Nuage suspect 4
Anonymous user
-
Anonymous user -
Anonymous user -
Hello,
Norton found a heuristic virus on my computer named suspicious cloud 4. After several scans with another antivirus, nothing was found. Should I be worried????
Configuration: Windows 7 / Internet Explorer 8.0
--
Find solutions for my computer and my partner's.
Norton found a heuristic virus on my computer named suspicious cloud 4. After several scans with another antivirus, nothing was found. Should I be worried????
Configuration: Windows 7 / Internet Explorer 8.0
--
Find solutions for my computer and my partner's.
25 réponses
- 1
- 2
Suivant
DISABLE YOUR ANTIVIRUS AND FIREWALL IF PRESENT !!!!! (as it is mistakenly detected as an infection)
▶ Download here: List_Kill'em
and save it on your desktop
if you have XP => double click
if you have Vista or Windows 7 => right click "run as...."
on the shortcut on your desktop to start the installation
Keep checked:
♦ Run List_Kill'em
once finished, click on "finish" and the program will start automatically
It will first download and install its updates, then will give you its menu
choose the Search option
▶ let the tool work
a dialog box may open, in that case click "ok" or "Agree"
when the white window appears, it may take a little while, that's normal, it's a supplementary search for hidden files, the program is not stuck.
▶ Post the content of the report that opens at 100% of the scan on the screen "COMPLETED"
▶▶▶ DO NOT POST IT ON THE FORUM
To send it to me click on this link: http://www.cijoint.fr/
▶ Click on Browse and search for the file C:\List'em.txt
▶ Click on Open.
▶ Click on "Click here to drop the file".
A link of this form:
http://www.cijoint.fr/cjlink.php?file=265368/cijSKAP5fU.txt
is added on the page.
▶ Copy this link in your reply.
▶ Do the same with more.txt which is on your desktop
--
♦G3и-н@¢ки™©®♦
▶ Download here: List_Kill'em
and save it on your desktop
if you have XP => double click
if you have Vista or Windows 7 => right click "run as...."
on the shortcut on your desktop to start the installation
Keep checked:
♦ Run List_Kill'em
once finished, click on "finish" and the program will start automatically
It will first download and install its updates, then will give you its menu
choose the Search option
▶ let the tool work
a dialog box may open, in that case click "ok" or "Agree"
when the white window appears, it may take a little while, that's normal, it's a supplementary search for hidden files, the program is not stuck.
▶ Post the content of the report that opens at 100% of the scan on the screen "COMPLETED"
▶▶▶ DO NOT POST IT ON THE FORUM
To send it to me click on this link: http://www.cijoint.fr/
▶ Click on Browse and search for the file C:\List'em.txt
▶ Click on Open.
▶ Click on "Click here to drop the file".
A link of this form:
http://www.cijoint.fr/cjlink.php?file=265368/cijSKAP5fU.txt
is added on the page.
▶ Copy this link in your reply.
▶ Do the same with more.txt which is on your desktop
--
♦G3и-н@¢ки™©®♦
empty the temp folder
* Download here: USBFIX to your desktop
/!\ Temporarily disable, and only for the time you are using USBFIX, the real-time protection of your antivirus and antispyware, which can significantly hinder the search and cleaning procedure of the tool.
If you have XP => double click
if you have Vista or Windows 7 => right click "run as...."
on the Usbfix icon located on your Desktop.
On the page, click on the button:
“Search”
/!\ Connect your external data sources to your PC (USB key, external hard drive, etc...) that may have been infected without opening them
- then click OK
- Let the tool work.
- Post the report that appears at the end.
the report is located at C:\ UsbFix.txt
Note: "Process.exe", a component of the tool, is detected by some antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) as a RiskTool.
It is not a virus, but a utility designed to terminate processes.
In the wrong hands, this utility could stop security software (Antivirus, Firewall...) hence the alert issued by these antivirus programs.
