Over 1 million tech questions and answers.

trying to remove open cloud security

Q: trying to remove open cloud security

Hi, I've had the open cloud security problem for about 2 weeks now, at first it kept popping up over and over again telling me I had all kinds of threats etc., I Googled it and followed the instructions for removal with the malwarebytes' malware removal kit, and it would find some infected files, and then the scan would stop just before it finished saying it experienced some kind of error. I also ran AVG and found some infected files, put them in the virus vault, and then emptied the vault. I put the open cloud security link from my desktop into the trash can and then emptied it, and the pop-ups about me being infected stopped, but I'm assuming it's still on here because I didn't really do anything, so I came on here, I read the preparation guide for removing the malware, and I downloaded the recommended files and ran the scans, and I'm attaching them below. I'm not very good with any of this, and I would really appreciate any help with removing it. Thank you.
opencloudsecurity.log 6.06KB
0 downloads
DDS-opencloudsecurity.txt 23.79KB
1 downloads
Attach-opencloudsecurity.txt 8.58KB
0 downloads

RELEVANCY SCORE 200
Preferred Solution: trying to remove open cloud security

I recommend trying the free service from Zip Cloud. It's currently our users' favorite backup and storage solution and will save you headaches down the line.

You can get it direct from this link http://goo.gl/rFYDxc. (This link will open the Zip Cloud homepage.)

A: trying to remove open cloud security

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download AntiZeroAccess by Webroot to your DesktopDouble-click antizeroaccess.exe to run the program.NOTE: If running Vista or Windows 7, make sure to Right-click on it and select Run as an Administrator.
At the black window, type y and then press Enter.Once AntiZeroAccess has finished scanning, a report AntiZeroAccess_Log.txt will be created in the same location as the program.Please post the contents of the report in your next reply, and let me know how your system is running now. :thumbup:---Download http://public.avast.com/~gmerek/aswMBR.exe (aswMBR.exe) ( 511KB ) to your desktop. Double click the aswMBR.exe to run it Click the "Scan" button to start scan. Upon completion of the scan, click Save log, and save it to your desktop. (Note - do not select any Fix at this time) <- IMPORTANTPlease post the contents of that log in your next reply.There shall also be a file on your desktop named MBR.dat. Right click that file and select Send To>Compressed (zipped) folder. Please attach that zipped file in your next reply.===Please DownloadTDSSKiller.zip>>> Double-click on TDSSKiller.exe to run the application.Click on the Start Scan button and wait for the scan and disinfection process to be over.If an infected file is detected, the default action will be Cure, click on Continue
If a suspicious file is detected, the default action will be Skip, click on Continue
If you are asked to reboot the computer to complete the process, click on the Reboot Now button. A report will be automatically saved at the root of the System drive ((usually C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt" (for example, C:\TDSSKiller.2.2.0_20.12.2009_15.31.43_log.txt). Please copy and paste the contents of that file here.If no reboot is required, click on Report. A log file will appear. Please copy and paste the contents of that file in your next reply.Please post the logs for my review. Let me know what problem persists.

Read other 5 answers
RELEVANCY SCORE 68

I'm a computer consultant and three of my clients have been infected with this virus in the last 2 weeks. One was so bad that I had to run a recovery back to the origin of the computer. On the other two computers I had removed Open Cloud from startup and then all the files it created manually. I was then able to run Malwarebytes on this computer and it found the malware and others. (I wasn't able to run any scans on the second computer, including McAfee.) But then I had further problems - either the computer was excruciatingly slow, or as on this computer, when you click on All Programs, only McAfee is listed! I also get some startup errors that I didn't get before. Then I found the post about TDSSKiller. I ran it and RKill (Explore.exe) on both computers and nothing changed. I gave up on the other computer and did a full recovery. I'm hoping I don't have to do that on this one. There are lots of files to backup and several programs to reinstall. I've attached the files you need to analyze the problem. Thanks, Leslie

A:Open Cloud Security/AV

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/423685 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 9 answers
RELEVANCY SCORE 68

Hello, I have open cloud security taking over my computer. PLEEEEEEASE HELP.
Here is my Hijack this logfile.
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Citrix\ICA Client\concentr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Citrix\ICA Client\wfcrun32.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = ... Read more

A:Open Cloud Security

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/420173 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 68

My computer has the Open Cloud Security virus. I followed the steps to get rid of it, but they have failed.
1. I started my computer in safemode with networking
2. I checked the internet options but the box was not checked to begin with so skipped that step
3. Downloaded and ran r-kill. It got rid of the dialog boxes for Open Cloud
4. Ran Malwarebytes antimalware. Tried to run Quick scan and Full scan. Both failed after a few seconds and then cannot open Malwarebytes anymore.
It shows Error message reading: Windows cannot access the specified device, path or file. You may not have the appropriate permissions to access the item.
If i resintall the program, it will open again and then fail the same way.

