Over 1 million tech questions and answers.

Norton Security, Suspicious.Cloud.9.B detection...

Q: Norton Security, Suspicious.Cloud.9.B detection...

So today Norton Security picked up something weird while my computer was idle. 
 
Infected file: BIT1D2E.tmp
Location: C:\Windows\Temp\BIT1D2E.tmp
Threat name: Suspicious.Cloud.9.B
Threat type: Heuristic virus
 
 
That's really all I have, but I saw it again in the same folder(how the heck did it get redownloaded?) a few minutes later and uploaded it to VirusTotal:
https://www.virustotal.com/nb/file/a965bef89c8d92f79e5a98602bb09d92aba25659e03b57f34aa32b90508191b6/analysis/1448399271/
 
 
Malwarebytes and SUPERAntiSpyware comes out clean, and now Norton Securtiy also returns clean.
 
I'm confused. False positive or infected?

RELEVANCY SCORE 200
Preferred Solution: Norton Security, Suspicious.Cloud.9.B detection...

I recommend trying the free service from Zip Cloud. It's currently our users' favorite backup and storage solution and will save you headaches down the line.

You can get it direct from this link http://goo.gl/rFYDxc. (This link will open the Zip Cloud homepage.)

A: Norton Security, Suspicious.Cloud.9.B detection...

Hello,
 

Please download Rkill to your Desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
 
§  Double-click on the Rkill desktop icon to run the tool.
§  If using Windows Vista, 7, 8 or 10 right-click on it and choose Run As Administrator.
§  A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
§  If not, delete the file, then download and use the one provided in Link 2.
§  Do not reboot until instructed.
§  If the tool does not run from any of the links provided, please let me know.
If normal mode still doesn't work, run the tool from Safe Mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
-----
 
Kaspersky Virus Removal Tool
Please download Kaspersky Virus Removal Tool from here.
§  Right click on KVRT.exe and select Run as Administrator.
§  Read the EULA, then select Accept.
§  Wait for Kaspersky Virus Removal Tool to initialize.
§  In the main screen, select Change parameters, place a checkmark in System drive, then click OK.
§  Click Start scan.
§  Wait for Kaspersky Virus Removal Tool to complete scanning.
§  When the scan is finished, select Neutralize all for all detected objects.
§  Close Kaspersky Virus Removal Tool when done.
Informe me if something is detected.
------

Read other 3 answers
RELEVANCY SCORE 80.4

Moved to proper forum,Virus, Trojan, Spyware, and Malware Removal Logs ~~boopmeAt each login I NIS 2010 finds and a virus in a file at C:\windows\temp\tmpXXXXXX, where XXXXXX is a longer hex number. NIS removes the file to its quarantine store. Neither full scans with NIS nor Malwarebytes' Anti-Malware in normal or safe mode detects any viruses. Still as this happens at every login, there must be some other driver, service or other piece of software that is infected and that writes the tmp file and presumably tries to execute it at every login, but I cannot find out what.I have also run updated versions of Ad-aware, Ccleaner, on-line virus scans at Norton.com and F-secure. No scan finds anything other than low risk tracking cookies, which they remove after each scan. The F-secure on-line scan indicated some other problem which I tried to fix by deleted the listed files The log is also attached.I have tried to follow your your procedure at your "Virus, Trojan, Spyware, and Malware Removal Logs" page, but when I tries to run GMER downloaded from http://www.gmer.net/gmer.zip GMER crashes during the scan after a couple of minutes (at different points at different times) this also happens in safe mode.My box doesn?t seem to be sluggish or otherwise affected but I am afraid that some virus may do some harmful things if I do not remove it. I would be most grateful if someone can help me. Edit: I also did run hijackthis and have attached the log.Regards

A:Norton Internet Seurity 2010 indicates Suspicious.Cloud virus

Hello and welcome to Bleeping ComputerWe apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open with the results.Foll... Read more

Read other 3 answers
RELEVANCY SCORE 70.4

Hi. For the past week I have been getting intrusion detection notifications from Norton Internet Security. The messages will read "Severity: High. Activity: An intrusion attempt by m01n83kjf7.com. Status: Blocked. Recommended Action: No Action required". The last message was just ten minutes ago. Yesterday I did a full scan with Norton Internet Security. Only cookies showed up in the results. I also did a scan with "Super AntiSpyware" - same results, only cookies. I am not sure what should be my next option. Any help is much appreciated.Thank you for reading.

A:Intrusion Detection - Norton Security

Good evening. Please follow the instructions here and then start a NEW thread and post accordingly. To keep things tidy i'll close this one.

Read other 1 answers
RELEVANCY SCORE 69.2

I'm running Norton Internet Security on two of home computers (laptop and desktop) on a wireless home network (XBox 360 and Blu-Ray share wireless connection). I've been noticing that is is taking longer and longer to log into windows and open any application. So I ran Norton AV and it came back clean except for a few cookies which it deleted. However upon inspection of the recent activity on my machines it appears my competers are infected or someone has hacked into or out of my firewall (hopefully not both). When I called Norton they said to run their Power Eraser, but once again nothing came up. I exported the recent history logs to .txt files if you need me to attach those.

I then decided to run Spybot and it discovered both machines were infected with "WISHBONE". Spybot was able to clean it off both machines and is now coming back clean, but my logs still have suspicious activity. I just downloaded and ran Malwarebytes, but once again it found nothing. I also ran TDSSKiller and it came back with no problems found as well. So what is the next step to find out if I actually have a problem with one of my machines or my firewall security?

Here is the Malwarebytes log file:

Malwarebytes' Anti-Malware 1.50.1.1100
www.malwarebytes.org

Database version: 5947

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

3/3/2011 5:58:02 PM
mbam-log-2011-03-03 (17-58-02).txt

Scan type: Full scan (C:\|H:\|)
Objects scanned: 299416
Time elapsed: 38 m... Read more

A:Suspicious Norton Internet Security Logs - HELP

Hello, go into your Control Panel and see if there's a Wishbone Tool bar/ If so temove it.Now do an online scan please.Please perform a scan with Eset Online Antiivirus Scanner.This scan requires Internet Explorer,Opera or Firefox to work. Vista/Windows 7 users need to run Internet Explorer as Administrator.To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.Click the green button.Read the End User License Agreement and check the box: Check .Click the button.Accept any security warnings from your browser.Check Check Remove found threats and Scan potentially unwanted applications. (If given the option, choose "Quarantine" instead of delete.)Click the Start button.ESET will then download updates for itself, install itself, and begin scanning your computer.If offered the option to get information or buy software at any point, just close the window.The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.When the scan completes, push Push , and save the file to your desktop as ESETScan.txt. Push the button, then Finish.Copy and paste the contents of ESETScan.txt in your next reply.Note: A log.txt file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.If you did not save the ESETScan log, click > Run..., then type or copy and p... Read more