--
♦G3и-н@¢км@и™©®♦
* Download here: USBFIX to your desktop
/!\ Temporarily disable, and only for the time you are using USBFIX, the real-time protection of your antivirus and antispyware, which can significantly hinder the search and cleaning procedure of the tool.
If you have XP => double click
if you have Vista or Windows 7 => right click "run as...."
on the Usbfix icon located on your Desktop.
On the page, click on the button:
“Search”
/!\ Connect your external data sources to your PC (USB key, external hard drive, etc...) that may have been infected without opening them
- then click OK
- Let the tool work.
- Post the report that appears at the end.
the report is located at C:\ UsbFix.txt
Note: "Process.exe", a component of the tool, is detected by some antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) as a RiskTool.
It is not a virus, but a utility designed to terminate processes.
In the wrong hands, this utility could stop security software (Antivirus, Firewall...) hence the alert issued by these antivirus programs.
--
♦G3и-н@¢км@и™©®♦
Good evening,
I haven't downloaded USBFIX yet, as I'm waiting for my partner. Norton has quarantined the suspicious cloud files. It detected them since Sunday, August 29 (which is one detection) and 3 detections today, Monday, August 30, 2010.
--
Find solutions for my computer and my partner's.
I haven't downloaded USBFIX yet, as I'm waiting for my partner. Norton has quarantined the suspicious cloud files. It detected them since Sunday, August 29 (which is one detection) and 3 detections today, Monday, August 30, 2010.
--
Find solutions for my computer and my partner's.
Here is the report.
I don't understand because I disabled my firewall until I restarted my computer.
User: xxx
Updated on 08/29/2010 by El Desaparecido/ c_xx
Website: http:\pagesperso-orange.fr\NosTools\index.htlm
Contact: Findykill. contact@gmail.com
CPU: ----
CUP2:---
Microsoft Windows 7 Home Premium Edition
Internet Explorer 8 ...
Windows Firewall enabled
RAM-> 3838 MB
C:\ (%systemdrive%)-> Hard Drive # 450 GB Free(s)
D:\ -> CD-ROM
################### l Infectious Elements l
################### l Registry
################### l Mountpoints2
################### l Vaccine
(!) This computer is not vaccinated!
################### l E.O.F l
--
Find solutions for my computer and my partner's.
I don't understand because I disabled my firewall until I restarted my computer.
User: xxx
Updated on 08/29/2010 by El Desaparecido/ c_xx
Website: http:\pagesperso-orange.fr\NosTools\index.htlm
Contact: Findykill. contact@gmail.com
CPU: ----
CUP2:---
Microsoft Windows 7 Home Premium Edition
Internet Explorer 8 ...
Windows Firewall enabled
RAM-> 3838 MB
C:\ (%systemdrive%)-> Hard Drive # 450 GB Free(s)
D:\ -> CD-ROM
################### l Infectious Elements l
################### l Registry
################### l Mountpoints2
################### l Vaccine
(!) This computer is not vaccinated!
################### l E.O.F l
--
Find solutions for my computer and my partner's.
I will start over tomorrow, then. Have a good evening!!!
--
Finding solutions for my computer and my partner's.
--
Finding solutions for my computer and my partner's.
Hello,
I have tried everything, there’s nothing I can do. I disabled the smart firewall and Norton auto-protect antivirus. Still nothing. I even disabled the Windows Firewall.
But it still seems to be protected.
I wonder if it's because I'm on Wi-Fi, on my laptop.
--
Looking for solutions for my computer and my partner's.
I have tried everything, there’s nothing I can do. I disabled the smart firewall and Norton auto-protect antivirus. Still nothing. I even disabled the Windows Firewall.
But it still seems to be protected.
I wonder if it's because I'm on Wi-Fi, on my laptop.
--
Looking for solutions for my computer and my partner's.
I am sharing the result; the list is really long to write. Here we go!!!
User: xxx
Updated on 29/08/2010 by El Desaparecido/ c_xx
Website: http:\pagesperso-orange.fr\NosTools\index.htlm
Contact: Findykill. contact@gmail.com
CPU: ----
CUP2:---
Microsoft Windows 7 Home Premium Edition
Internet Explorer 8 ...
