| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 138425 | 2014-11-27 18:10:00 | "Suspicious Cloud 9b": do I (still) have it or not? | argus (366) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1389082 | 2014-11-27 18:10:00 | Recovered my desktop from what was apparently a virus attack. Successfully cleared three viruses (THREE! When nothing was reported the previous day) but Norton Internet Security (and yes, I know how cynical we all are about Norton) reports that I an still infected with Suspicious Cloud 9b. MalwareBytes, on the other hand, says I'm clean. My system isn't displaying any of the reported effects of Suspicious Cloud (degraded performance and unknown processes taking up vast amounts of CPU capacity). I'm inspecting running processes periodically and can see nothing that doesn't belong. While Norton claims to detect Suspicious Cloud, it says it can't remove it. The virus was apparently lurking in a spam email in the Thunderbird trash bin as a *.scr file in a *zip archive. Instructions found elsewhere for weeding out the virus are deplorably vague. "Start Regedit and clean out from the registry anything associated with Suspicious Cloud". It's hardly going to be obvious which elements are associated with it and I'm always cautious about regediting. Other sets of instructions are quick to cut over from text to video of shaky, blurry screenshots which are very little help. Can anyone (a) recommend a (preferably free) malware checker that will verify whether or not I still have this infection and (b) Direct me to a workable set of instructions for removing it. I'm not panicking, because I'm seeing none of the claimed signs of the virus's activity and no really confidential things like bank passwords have ever been used on this machine. But I can't feel completely comfortable until I know I've got rid of Suspicious Cloud 9b. Thanks in advance. |
argus (366) | ||
| 1389083 | 2014-11-27 18:33:00 | Do it manually: getridofallmalware.blogspot.co.nz If you don't see all the files, then Nortons is giving you a false positive. Then, either way - ditch Nortons. Conatct Wainuitech for NOD32, he is the agent for it. It's a far better product. |
pctek (84) | ||
| 1389084 | 2014-11-27 22:11:00 | www.symantec.com "Suspicious.Cloud.9 is a detection technology designed to detect entirely new malware threats without traditional signatures. " So the virus isnt actually called suspicious.cloud.9 , thats just the tech Norton use to detect it. Searching the registry for that would therefore be a stupid suggestion :rolleyes: So more info needed. What files does norton think are infected ? Scan those files online via Virus total. https://www.virustotal.com/ Or scan with Hitman Pro www.majorgeeks.com Just remember to temp disable Norton when using another malware scanner , otherwise it simply may not scan those files . |
1101 (13337) | ||
| 1389085 | 2014-11-27 22:38:00 | empty the thunderbird rubbish bin then I think your alert will go away, Nortons is detecting it there but the virus is not active. as for other mailware detectors I some times use stinger |
beama (111) | ||
| 1389086 | 2014-11-28 00:10:00 | www.symantec.com "Suspicious.Cloud.9 is a detection technology designed to detect entirely new malware threats without traditional signatures. " So the virus isnt actually called suspicious.cloud.9 , thats just the tech Norton use to detect it. Searching the registry for that would therefore be a stupid suggestion :rolleyes: Thank you Techy. I send him a link so he didn't have to search. |
pctek (84) | ||
| 1389087 | 2014-11-28 02:17:00 | Thanks: properly deleting the emails in the "deleted" bin seems to have done the trick. I had, of course, secure-deleted the offending attachment already, but that didn't seem to be enough for Norton. I will look at NOD32 too. Thanks for the advice. |
argus (366) | ||
| 1 | |||||