Read other 8 answers
RELEVANCY SCORE 62

Attempted to download "combofix.exe" and Norton's File Insight flagged it as a threat,
 
Threat information provided by Program
 

Filename: combofix.exe
Threat name: Suspicious.Cloud.7.EP
Full Path: c:\users\user\downloads\combofix.exe
____________________________
Details
Unknown Community Usage,  Unknown Age,  Risk High
Origin
Downloaded from
 http://download.bleepingcomputer.com/dl/bd10c5d5c225f8e23136591fb6f4d0bd/544984b7/windows/security/anti-virus/c/combofix/ComboFix.exe
Activity
Actions performed: Actions performed: 1
____________________________
On computers as of
Not Available
Last Used
10/23/2014 at 3:45:41 PM
Startup Item
No
Launched
No
____________________________
Unknown
It is unknown how many users in the Norton Community have used this file.
Unknown
This file release is currently not known.
High
This file risk is high.
Threat type: Heuristic Virus. Detection of a threat based on malware heuristics.
____________________________
http://download.bleepingcomputer.com/dl/bd10c5d5c225f8e23136591fb6f4d0bd/544984b7/windows/security/anti-virus/c/combofix/ComboFix.exe
Downloaded File combofix.exe Threat name: Suspicious.Cloud.7.EP
 from bleepingcomputer.com
Source: External Media
____________________________
File Actions
File: c:\users\user\downloads\ combofix.exe Removed
____________________________
File Thumbprint - SHA:
86eb338f193669495479b7278a21fd3f7d266d1ef7f7c2afdb8dcd14030e63d1
File Thumbprint - MD5:
Not available
 

A:Suspicious.Cloud.7.EP

This is a false positive by Norton.Certain embedded files that are part of legitimate programs or specialized fix tools such as Combofix may at times be detected by some anti-virus and anti-malware scanners as suspicious, a Risk Tool, Hacking Tool, Potentially Unwanted Program, a possible threat or even Malware (virus/trojan) when that is not the case. This occurs for a variety of reasons to include the tool's compiler, the files it uses, whether files are compressed or packed, what behavior (routines, scripts, etc) it performs, any registry strings it may contain and the type of security engine that was used during the scan. Other legitimate files which may be obfuscated, encrypted or password protected in order to conceal itself so they do not allow access for scanning but often trigger alerts by anti-virus software.When flagged by an anti-virus or security scanner, it's because the program includes features, behavior or files that appear suspicious or which can potentially be used for malicious purposes. Compressed and packed files in particular are often flagged as suspicious by security software because they have difficulty reading what is inside them. These detections do not necessarily mean the file is malicious or a bad program. It means it has the potential for being misused by others or that it was simply detected as suspicious or a threat due to the security program's heuristic analysis engine which provides the ability to detect possible new variants of malware. A... Read more

Read other 2 answers
RELEVANCY SCORE 62

Looks like I have something funny on my new Windows 8 Box. My computer started acting funny so I downloaded a Norton 30 day free trial. I have gotten several popups saying Norton blocked "suspicious.cloud.9". I did a little research and from what I can tell this is some sort of Trojan. Norton says it blocked it but my computer has been really slow for the past couple of days. Should I worry?

A:Suspicious.Cloud.9

Try Running the Following Tools:[List][*] (JRT) Junkware Removal Tool[*] Malwarebytes[/URL]Questions:Did Norton Sucessfully Quarantine the Trojan?Also I suggest you use Avast besides Norton.

Read other 5 answers
RELEVANCY SCORE 62

For some reason I can't turn on the Intrusion Detection on my Norton Internet Security

When try to turn it on it says "Failed to Save Setting. Please verify that your Windows account is not restricted"

The only problem is that I'm the administrator and the only account on this laptop! I have no idea what to do. I've fooled around with the settings to see if I could find anything but I came up with nothing. At this point, I'm really worried that it's a virus or something like that but Norton and AdAware haven't picked up anything. I could post a HijackThis log if you think that'll help. Thanks in advance for any help you guys
 

A:I can't turn on "Intrusion Detection" on Norton Internet Security

bump.. I could really use some advice. I'm really paranoid about having a trojan
 

Read other 2 answers
RELEVANCY SCORE 61.6

Hello, as old COMODO fan I wanna know how the online Cloud detection works. I notice in @cruelsister video that COMODO detected some files with the cloud engine and I wanna know if I use CIS in internet security mode, will I get the same result ? Do i need to check CAMAS ?

I am asking this because on my home PC COMODO never detects files using the Cloud. I am thinking to replace AVAST on my work PC and Tencent on my laptop.
 

A:Comodo Cloud detection

Comodo Cloud option is under File Rating option.
Its enabled by default.
Yes Comodo Internet Security mode will detect with Cloud too.

The reason you see cloud detection alert in cruelsister video is she uses Comodo Firewall only.
No AV is installed but as Cloud connection is there so malware are detected & Cloud detection alert is there.

With CIS, as AV is there too, mostly local AV will detect & you will get AV alert.
But if the new detection is added to the Cloud & local AV hasn't updated yet then you will get Cloud alert if the malware detection was found in the cloud.
 

Read other 19 answers
RELEVANCY SCORE 61.2

Norton  keeps finding it and saying it has been removed.  How do I get rid of it once and for all?  windows 7.  emachines E627Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

A:How do I remove Suspicious Cloud 7 EP?

Hello tyl604
First -
Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.
NOTE - If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
 
 
Next -
Download Malwarebytes' Anti-Malware Free (aka MBAM): to your desktop.
- Do not accept the Free Trial Version at this time -
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-M... Read more

Read other 10 answers
RELEVANCY SCORE 60.8

How do I get rid of this from the registry?  it is stating its an Microsoft operating system.
I am also getting redirected to different website and my cursor seems to behind where I am typing.  and some letters do not type, or if I back space once all is lost.  Norton can not remove it.  its also showing in google start up as well
any ideas how to remove this? thanks

A:Suspicious.Cloud.7.EP virus and start up

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.
We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.
To help Bleeping Computer better assist you please perform the following steps:
*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/498933 <<< CLICK THIS LINK
If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.
***************************************************If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of t... Read more

Read other 2 answers
RELEVANCY SCORE 60.8

Hi,

A couple of days ago, I came to my computer and saw that Norton 360 had discovered several bugs and reported that it was unable to remove them. Here's the list:
Suspicious.Cloud.7.F
Trojan.Maljava
Suspicious.Cloud.7.F
Suspicious.Cloud.7.F
Suspicious.Cloud.7.F
WS.Malware.1
WS.Malware.2
Trojan.Gen.2
Trojan.Maljava

I rescanned as it instructed, but had no luck. When I ran Norton Power Eraser, the only thing it found were cookies that it removed. Malwarebytes also found nothing. Don't know if this is a false positive, but I don't remember installing anything recently that would trigger this. The system doesn't seem to be running any differently, but I want to make sure I'm not infected.

