Calis Beach and Fethiye Turkey Discussion Forum
General Topics => Computer Problems & Questions, Virus/Scam Warnings => Topic started by: loz on July 15, 2014, 21:17:30 PM
-
I appear to have attracted a computer virus, an nasty little thing cnd.cloudwm .com
I have tried everything, it has bypassed both my spyware/malware and McAfee, I have check control panel and programs features etc, it is not there, I have looked in the program file,nope not there, it has managed to affect all browsers, luckily Chrome halts use of Network takers. so this little devil is extremely good at hiding, I eventually manage to download a tool called junkware removal tool, something that I did not want to do.
So far so good, I am not happy to open anything too important, has any members had this demon and if so how did you get rid.
and not forgetting .downyueliang. com
-
Have you tried either Malwarebytes or Spybot SD?
JF
-
Thanks John, I have spybot and it did not pick this up. I will give malwarebytes a go.
-
Give it a go and let me know how it goes. After you've installed MWB run it in safe mode, and while you're there try McAfee again as according to their site it should pick it up.
JF
-
Download malwarbytes and run the scan, I still have this message when I open Chrome
(http://s20.postimg.org/mpvm4nar1/err.jpg) (http://postimage.org/)
how to capture screen (http://postimage.org/app.php)
it is now everytime I click a link the cnd.cloudwm open too.
taking it back to factory settings will not helpmuch either? no?
-
No it wont. Give me ten mins to have a look at a manual removal.
JF
-
Check your programs, is there one named "HD Streamer" or something very similar?
If there is, delete it.
Manual removal is a bit sketchy, I haven't found a trustworthy source for removal instructions as yet.
I'm not sure why Malwarebytes isn't picking it up, or McAfee come to that as they are both aware of the issue.
Two last cleaners to try:
http://download.cnet.com/Yet-Another-Cleaner/3000-2086_4-75959789.html (http://download.cnet.com/Yet-Another-Cleaner/3000-2086_4-75959789.html) use the "direct download link" below the large green button.
http://superantispyware.com/ (http://superantispyware.com/) - not used this one but it was recommended on the official Microsoft forum.
If you know how to, deleting personal profiles on Firefox and Chrome may also help.
JF
-
I can't see anything odd in the files, but then again, it must be there as I am now getting double underscore
this is the page that continues to pop up.. http://cdn.cloudwm.com/uploads/19/pop/pop.html?url=http%3A%2F%2F20d625b48e.se%2F%3Fplacement%3D400298%26redirect%26test
-
You wont see anything odd, these things hide by looking normal.
Are you on Win7? Go to "Programs and Features" and look for HD Streamer or any other program thats been installed recently (look at the instal dates) that you didnt instal yourself. If there is something there, remove it.
JF
-
Windows 8, I have looked at the install dates, nothing there. there is something now that Malbytes continues to pop up with, blocking programes(86)chrome or firefox apps
(http://s20.postimg.org/s2kgirynh/err2.jpg) (http://postimage.org/)
image search (http://postimage.org/)
-
Ok, its detected that Firefox is infected and blocking the outbound link. Check your Firefox extensions (add-ons) to see if there are any you didnt install.
JF
-
Loz just one small thought - is your computer date & time correct? I got the cannot connect to the real www.google etc screen when my tablet was about a month out of time. Won't solve everything but worth mentioning.
-
Date etc all correct,
the red warning comes up in all browsers, I rarely use IE and it is there, Sarfari firefox both rarely used and Chrome used mainly, so which ever browser I open the pop up comes and refers to the file for that browser, yet I can't see anything there, it is a nasty little chap. (yep being polite)
-
It'll refer to the browser file because it is the browser thats opening up the malicious link.
Concentrate on extensions/add-ons and browser profiles.
JF
-
I have tried and now going round in cirlcles, If I can get into seach I will look for a local techy and send it to hospital. either thast or throw ikt out the window!!!!
Thanks for trying though, it is appreciated.
-
Hi Loz
I was going to suggest you come and see me in Calis, but noticed you're in the UK.
Not heard of this one before. If you've not thrown it out of the window yet, download and run a little program called adwcleaner, probably best from a site like cnet, to make sure you get a genuine version. (you can't be too careful). It's very small and good at what it does. A word of caution, about trying various different programs that say they remove this and that. Stick to the well known ones. Whether they do the job or not is another matter, they all have strengths and weaknesses.
All this malware has unfortunately been invited onto your computer. This is usually the reason your normal protection doesn't pick it up.
Will be interested to know if you have any success.
-
Thank you Rik for your offer, the offending article is not yet in computer heaven, it is in in computer hospital being operated on, I hope it come out of intensive care very very soon.
I will keep the adwcleaner in mind.. I just find it strange that I found no trace of anything suspect in a folder.
-
Why dont you contact mcaffee support? They may be able to remove it from remote computer
-
McAfee support? Are they still going? I am still awaiting their reply. The only reply so far is asking if I would like to spend more money on something I paid for thinking I was protected. I will await their reply.
-
Computer is fixed, took days to sort, cost £60 but worth it.
Apparently McAfee did not pick up on the spyware or the virus, even though I paid for MF back in Dec/Jan it now has Kaspersky,
Thanks to all for you help especially John F.
-
A decent chap then, fixed for £60 seems very reasonable to me :)
-
Local shop, flat rate, included VAT, if it was a private house I would have to think twice, another started at £20 then £20 an hour thereafter, I never gave PC world a thought, I try to forget they exist, now they are rip offs,
I think I will go back to college theres money in them hills!
-
Lorraine's laptop has definitely been fixed, I hardly even knew she was sitting opposite me all night, she's so quiet , back in " laptop heaven " !! ;D By the way, there was no chance of the beastie going " out of the window ", :o I bought it as a Christmas present for my darling Lorraine last December, and I could have bought a decent second hand car for the same frickin' money !! :'( :'( :'( :'(
-
Local shop, flat rate, included VAT, if it was a private house I would have to think twice, another started at £20 then £20 an hour thereafter, I never gave PC world a thought, I try to forget they exist, now they are rip offs,
I think I will go back to college theres money in them hills!
Pity you weren't here, I would have fixed it for free, almost certainly while you waited.