Windows Firewall enabled
RAM-> 3838 Mo
C:\ (%systemdrive%)-> hard drive # 450 Go Free (s)
D:\ -> CD-ROM
################### l Infectious Elements l
################### l Registry l
################### l Mountpoints2 l
################### l Listing l
User: xxx
Updated on 29/08/2010 by El Desaparecido/ c_xx
Website: http:\pagesperso-orange.fr\NosTools\index.htlm
Contact: Findykill. contact@gmail.com
CPU: ----
CUP2:---
Microsoft Windows 7 Home Premium Edition
Internet Explorer 8 ...
Windows Firewall enabled
RAM-> 3838 Mo
C:\ (%systemdrive%)-> hard drive # 450 Go Free (s)
D:\ -> CD-ROM
################### l Infectious Elements l
################### l Registry l
################### l Mountpoints2 l
################### l Listing l
Continuation of the listing
31/08/2010 -14:09:17 l SHD ] C:\ $ Reclycle. bin
14/07/2009 -03:38.58 l RASH l 383562
27/07/2009 -22h40:53 l RASH l 8192] C\:BOOTSECT.BAK
14/07/2009 -07:08:56 l SHD ] C:\ Document and Settings
21/08/2010 -02:41:32 l DC] c:\element
07/11/2007- 08:00:40 A l 17734] C:\eula.1028.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1031.txt
07/11/2007- 08:00:40 A l 10134] C:\eula.1033.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1036.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1040.txt
07/11/2007- 08:00:40 A l 118] C:\eula.1041.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1042.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.2052.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.3082.txt
07/11/2007- 08:00:40 A l 1110] C:\globdata.ini
31/08/2010- 12:56:02 ASH l 3018461184] C:\hiberfil.sys
07/11/2007- 08:44:20 A l 855040] C:\ install.exe
07/11/2007- 08:44:20 A l 843] C:\ install.ini
07/11/2007- 08:44:20 A l 75280] C:\ install.res.1028.dll
07/11/2007- 08:44:20 A l 95248] C:\ install.res.1031.dll
07/11/2007- 08:44:20 A l 90128] C:\ install.res.1033.dll
07/11/2007- 08:44:20 A l 96272] C:\ install.res.1036.dll
07/11/2007- 08:44:20 A l 94224] C:\ install.res.1040.dll
07/11/2007- 08:44:20 A l 80400] C:\ install.res.1041.dll
07/11/2007- 08:44:20 A l 78864] C:\ install.res.1042.dll
07/11/2007- 08:44:20 A l 74768] C:\ install.res.2052.dll
07/11/2007- 08:44:20 A l 95248] C:\ install.res.3082.dll
25/03/2010- 21:45:10 RHD ] C:\MSOCache
23/08/2010- 16:57:38 HD ] C:\oem
31/08/2010- 12:56:06 ASH l 4024614912] C:\pagefile.sys
01/04/2010- 05:51:23 RASH l 1893] C:\Patch.rev
14/07/2009- 05:20:08 D ] C:\PerfLogs
21/08/2010- 02:35:51 l RASH l 221] C:\Preload.rev
30/08/2010- 21:44:30 l RD ] C:\ Program Files
30/08/2010- 22:08:17 l RD ] C:\ Program Files (x86)
30/08/2010- 21:40:03 l HD ] C:\ ProgramData
21/08/2010- 02:35:39 l SHD ]C:\Recovery
19/05/2010- 02:18:07 l A l 2142] C:\RHDSetup. log
31/08/2010- 13:01:55 l SHD] C:\System Volume Information
31/08/2010- 14:09: 17 l D ] C:\ UsbFix
31/08/2010- 14:07:36 l A l 3021] C:\ UsbFix.txt
23/08/2010- 19:03:2010l RD ] C:\Users
07/11/2007- 08:00:40 l A l 5686] C:\vcredist.bmp
07/11/2007- 08:50:40 l A l 1927956]C:\VC_RED.cab
07/11/2007- 08:53:12 l A l 242176 C:\VC_RED.MSI
31/08/2010- 09/29/57 l AD ] C:\ Windows
################### l Vaccine l
C:\Autorun.inf-> Folder created by Usbfix (El Desaparecido $ C_xx)
################### l E.O.F l
------------------------------------------------------------------------------
So what does this report mean????? Thank you!!!!