I tried to run gmer, but the first time it ran for over 12hrs and still was not finished. The second time, it crashed my system (bsod) and I didn't have time to note the error code. The dds log is below. Thanks.

-----------------------------------------------------------------------

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16464 BrowserJavaVersion: 10.13.2
Run by Administrator at 15:36:03 on 2013-02-27
Microsoft? Windows Vista? Business 6.0.6002.2.1252.1.1033.18.3071.1191 [GMT -6:00]
.
AV: Norton 360 Premier Edition *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202} ... Read more

A:Suspicious.Cloud.7.F, Trojan.Maljava, and others

Hello and welcome to TSF.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant Notification then click Subscribe.
----------

Please download aswMBR to your desktop.
Double click the aswMBR icon to run it.
Click the Scan button to start scan.
If you are asked to update the Avast Virus database please allow it to do so.
When it finishes, press the save log button, save the logfile to your desktop and attach its contents in your next reply.


Click the image to enlarge it

AdwCleanerClose all open programs and internet browsers.
Double click on adwcleaner.exe to run the tool.
Click on Delete.
Confirm each time with Ok.
You will be prompted to restart your computer. A text file will open after the restart.
Please post the contents of that logfile with your next reply.
You can find the logfile at C:\AdwCleaner[S1].txt as well.

Read other 19 answers
RELEVANCY SCORE 60

I am helping a friend with this problem.  Her computer was infected by the suspicious.cloud.7.ep virus.  She is running Norton Anti-Virus.  Norton was giving her the messages - "Auto-Protect is processing security risk suspicious.cloud.7.ep" - followed by "Auto-Protect has removed the security risk suspicious.cloud.7.ep".
She was getting these messages repeatedly.  It seemed to me, while Norton was recognizing the problem, it was not getting at the root cause - the virus was regenerating itself.
I ran Maleware Bytes on her system and it found several problems that were removed.  I am assuming suspicious.cloud.7.ep was one of these that was removed because Norton is longer giving the message.
But we are left with two problems - one is when we rebooted, we got a RegSrv32 message that said it could not find the lbpmex.dll.  I found a file C:\Users\Susan\appdata\local\Cpkics\lbpmex.txt.  I copied it and gave it a dll extension.  But now I am getting the message that I have attached.  I have looked on the internet for Cpkics and lbpmex.dll and can't find anything. 
The other problem is the Network Adapter is somtimes loosing its connection with the internet.  When trying to get on the internet she sometimes gets a message that the computer can't make the connection.  There is a link on that page to run diagnostics.  Clicking on that link produces another page that gives her an opportunity to get t... Read more

A:suspicious.cloud.7.ep removed but a few problems remain

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.===--RogueKiller--Download & SAVE to your Desktop RogueKiller for 32bit or Roguekiller for 64bit Quit all programs that you may have started.Please disconnect any USB or external drives from the computer before you run this scan!For Vista or Windows 7, right-click and select "Run as Administrator to start"For Windows XP, double-click to start.Wait until Prescan has finished ...Then Click on "Scan" buttonWait until the Status box shows "Scan Finished"click on "delete"Wait until the Status box shows "Deleting Finished"Click on "Report" and copy/paste the content of the Notepad into your next reply.The log should be found in RKreport[1].txt on your DesktopExit/Close RogueKiller+==============Please download AdwCleaner by Xplode onto your Desktop.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and wait for the process to complete.Click the Report button and the report will open in Notepad.IMPORTANTIf you click the Clean button all items listed in the report will be removed.If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.Close all open programs and internet browsers.Double click on AdwCleaner.exe to run the tool.Click the Scan button and... Read more

Read other 15 answers
RELEVANCY SCORE 59.2

Hi!
 
I happened by pure stupidity do download what i thought was a subtitle file from an untrusted site. The file ended up on my hdd as a .exe file and I immediately deleted it however shortly after I started getting "susicious cloud 7 EP" warnings in my norton 360. I ran norton powereraser, ESET online scan and malwarebytes rootkit remover but they all found nothing. However these warnings pop up. Can i please get some assistance to get rid of this possible "virus". Cant afford to let this computer go to waste.
 
Sincelery
A. N. 

A:PLZ help! suspicious cloud 7 EP warnings, suspected virus/rootkit

I would like to add that Norton found one virus/trojan in the subtitle download. That virus was called wa32.sape.cloud9.1. The download was from zilliontoolkitusa.info and it was supposedly a subtitle for "Ame Agaru" which is a Kurosawa movie that was quite enjoyable but sadly lacked proper subtitles.
 
Soon after Norton found another "virus" called mojo_system.dll. So the question is how I can remove the rest that is probably hiding on my hdd.

Read other 1 answers
RELEVANCY SCORE 58.4

I just need to know a Second opinion offline scanner with best detection ratio?Is Kaspersky Virus removal tool good? or Malwarebytes is better?
 

A:What is the best offline Malware scanner and Remover (not cloud engine) with top detection rate?

First off, there's no best on-demand scanner. Performance and detection ratio will vary constantly because each vendor has different resources, different team members, different encounters with malware in the wild, different shifts, etc.

Secondly, you can use 2 on-demand scanners if you'd like. Some people even use three or four, but I'd say one or two is enough.

I like HitmanPro (HMP and Emsisoft Emergency Kit (EEK) (of course unless you're already using HitmanPro.Alert which has an anti-malware engine or Emsisoft Anti-Malware), and after this my preference would be Zemana Anti-Malware (Free) and Norton Power Eraser/Malwarebytes Anti-Malware (Free).

Zemana Anti-Malware and Malwarebytes Anti-Malware (Free versions) supports on-demand scanning. You could use one or two and setup scheduled scanning, or run a scan quickly each week.