Ran dds and gmer.

gmer fails a 20 seconds in and gets the same error as Malwarebytes. I saved the log file before it failed.

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.7600.16385
Run by Sarah and Steve at 16:36:46 on 2011-09-28
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\3788055388:2749117982.exe
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.exe
C: ... Read more

A:Open Cloud Security

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/420949 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 67.2

Hello,

My laptop running Vista is infected with Open Cloud AV. I have tried rkill and Malwarebytes, which removed the Vista Antivirus from the same computer last May. This time, the first time I used rkill, under "processes terminated," it just listed "xe." Every time I try to run it again, it lists no processes terminated. I can start a Malwarebytes scan but it disappears after a few seconds. When I try to run it again, I get the message "Windows cannot access the specified device...you do not have permission etc." I checked for TDSSkiller and it found 1 hidden file and 1 forged file that were suspicious objects with medium risk. They only offered the Skip, not Cure, option, and then said No Threats Found.

I have the DDS.txt log but could not get a GMER log--I got to the point of unchecking the appropriate items and clicking Scan. It started to scan and it too disappeared after a few seconds.

Your help is greatly appreciated! Thanks.

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.6002.18005 BrowserJavaVersion: 1.6.0_26
Run by Dad at 23:22:07 on 2011-10-07
Microsoft? Windows Vista? Home Premium 6.0.6002.2.1252.1.1033.18.2939.2105 [GMT -4:00]
.
AV: McAfee VirusScan *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
FW: McAfee Personal Firewall *Disabled*... Read more

A:trying to remove Open Cloud AV, malwarebytes disappears

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\Windows\2728143509
Press Create button and post the content of the Result.txt.

Important: Restart the computer.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is... Read more

Read other 75 answers
RELEVANCY SCORE 67.2

When following the instructions for removing the Open Cloud Security, I get to the Malwarebytes Anti-Malware scanner and can see the scanning screen, but after a short period of time, less than 1 minute, I return to my desktop. I do not get the scan finished message box, or the dialog box showing the scan results. What do I need to do? Thanks

A:Remove Open Cloud Scan Stops

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

Read other 4 answers
RELEVANCY SCORE 67.2

I have tried everything to get rid of Open Cloud Security, and am having no luck.I got rid of the annoying popups, but some random exe file (3571092410.exe) continues to start every time except when I launch Safe Mode WITH Alternate Shell/Command Prompt.The random exe is blocking programs such as my Anti-Virus, Anti-Spyware, Regedit, etc. from executing as needed. I also suspect it may be spoofing certain programs, b/c when I run rkill it immediately closes but then opens again and finds nothing to kill here.Please help!Hi there,I am working with a nasty little virus.More details at this thread:http://www.bleepingcomputer.com/forums/topic421299.htmlBascially, I have tried everything. The DDS log is attached. Although I can find't the attached.txt that is suppose to be zipped. The random exe files in the root are renamed versions of rkill. However, I can't explain the random ones in the Windows directory.Gmer throws an error that it found system modifications and wants to run a full scan. But doing so causes it to crash. Image attached.Please help. Thanks.Merged topics then posts. ~ OB

A:Open Cloud Security Not Removing

Ok... I think I finally got rid entirely rid of it. I kind of winged it myself without any 3rd party tools, but have notes if you would like me to share them.

Can I get confirmation that my system is ENTIRELY clean based off these logs? I mean it runs fine now, but I want to be sure some I didn't leave some key logger or something hiding in there...

I have 2 concerns:
1) The GMER log mentions something about the file system and keyboard driver.
2) I see "Error 1012: There was an error while attempting to read the local hosts file" in Component Services (although I have no problems access the web).

Thanks go to this forum for all the tips and strategies!