31/08/2010 -14:09:17 l SHD ] C:\ $ Reclycle. bin
14/07/2009 -03:38.58 l RASH l 383562
27/07/2009 -22h40:53 l RASH l 8192] C\:BOOTSECT.BAK
14/07/2009 -07:08:56 l SHD ] C:\ Document and Settings
21/08/2010 -02:41:32 l DC] c:\element
07/11/2007- 08:00:40 A l 17734] C:\eula.1028.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1031.txt
07/11/2007- 08:00:40 A l 10134] C:\eula.1033.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1036.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1040.txt
07/11/2007- 08:00:40 A l 118] C:\eula.1041.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.1042.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.2052.txt
07/11/2007- 08:00:40 A l 17734] C:\eula.3082.txt
07/11/2007- 08:00:40 A l 1110] C:\globdata.ini
31/08/2010- 12:56:02 ASH l 3018461184] C:\hiberfil.sys
07/11/2007- 08:44:20 A l 855040] C:\ install.exe
07/11/2007- 08:44:20 A l 843] C:\ install.ini
07/11/2007- 08:44:20 A l 75280] C:\ install.res.1028.dll
07/11/2007- 08:44:20 A l 95248] C:\ install.res.1031.dll
07/11/2007- 08:44:20 A l 90128] C:\ install.res.1033.dll
07/11/2007- 08:44:20 A l 96272] C:\ install.res.1036.dll
07/11/2007- 08:44:20 A l 94224] C:\ install.res.1040.dll
07/11/2007- 08:44:20 A l 80400] C:\ install.res.1041.dll
07/11/2007- 08:44:20 A l 78864] C:\ install.res.1042.dll
07/11/2007- 08:44:20 A l 74768] C:\ install.res.2052.dll
07/11/2007- 08:44:20 A l 95248] C:\ install.res.3082.dll
25/03/2010- 21:45:10 RHD ] C:\MSOCache
23/08/2010- 16:57:38 HD ] C:\oem
31/08/2010- 12:56:06 ASH l 4024614912] C:\pagefile.sys
01/04/2010- 05:51:23 RASH l 1893] C:\Patch.rev
14/07/2009- 05:20:08 D ] C:\PerfLogs
21/08/2010- 02:35:51 l RASH l 221] C:\Preload.rev
30/08/2010- 21:44:30 l RD ] C:\ Program Files
30/08/2010- 22:08:17 l RD ] C:\ Program Files (x86)
30/08/2010- 21:40:03 l HD ] C:\ ProgramData
21/08/2010- 02:35:39 l SHD ]C:\Recovery
19/05/2010- 02:18:07 l A l 2142] C:\RHDSetup. log
31/08/2010- 13:01:55 l SHD] C:\System Volume Information
31/08/2010- 14:09: 17 l D ] C:\ UsbFix
31/08/2010- 14:07:36 l A l 3021] C:\ UsbFix.txt
23/08/2010- 19:03:2010l RD ] C:\Users
07/11/2007- 08:00:40 l A l 5686] C:\vcredist.bmp
07/11/2007- 08:50:40 l A l 1927956]C:\VC_RED.cab
07/11/2007- 08:53:12 l A l 242176 C:\VC_RED.MSI
31/08/2010- 09/29/57 l AD ] C:\ Windows
################### l Vaccine l
C:\Autorun.inf-> Folder created by Usbfix (El Desaparecido $ C_xx)
################### l E.O.F l
------------------------------------------------------------------------------
So what does this report mean????? Thank you!!!!
- 1
- 2
Suivant