Many people started to dislike Malwarebytes after they tried to become a full AV replacement but I still like them, but their scanner is very slow even for me and my system resources are powerful. The fastest scanners I've seen though (for me) which are still extremely effective would be HMP and EEK.

Only thing is HMP uses the Bitdefender engine and so does EEK alongside their own engines as well. HMP also uses the Kaspersky engine and I believe another one.
 

Read other 0 answers
RELEVANCY SCORE 58

I got a laptop running Windows 7 which froze at startup (at the Windows logo) and it was impossible to get on the computer. With the help of Sharkoon quickport I managed to get access to the harddisk and used harddisk sentinal to check the quality of the harddisk: performance is 100% and health is 52%. Now I got access to the harddisk I ran chkdsk /f /r. After completing chkdsk and placing the harddisk back, the computer starts up, but takes a very long time to do so (about 13 minutes).Norton Internet Security (NIS) alerted me about Suspicious.Cloud.5 (from their website: "a detection technology designed to detect entirely new malware threats without traditional signatures") and put a file named bitef51.tmp in quarantaine.When checking the computer I found that the device manager was not accessible through  "Computer > Properties > Device manager". It reported the following error:  MMC can't open the file C:\Windows\system32\devmgmt.msc (translated from Dutch). Msc files are XML files and I saw that devmgmt.msc is not stored correctly and misses some XML in the beginning of the file when I compared it with a newly generated devmgmt.msc (created with info in this topic). It misses at least this part:<?xml version="1.0"?>
<MMC_ConsoleFile ConsoleVersion="3.0" ProgramMode="Author">
  <ConsoleFileID>{E4E0EE66-09EB-41D1-A4D6-6DA0E07928C5}</ConsoleFileID>
  <FrameState ShowStatusBar="true">Through compmgmt.msc I got access to ... Read more

A:Windows 7 startup slow, damaged system files and Suspicious.Cloud.5

Hi,Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.Please reply to this post so I know you are there.The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.Once I receive a reply then I will return with your first instructions.Thanks

Read other 9 answers
RELEVANCY SCORE 58

Disclaimer: I am neither an Avira or Malware-testing expert. Not click-bait either.

For Avira Antivirus users, you can enable this setting to get a notification before Avira wants to a Suspicious File(s) to their Cloud; Avira Protection Cloud (APC) for analysis.

Taken today, as tried to run a file from a simple web search - not recommended. It has a re-assuring fact that it's monitoring for anything suspicious. Avira Protection Cloud asking for permission with a list of file(s):


If found unwanted or malicious, it will be dealt with by Avira Antivirus - Security Alert shown below:


If you like what you see, you can enable this option in the settings window below:
Spoiler: Sending Suspicious Files to Avira (How-to)
Open Avira > Extra > Configuration (F8) > General > Advanced Protection.
Make sure "Enabled Protection Cloud" is checked and then mark "Confirm manually when sending suspicious files to Avira" > Apply and OK to save changes.


Sending suspicious files to Avira may vary depending on your computer usage and downloading habits.
 

A:Avira Free Antivirus sends suspicious files to Protection Cloud (APC)

Spawn said:


Disclaimer: I am neither an Avira or Malware-testing expert. Not click-bait either.

For Avira Antivirus users, you can enable this setting to get a notification before Avira wants to a Suspicious File(s) to their Cloud; Avira Protection Cloud (APC) for analysis.

Taken today, as tried to run a file from a simple web search - not recommended. It has a re-assuring fact that it's monitoring for anything suspicious. Avira Protection Cloud asking for permission with a list of file(s):

View attachment 143689
If found unwanted or malicious, it will be dealt with by Avira Antivirus - Security Alert shown below:

View attachment 143691
If you like what you see, you can enable this option in the settings window below:
Spoiler: Sending Suspicious Files to Avira (How-to)
Open Avira > Extra > Configuration (F8) > General > Advanced Protection.
Make sure "Enabled Protection Cloud" is checked and then mark "Confirm manually when sending suspicious files to Avira" > Apply and OK to save changes.

View attachment 143690
Sending suspicious files to Avira may vary depending on your computer usage and downloading habits.

Disclaimer: I am neither an Avira or Malware-testing expert.Click to expand...

All correct.
 

Read other 5 answers
RELEVANCY SCORE 53.6

I recently received an email message (during the Christmas holiday!!) purporting to come from my bank, saying that important changes had been made to my account and inviting me to open something. Of course I deleted the message without opening it.

However, I have Malwarebytes (paid version) running all the time (scan and protection log shows both place this afternoon, as a daily occurrence,) and AVG Cloud Care was also running (I will be replacing AVG soon). Neither alerted me to the email.

Should they have? if not, Malwarebytes is claimed to spot fishing messages; if so, why not?

Thanks.

A:Suspicious email "from my bank". Malwarebytes and AVG Cloud missed it.

Next time you get a suspicious mail, send it to Virus Total. That checks it with two dozen AV programs.

https://www.virustotal.com/

Read other 1 answers
RELEVANCY SCORE 53.2

Disclaimer: I am neither an Avira or Malware-testing expert. Not click-bait either.

For Avira Antivirus users, you can enable this setting to get a notification before Avira wants to a Suspicious File(s) to their Cloud; Avira Protection Cloud (APC) for analysis.

Taken today, as tried to run a file from a simple web search - not recommended. It has a re-assuring fact that it's monitoring for anything suspicious. Avira Protection Cloud asking for permission with a list of file(s):


If found unwanted or malicious, it will be dealt with by Avira Antivirus - Security Alert shown below:


If you like what you see, you can enable this option in the settings window below:
Spoiler: Sending Suspicious Files to Avira (How-to)
Open Avira > Extra > Configuration (F8) > General > Advanced Protection.
Make sure "Enabled Protection Cloud" is checked and then mark "Confirm manually when sending suspicious files to Avira" > Apply and OK to save changes.


Sending suspicious files to Avira may vary depending on your computer usage and downloading habits.

Disclaimer: I am neither an Avira or Malware-testing expert.
 

Read other answers
RELEVANCY SCORE 52.8

Norton 360 / Norton Internet Security / Norton AntiVirus 21.0 Public Beta

Norton 360 / Norton Internet Security / Norton AntiVirus 21.0 Public Beta - Norton Community






Welcome to the Norton 360 / Norton Internet Security / Norton AntiVirus 21.0 Public Beta!


We?re really excited about this year?s version of Norton 360, Norton Internet Security, and Norton AntiVirus. You can access the beta builds by going to the
Norton Beta Center | Norton

A:Norton 360/Norton Internet Security/Norton AntiVirus Beta

I haven't used Norton products for years, but I'm going to try that NIS beta !

