Removal Logs and not in this topic,thanks.If GMER won't run skip it and move on.Let me know if that went well.

Read other 3 answers
RELEVANCY SCORE 41.6

Hello,Im running XP home and have managed to get the pceu virus.I have read around for help, however I am unable to reboot in safe mode.When I try to reboot, it just goes back to the advanced boot options screen.I am unable to get any access to the desktop so am unable to run any scans or download anything suggested in the guidelines 6-9 as i have no access to my desk top.can anyone suggest another course of action that doesn't include the guidelines as i can not get any of the Prrp guide to work. many thanksWillphysioEdit: Moved topic from Am I Infected to the more appropriate forum, as directed by AII staff due to member being unable to run scans according to prep guide. ~ Animal

A:PCEU virus

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Read all these directions before proceeding.When you have the .ISO file downloaded, you need to create a bootable disk or flash drive with it, using a clean PC to do that. The .ISO file is a disk image. It should NOT be burned as a regular file. You need a program like ImgBurn that can burn an .ISO image. I think a CD is best as there is no way anything can write on it after it is made, but the USB may be more convenient and easier.Be sure to read these:Download Kaspersky Rescue Disk 10How to record Kaspersky Rescue Disk 10 to an USB device and boot my computer from it?How to record Kaspersky Rescue Disk 10 to a CD/DVD and boot my computer from the disk?Summarizing:Go to a clean PC.Download the .iso image file.Create a CD (or flash drive if you prefer).At the infected PC: put the disk in the drive and reboot.Follow the directions here, but you will find some differences. Familiarize yourself with How to create a report file in Kaspersky Rescue Disk 10?Print the following directions:Boot from Kaspersky Rescue Disk 10:Restart your computer and put the disk in the drive while booting. Press any key. A loading wizard will start (you will see the menu to select the required language). If you do not press any key in 10 seconds, the computer boots from hard drive automatica... Read more

Read other 2 answers