-Brett

Read other 6 answers
RELEVANCY SCORE 67.2

Hi everyone on this helpful websiteFirst i must apologize for my language since I am not a native english speaker and I just try my best to write gramatically correct english hoping you guys can understand me and may give me a helping hand.Back to the theme:I've read the guide teaching how to remove OpenCloud Security on this site.http://www.bleepingcomputer.com/virus-removal/remove-opencloud-securityI have followed every step however I have not succeeded The problem shows at step 14 while running Malwarebyes' Anti-malwareI did run RKill, but Malwarebyes' Anti-malware just still cannot run the scan.Everytime I start scanning , it is shut down very soon, maybe a few secs after starting.I guess it's probably interrupted and terminated by Open Cloud Security.So I wonder if RKill did not succesfully do its job?After the black window closed, notepad pops out with only the below"This log file is located at C:\rkill.log. Please post this only if requested to by the person helping you. Otherwise you can close this log when you wish. Rkill was run on 09/2011 Sunday at 20:03:51. Operating System: Windows 7 Ultimate Processes terminated by Rkill or while it was running: Rkill completed on 09/2011 Sunday at 20:03:53. "Other than Malwarebyes' Anti-malware, I tried Spy Doctor, Trojan Killer, HijackThis.And they result in the same, being shut down very shortly after starting scanning.The softwares are unable to be opened again after they are shut down. (de... Read more

A:Need help on Open Cloud security removal

Ronarch,The information provided shows the characteristics of the ZeroAccess Rootkit.First, let's take care of this file:C:\Windows\4241468026:2236952579.exeIt throws a wrench in the works, and programs will not run successfully...Please download DummyCreator.zipUnzip the folder:Right-click and select: Extract allFollow the prompts to extractOpen the new folder that appears on the Desktop:Double-click DummyCreator/DummyMaker to run the tool.Now, copy/paste the following into the blank area:C:\Windows\4241468026Press the Create button. Save the content of the Result.txt to your Desktop, and post it in your reply.Next, restart the computer!Please do not run any malware removal programs while we are in the process of malware repairs. Doing so may just make matters worse, and that, you do not want!Thanks!

Read other 1 answers
RELEVANCY SCORE 67.2

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_23
Run by Aaron and Tracey at 21:38:29 on 2011-09-30
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.402 [GMT -4:00]
.
AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {84B5EE75-6421-4CDE-A33A-DD43BA9FAD83}
FW: McAfee Firewall *Enabled*
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Aaron and Tracey\My Documents\Downloads\Defogger.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uDefault_Page_URL = hxxp://www.dell4me.com/myway
uInternet Settings,ProxyOverride = *.local
uSearchURL,(Default) = hxxp://search.yahoo.com/se... Read more

A:Open Cloud Security Removal

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421411 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 67.2

I looked Open Cloud Security up on bleepingcomputer.com and I tried to follow the instructions. I'm using Windows XP, and i'm not savvy with regedit so I tried the antimalware route via safe mode. When I tried to open any form of safe mode i got the blue screen of death with some sort of memory dump notice at the bottom. So i started in my regular mode, used RKill (renamed iexplorer) to stop the rogue processes which allowed me to run antimalwarebytes. It took forever, and finally logged some things as killed, but open cloud security was still there. So in a fit of desperation I took to deleting what appeared to be folders which were definately not there before the infections. Files named with loooong numbers, as well as the files associated with open cloud security. Several clone shortcuts were found, but no program files. I went to the registry and deleted the only file i could find in the registry that has been linked to this virus. Then I restored last known good settings, but now I can't open a single program. The notice says to restore the file association in folder options in the control panel. But I don't even know how to do that. Does anyone know what happened? I'm not backed up in any way, and I will lose things which i would be very sad to lose, but I'm not against starting from scratch. It doesn't look like I have the virus anymore, but regardless, my computer is completely devastated. Is it possible that I deleted something that... Read more

Read other answers
RELEVANCY SCORE 66.4

It seems as if I've been hit at once by 2 different things. Not sure how it happened but it first started with the random redirecting which was blocked mostly by AVG, then after a few days all of a sudden Open Cloud Security hit me. After I used MBAM or CCleaner, I don't remember which one to try to stop the redirect, upon restarting Open Cloud appeared. It applies to both Firefox and Internet Explorer, not one by the way. I've looked up many different ways as to how to fix this but so far nothing, so I'm here.