Thanks theog !

Read other 5 answers
RELEVANCY SCORE 52.4

Hi, I installed norton personal firewall 2005. When I try to turn on intrusion detection feature i get an error "An error has occurred. If this error occurs again, uninstall then reinstall the product". I have tried running through all the steps on the Symantec support web site. Including removing all my spyware and firewall programs and unistalling and reinstalling all norton software and cleaning the registry of all symantec stuff. Nothing seems to work. I am at the end of my ropes! Please look over my log file! Thanks for your time!!!

Logfile of HijackThis v1.97.7
Scan saved at 5:29:36 PM, on 11/11/2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Personal Firewall\ISSVC.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\W... Read more

A:norton intrusion detection problem

Hi,

You have some spyware there mate.

Download Ad-Aware. Update it, boot to safe mode (Hit F8 Before Windows loads.) and run Ad-Aware.

You can also use spybot in safe mode to remove the spyware as well.

I would also goto Add/Remove programs after you have done what I said, click remove on the Nortons software. This should give you the repair option. Run that.

Also, have you updated Nortons to the latest version?

Hope this helps.

Read other 5 answers
RELEVANCY SCORE 52

Norton Security 2015 and Norton Security with Backup 2015 Offline Installer Download Links - Languages: English, Arabic, Chinese, Confederation of Helvetia (Switzerland), Czechs, Danish, Dutch, French, Hebrew, Hungarian, Hungarian, Italian, Japanese, Norwegian, Polish, Portuguese, Romanian, Russian and Slovak.
Compatible with Windows 8.1 / 8.1 Pro / 8 / 8 Pro / 7 / Vista / XP / XP Pro
Select your language by clicking on the web address below. If that does not work, please cut and paste the entire web address into the address field of your browser.

Norton Security 2015 Offline Installer Download Links
Click Here to Save 30% on Norton Security 2015

English
http://buy-download.norton.com/downloads/2015/22.0/NS/US/NS-TW-22.0.0-EN-US.exe

Arabic
http://buy-download.norton.com/downloads/2015/22.0/NS/AR/NS-TW-22.0.0-AR.exe

Chinese
http://buy-download.norton.com/downloads/2015/22.0/NS/CS/NS-TW-22.0.0-CS.exe

Confederation of Helvetia (Switzerland)
http://buy-download.norton.com/downloads/2015/22.0/NS/CH/NS-TW-22.0.0-CH.exe

Czechs
http://buy-download.norton.com/downloads/2015/22.0/NS/CZ/NS-TW-22.0.0-CZ.exe

Danish
http://buy-download.norton.com/downloads/2015/22.0/NS/DK/NS-TW-22.0.0-DK.exe

Dutch
http://buy-download.norton.com/downloads/2015/22.0/NS/NL/NS-TW-22.0.0-NL.exe

French
http://buy-download.norton.com/downloads/2015/22.0/NS/FR/NS-TW-22.0.0-FR.exe

Hebrew
http://buy-download.norton.com/downloads/2015/22.0/NS/HB/NS-TW-22.0.0-HB.exe

Hungarian
http://buy-download... Read more

Read other answers
RELEVANCY SCORE 52

I just started loading new software on a new computer - it looks like it is infected.  
Started getting Notices from Norton 360 - suspicious outgoing traffic.
I understand from previous posts that it is likely malware...
 
looking for help to remove

A:suspicious outgoing traffic Norton

Hi klaw Can you tell us what software you installed on the system that started triggering these alerts from Norton 360?

Read other 3 answers
RELEVANCY SCORE 52

Early this AM, I was in the Help and Support on my Dell home XP desktop, when initially I received a couple message popups, something about ActiveX stuff, just OK'd it, as was in my own computers support checking on modem information, then Norton gave me a message: "Script blocking detected suspicious activity"
"File: LL.exe ; object: file system object ; activity: get special folder ; This script was stopped."

Need to be clued in...what got through, and how, all the stuff I have on to stop big bad no-no files from playing with my nice and clean files like this? I have: Spybot, SpywareBlaster, X-Cleaner, Browser HijactBlaster, plus Norton AV.

Can anyone explain, and tell me what I did not do/or did do...and how not to/or how to prevent this stuff in the future? Don't wanna drop the ball and have something uninvited come on in and take up home on my system!

Thanx! Much appreciated!!

Leeann/parrotplay
 

A:Norton detected suspicious activity...now what?

Read other 9 answers
RELEVANCY SCORE 52

Good evening, I recently watched again this Norton security 2015 review, and I'd like to ask why Norton is so good at web prevention but it hasn't a good detection ratio on the malware pack.

Source of review: ThePCSecurityChannel
-https://www.youtube.com/watch?v=Pyqq2xURHJk
 

A:Norton bad detection ratio on malware pack

come on friend you are on MT ,now stop bothering about this type of so called test
 

Read other 4 answers
RELEVANCY SCORE 52

I have Norton 360 v3.0. It appears to do what its supposed to do. One thing it does "extremely well" is notify me via a pop up that it has detected and intercepted adware.gen. I click the "more details" and it tells me that my computer is "secure" and it tells me it has found a heuristic virus. The file locations appear to be found in two or three different locations - local settings\temporary internet files\content.ie5\6h7zt5kb\msgasst84[1]

Another is in documents annd settings\frank stuart\application data\messenger\drivers\aud32\msgasst84[1]

I have done comprehensive scans, registry scans, virus/spyware/scans ( after turning off system restore, and only turning it back on after getting back a 100% clean scan report.

The adware.gen doesn't seem to affect any functions in my computer - the thing that I just hate is how often Norton 360 detects these items and sends me a Pop Up telling me it has detected it and repaired it - and that my computer is secure. In the Norton log it tells me that sometimes it is detecting this item as often as every couple of minutes. I tried to find a setting that would allow me to turn off the pop up notifications - unless its important that I don't do that. No such luck finding such a setting

If I truly do have a virus of course I want to remove it - but if thats not the case , and Norton is just doing its job, I would just like to stop the pop up notifications.

I chatted online with a "Nor... Read more

A:Norton detection and removal of adware.gen - msgasst84

Hello fphaseiv,

documents annd settings\frank stuart\application data\messenger\drivers\aud32\msgasst84[1] - yes, this is malware and I see another on here that Norton is missing.


Quote:




I chatted online with a "Norton Virus Removal expert" who gave me a speel telling me that I definitely have a virus and that removing it manually is the equivalent of brain surgery and only someone with as much training as a brain surgeon should attempt to fix it. Then he asked me if I would like to proceed. When I said "sure" he then told me it would only cost me $129.00!!




I've got my surgical gloves and mask on, are you ready? (no anethesia necessary)


Download ComboFix from one of these locations:

Link 1
Link 2


* IMPORTANT- Save ComboFix.exe to your Desktop

====================================================


Disable your AntiVirus and AntiSpyware applications as they will interfere with our tools and the removal.


====================================================


Double click on combofix.exe & follow the prompts.

As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should y... Read more

Read other 17 answers
RELEVANCY SCORE 51.2

I was running a bittorrent program and I think I downloaded some bad stuff accidentally. My Norton showed a suspicious.mystic was detected and then all hell broke loose. My computer got the blue screen of death, I shut it off manually. When I restarted, my desktop shows up but there are no icons and I can't do anything. Norton still pops up and I see a "suspicious.mystic has been detected" popup from Norton and then I receive the blue screen again. I tried starting it up in safemode but I still can't do anything so I can't go to internet and download any removal programs.I'm pretty much a novice when it comes to the inner workings of computers so I'm completely over my head with this one. Can someone help!?I'm running windows XP, service pack 2 I think. Not sure what other specifics I can provide.Edit: Now Norton says it has removed the suspicious.mystic but I still have my desktop and nothing else. No icons or anything.

A:Help! Suspicious.mystic virus detected by Norton

Hello and welcome to Bleeping Computer! We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine. If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.If you have already posted a DDS log, please do so again, as your situation may have changed.Use the 'Add Reply' and add the new log to this thread.Thanks and again sorry for the delay.We need to see some information about what is happening in your machine. Please perform the following scan:Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scrDDS.pifDouble click on the DDS icon, allow it to run.A small box will open, with an explaination about the tool. No input is needed, the scan is running.Notepad will open wit... Read more

Read other 2 answers
RELEVANCY SCORE 51.2

Ran a MBAM scan when I seemingly downloaded a dubious file. Result was a Malware.Packer.CV and Norton power eraser found a file in System 32 it was unable to delete.
 
The file it found was wqlhlnn.sys
 
Help is much appreciated at the earliest.
 
EDIT: I haven't launched the .exe file the malware was found in when it got detected.

A:Malware Packer and detection by Norton Power Eraser

Can you post the entire file location path?
 
Reason I ask is you can boot into safe mode and paste the entire file location into File Assassin it should delete it.
https://www.malwarebytes.org/fileassassin/

Read other 12 answers
RELEVANCY SCORE 50.8

Hi

I went to download a game from this website (hxxp://www.americanlonghaul.com/download.php) when Norton flagged that a certain file needed attention, something like 'ad' followed by some numbers. I physically disconnected, cleared all internet history I could (from within Firefox) and ran a full system scan with Norton Internet Security (2010). After nothing was found I looked at the running processes. There were a few I didn't recognize (such as: EZEJMNAP.EXE, BJMYPRT.EXE, tpfnf7sp.exe, TPHDEXLG.exe, TpScrex.exe and TpShocks.exe) but didn't take any chances. I re-connected and followed through the first steps listed on the website.

I am running Windows XP, but am unsure of the service pack. I'm using a Lenovo Thinkpad (but am unsure of the model number). I have not had any malware/spyware or adware symptoms (I thought I would have the latter) had it has been about 11 hours of use since I first saw Norton flag the file as needing attention, and nothing else has appeared. Just wanted to confirm if the machine is infected or not.

DDS (Ver_10-03-17.01) - NTFSx86
Run by User at 14:41:57.28 on Fri 25/06/2010
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_17
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2013.1241 [GMT 10:00]

AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8}
FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220}

============== Running ... Read more

A:Norton flagged file needing attention - suspicious

Hi -

I don't see any sign of active infection in those logs. The processes you've listed out are all legit. Many are part of your Lenovo software.

Example, tpscrex.exe in Running Processes:

C:\Program Files\Lenovo\Zoom\TpScrex.exe


http://www.systemlookup.com/search.p...ch=tpscrex.exe

BJMyPrt.exe is Canon Printer related

C:\Program Files\Canon\MyPrinter\BJMyPrt.exe

http://www.systemlookup.com/search.p...ch=BJMyPrt.exe

You can use that site for other files you have questions about.

I do see something which needs your attention.

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs):

J2SE Runtime Environment 5.0 Update 16
J2SE Runtime Environment 5.0 Update 6

These are all outdated, and security risks by having them installed still. Unfortunately, Java does not uninstall these older versions when you update, nor tell you that you should. Java(TM) 6 Update 17 can be updated from the Java control panel Start > Control Panel (Classic View) > Java (looks like a coffee cup) > Update Tab > Update Now. An update should begin; follow the prompts.

Going forward, Java will overwrite existing installs, so removing older versions should not be required after this.

Once the install is complete...

Go into the Control Panel and double-click the Java Icon. (looks like a coffee cup)On the General tab, under Temporary Internet Files, click the Settings button.
Next, click on ... Read more

Read other 3 answers
RELEVANCY SCORE 50.8

Norton Security 7.1.1 & Norton AntiVirus 7.1.1 for Mac is now Available!

We have completed testing our latest update of Norton Security 7.1.1 & Norton AntiVirus 7.1.1 for Mac and have released the update via LiveUpdate ONLY. This update is now available in all supported languages. To download it, simply run LiveUpdate.

Note: A reboot is required to apply the patch.

To verify you have received the new update, from the Norton Security product, from the Menu, click Norton Security -> About Norton Security.

Below FAQ's addresses some common questions:

1. How can I download this update?

The patch update is available only through Live update.

2. What are the languages this update is available for?

All supported languages.

3. Changes/Bug Fixes:
Null appears in Menu Bar when clicked on Norton Security / Antivirus Forum thread1, thread2, thread3
Norton icon in Menu Bar does not appear post 7.1 update Forum thread1, thread2
Norton Security / Antivirus for Mac does not start or launch Forum thread1, thread2
Latest LiveUpdate and Scan activities are not logged under Security History Forum thread

Source: Norton Security 7.1.1 & Norton AntiVirus 7.1.1 for Mac is now Available!
 

Read other answers
RELEVANCY SCORE 50.8

Norton Security 7.1 & Norton AntiVirus 7.1 for Mac is now Available!

We have completed testing our latest update of Norton Security 7.1 & Norton AntiVirus 7.1 for Mac and have released the update via LiveUpdate. This update is now available in all supported languages. To download it, simply run LiveUpdate.

Note: A reboot is required to apply the patch.

To verify you have received the new update, from the Norton Security product, from the Menu, click Norton Security -> About Norton Security.

Below FAQ's addresses some common questions:

1. How can I download this update?

For Norton Security 7.0 run LiveUpdate manually to receive the update 7.1. You can also download Norton Security 7.1 directly from
Norton Portal: Norton.com/SetUp.
For Norton Antivirus 7.0, update available only via Live Updates.

2. What are the languages this update is available for?

All supported languages.

3. Changes/Bug Fixes:
Fixed the issue where Quick Menu icon is barely visible when "Use dark menu and dock" is enabled in system prefs Link
Resolved an issue where Application Blocking does not retain allowed or blocked Apps Link
Alert "An unknown service port (Port xxx) is starting on your mac." keeps popping up continuously issue addressed Link
Fixed an issue where LiveUpdate does not complete when run from Norton interface
Fixed "Server error: We're working to resolve an issue that prevents us from completing your request. Try again later (-6)&q... Read more

Read other answers
RELEVANCY SCORE 50.8

We are pleased to announce that a Windows 10 compatibility update is now available for Norton Security and Norton Security with Backup, updating the version to 22.5.0.120. This update is available via LiveUpdate, and will be automatically downloaded and installed. If you wish to receive the update immediately, simply run LiveUpdate manually. This update is available for all languages.

As with our previous updates, this version is being released in a phased manner; see the below FAQs for details. A reboot will be required for all supported operating systems.
[Note: Microsoft has not yet released Windows 10 Operating System officially]

To verify you have received the update, launch the Main User Interface, click on Help, and select About:

The FAQs below answers some common questions:
What is the version number for this patch?
The version number is 22.5.0.120. This update is currently available via LiveUpdate.

When will I receive the patch?
As is our standard practice, we are deploying the patch in a phased manner. We have released the patch to randomly selected customers, and will then monitor our telemetry and forum feedback for any problems or issues. Once we have confirmed the effectiveness of the patch, we will make it available to all customers. We will post an update on the Norton Community Forums when we make the patch available to all customers.

How can I manually install these patches?
For the products listed above, run LiveUpdate manually to receive the upd... Read more

A:Norton Security and Norton Security with Backup 22.5.0.120 Final

Thanks updating now.
 

Read other 27 answers
RELEVANCY SCORE 49.6

Hello to all,

today saw a commercial about Kaspersky Security Cloud. Was thinking whaaaattt...??!!

So today reinstalled Windows 10 64bit clean on a new GPT EFI Dynamic Drive and must say, that thing is snappy.

Kaspersky Version 18.0.0.405(b)

The interface and features feel allot like the Internet Security 2017 but allot more smooth.

My Question to you all here in the Community is how do you think about it?

My Security config. changed again. Will post a new one soon.

Best regards
Val.
 

A:Kaspersky Security Cloud?

I'm waiting that Kaspersky releases it in Belgium to buy it ! But it looks very promising
 

Read other 0 answers
RELEVANCY SCORE 49.6

My computer has the Open Cloud Security virus. I followed the steps to get rid of it, but they have failed.
1. I started my computer in safemode with networking
2. I checked the internet options but the box was not checked to begin with so skipped that step
3. Downloaded and ran r-kill. It got rid of the dialog boxes for Open Cloud
4. Ran Malwarebytes antimalware. Tried to run Quick scan and Full scan. Both failed after a few seconds and then cannot open Malwarebytes anymore.
It shows Error message reading: Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.
If i resintall the program, it will open again and then fail the same way.

Ran dds and gmer.

gmer fails a 20 seconds in and gets the same error as Malwarebytes. I saved the log file before it failed.

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Sarah and Steve at 16:36:46 on 2011-09-28
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\3788055388:2749117982.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.exe
C: ... Read more

A:Open Cloud Security

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/420949 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 49.6

I'm a computer consultant and three of my clients have been infected with this virus in the last 2 weeks. One was so bad that I had to run a recovery back to the origin of the computer. On the other two computers I had removed Open Cloud from startup and then all the files it created manually. I was then able to run Malwarebytes on this computer and it found the malware and others. (I wasn't able to run any scans on the second computer, including McAfee.) But then I had further problems - either the computer was excruciatingly slow, or as on this computer, when you click on All Programs, only McAfee is listed! I also get some startup errors that I didn't get before. Then I found the post about TDSSKiller. I ran it and RKill (Explore.exe) on both computers and nothing changed. I gave up on the other computer and did a full recovery. I'm hoping I don't have to do that on this one. There are lots of files to backup and several programs to reinstall. I've attached the files you need to analyze the problem. Thanks, Leslie

A:Open Cloud Security/AV

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/423685 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 9 answers
RELEVANCY SCORE 49.6

Hello, I have open cloud security taking over my computer. PLEEEEEEASE HELP.
Here is my Hijack this logfile.
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ... Read more

A:Open Cloud Security

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/420173 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 49.6

Moving Security to the Cloud. (2 web pages)

Combining scanning approaches could keep PCs safe from viruses.

-- Tom
 

A:Moving Security to the Cloud

Cool article, Thanks for postint! it will be interesting to see how this theory plays out. It makes a lot of sense.
 

Read other 3 answers
RELEVANCY SCORE 49.6

Hello,
 
 I am currently doing a project on cloud computing security. I am trying argue about how secure the cloud is and am doing researcher to that end. I am reaching out to any cloud security professionals or anyone that has any information on cloud security. If you just want to give your opinion on cloud security, that is fine too. I want to know what people think about the security of the cloud. 

A:Cloud Computing Security

Are you doing data security in the "cloud"? Or Security as a service (cloud security)?

Read other 2 answers
RELEVANCY SCORE 49.6

Partly Cloudy With a Chance of Data Compromise: Cloud Security Quiz

I got 16/20
all the best
 

A:cloud security quiz

Interesting to freshen up your knowledge, got 16/20 where visiting on forum and reading articles should really help you out to learn and not take it as granted.
 

Read other 0 answers
RELEVANCY SCORE 49.2

I currently have Norton Systemworks 2002 (with Cleansweep, Ghost, WinDoctor, etc)... last week, my tech support at Gateway suggested that I could improve online performance by *upgrading* to Norton Internet Security 2004.

Today I rec'd the box in the mail, and the first thing I noticed was that the 2004 software doesn't include any of those handy-dandy utilities I want those!!!

Gateway says to go ahead and un-install the 2002 software, then install the new 2004 software to *see if the utilities might be on there anyway*...

I smell computer havoc ahead.... help
 

A:Replace Norton Systemworks 2002 with Norton Internet Security 2004?

Those 2 programs are not the same. Nortons Systemwork is all the system tools for defragging, scanning registry, etc. Along with anti-virus and such.

Nortons Internet security is a Firewall, and not a good one at that. If they sent you just internet security, then it's only the firewall. What it sounds like you need/want is Nortons Systemworks 2004.
 

Read other 3 answers
RELEVANCY SCORE 49.2

Hi everyone. I have Norton Internet Security 2004 which includes the firewall and Norton Antivirus. Unfortunately, I have lost the password to the Norton Antivirus section to where I can no longer change the settings in Norton Antivirus. How do I recover my password? I looked in the help menu but nothing in there was able to help me. Please help!
 

A:Norton Internet Security 2004 lost password for changing options in Norton AntiVirus

I'm guessing that nobody knows how to help me?
 

Read other 1 answers
RELEVANCY SCORE 49.2

I've got a Sony-Vaio laptop with Windows Vista Home Premium SP1 and Norton Internet Security 2007 on it. I would like to upgrade to NIS 2009. I have already talked to a Symantec Support technician, and he has told me that there are basically two ways of removing NIS 2007 if I want to upgrade to NIS 2009: run the removal tool twice to get rid of NIS 2007, then install NIS 2009, or let NIS 2009 remove NIS 2007. I don't know which is the better option, can't make up my mind. Does anyone have experience with such an issue?
 

A:Solved: Remove Norton Internet Security 2007 with Norton removal tool or let NIS 2009

Read other 6 answers
RELEVANCY SCORE 49.2

Hi everyone on this helpful websiteFirst i must apologize for my language since I am not a native english speaker and I just try my best to write gramatically correct english hoping you guys can understand me and may give me a helping hand.Back to the theme:I've read the guide teaching how to remove OpenCloud Security on this site.http://www.bleepingcomputer.com/virus-removal/remove-opencloud-securityI have followed every step however I have not succeeded The problem shows at step 14 while running Malwarebyes' Anti-malwareI did run RKill, but Malwarebyes' Anti-malware just still cannot run the scan.Everytime I start scanning , it is shut down very soon, maybe a few secs after starting.I guess it's probably interrupted and terminated by Open Cloud Security.So I wonder if RKill did not succesfully do its job?After the black window closed, notepad pops out with only the below"This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 09/2011 Sunday at 20:03:51. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: Rkill completed on 09/2011 Sunday at 20:03:53. "Other than Malwarebyes' Anti-malware, I tried Spy Doctor, Trojan Killer, HijackThis.And they result in the same, being shut down very shortly after starting scanning.The softwares are unable to be opened again after they are shut down. (de... Read more

A:Need help on Open Cloud security removal

Ronarch,The information provided shows the characteristics of the ZeroAccess Rootkit.First, let's take care of this file:C:\Windows\4241468026:2236952579.exeIt throws a wrench in the works, and programs will not run successfully...Please download DummyCreator.zipUnzip the folder:Right-click and select: Extract allFollow the prompts to extractOpen the new folder that appears on the Desktop:Double-click DummyCreator/DummyMaker to run the tool.Now, copy/paste the following into the blank area:C:\Windows\4241468026Press the Create button. Save the content of the Result.txt to your Desktop, and post it in your reply.Next, restart the computer!Please do not run any malware removal programs while we are in the process of malware repairs. Doing so may just make matters worse, and that, you do not want!Thanks!

Read other 1 answers
RELEVANCY SCORE 49.2

What is the best cloud storage company?
 

A:Cloud Storage in terms of Security?

Probably should add in what you're comparing (price points, speed, free stroage etc) so what we know what you're looking for.
 

Read other 6 answers
RELEVANCY SCORE 49.2

Cloud data security still a challenge;
Despite the continued importance of cloud computing resources to organisations, companies are not adopting appropriate governance and security measures to protect sensitive data in the cloud.
These are just a few findings a Ponemon Institute study titled ?The 2016 Global Cloud Data Security Study,? commissioned by Gemalto. The study surveyed more than 3 400 IT and IT security practitioners worldwide to gain a better understanding of key trends in data governance and security practices for cloud-based services.

According to 73% of respondents, cloud-based services and platforms are considered important to their organisation?s operations and 81% said they will be more so over the next two years. In fact, 36% of respondents said their companies? total IT and data processing needs were met using cloud resources today and that they expected this to increase to 45% over the next two years.
Although cloud-based resources are becoming more important to companies? IT operations and business strategies, 54% of respondents did not agree their companies have a proactive approach to managing security and complying with privacy and data protection regulations in cloud environments. This is despite the fact that 65% of respondents said their organisations are committed to protecting confidential or sensitive information in the cloud. Furthermore, 56% did not agree their organisation is careful about sharing sensitive information in the cl... Read more

A:Cloud data security still a challenge

Thanks for sharing

As a paranoid penguin, I never use cloud data storage
(I must also admit that I have no need to share data with other devices by cloud )

For some companies, I think it's safer to backup their data on their own "cloud".
 

Read other 5 answers
RELEVANCY SCORE 49.2

Don't believe anyone who says cloud computing is just a buzzword, doomed to become the next failed, overhyped industry former technology darling. Cloud computing is already here, and if you don't learn to secure it, you won't have much of a job to cling to in the not-too-distant future. Think of the information security version of a Cobol programmer.



Link -
Learn cloud security before it&#039;s too late | Security Central - InfoWorld

Read other answers
RELEVANCY SCORE 49.2

Your Security? Not Our Problem, Say Cloud Providers.
So, apparently from a cloud provider perspective, it is the cloud computing users' fault that cloud providers aren't making cloud security a high priority. If their customers don't demand it, cloud providers say they aren't going to provide it.

But this belief seems to be undercut by the result of the survey: "... [while] 69 percent of cloud providers see the cloud user as most responsible for security, ... only 35 percent of users believe they are most responsible for ensuring security."

This leads to a situation, the survey notes, where "... neither the company that provides the services nor the company that uses cloud computing seem willing to assume responsibility for security in the cloud."

Hackers must be laughing all the way to the bank. However, as a customer of those companies using cloud computing services, I don't like particularly being put at risk because of the discord.
...
Words of advice to potential cloud customers: Caveat emptor.

For customers of companies using clouds: Check your credit score often.Click to expand...

-- Tom
 

Read other answers