I have did the whole ipconfig/flushdns thing and that seems to stop the redirect temporarily until I restart and it's back at it. As for the Open Cloud Security rogueware - MBAM and CCleaner always detect things, but after clearing it all out and rebooting in non-safe mode, it always comes back.

Hopefully someone can help me. I see many people have this redirect problem, but I seem to have gotten screwed further with this Open Cloud thing on top of it all.

A:Open Cloud Security and Google Redirect

Welcome aboard Download Security Check from HERE, and save it to your Desktop. * Double-click SecurityCheck.exe * Follow the onscreen instructions inside of the black box. * A Notepad document should open automatically called checkup.txt; please post the contents of that document.=============================================================================Please download MiniToolBox and run it.Checkmark following boxes:Report IE Proxy SettingsReport FF Proxy SettingsList content of HostsList IP configurationList last 10 Event Viewer logList Installed ProgramsList Users, Partitions and Memory sizeClick Go and post the result.=============================================================================Download Malwarebytes' Anti-Malware (aka MBAM): http://www.malwarebytes.org/products/malwarebytes_free to your desktop. * Double-click mbam-setup.exe and follow the prompts to install the program. * At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish. * If an update is found, it will download and install the latest version. * Once the program has loaded, select Perform quick scan, then click Scan. * When the scan is complete, click OK, then Show Results to view the results. * Be sure that everything is checked, and click Remove Selected. * When completed, a log will open in Notepad. * Post the log back here.Be sure to restart the computer.The log c... Read more

Read other 22 answers
RELEVANCY SCORE 66.4

I've tried the 'Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help' and did the steps but was unable to do the gmer option because it wouldn't let me open it. Heres the DDS logs that I did get to do.

A:Open Cloud Security / Google redirect

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421168 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 66.4

Referred from here: http://www.bleepingcomputer.com/forums/topic420705.html/ ~ OBBroni directed me here as the problem I had never went away. Here is the original post describing my problem:"It seems as if I've been hit at once by 2 different things. Not sure how it happened but it first started with the random redirecting which was blocked mostly by AVG, then after a few days all of a sudden Open Cloud Security hit me. After I used MBAM or CCleaner, I don't remember which one to try to stop the redirect, upon restarting Open Cloud appeared. It applies to both Firefox and Internet Explorer, not one by the way. I've looked up many different ways as to how to fix this but so far nothing, so I'm here.I have did the whole ipconfig/flushdns thing and that seems to stop the redirect temporarily until I restart and it's back at it. As for the Open Cloud Security rogueware - MBAM and CCleaner always detect things, but after clearing it all out and rebooting in non-safe mode, it always comes back.Hopefully someone can help me. I see many people have this redirect problem, but I seem to have gotten screwed further with this Open Cloud thing on top of it all."Now whenever I try to start Windows normally it blue screens. Here is what it says: http://i52.tinypic.com/oh6yvl.jpg Before it would only blue screen after I tried to start a program to get rid of it, such as MBAM or RKILL. I followed that guide before posting in this section and it says only do the G... Read more

A:Open Cloud Security and Google Redirect

.
DDS (Ver_2011-08-26.01) - NTFSAMD64 NETWORK
Internet Explorer: 8.0.7600.16385 BrowserJavaVersion: 1.6.0_21
Run by Mark at 12:06:26 on 2011-09-28
Microsoft Windows 7 Home Premium 6.1.7600.0.1252.1.1033.18.4084.3078 [GMT -4:00]
.
AV: AVG Internet Security *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}
SP: AVG Internet Security *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\windows\system32\wininit.exe
C:\windows\system32\lsm.exe
C:\windows\system32\svchost.exe -k DcomLaunch
C:\windows\system32\svchost.exe -k RPCSS
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\Explorer.EXE
C:\windows\system32\ctfmon.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\windows\SysWOW64\ping.exe
C:\windows\system32\conhost.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\windows\SysWOW64 ... Read more

Read other 58 answers
RELEVANCY SCORE 66.4

This past week my fianc? got a rogue antivirus on her PC ? Open Cloud Security ? while searching DeviantArt and listening to Pandora. Though I wasn?t present to observe, it appeared to be a drive-by installation (AFAIK, she didn?t click on any suspicious items).

Her PC stats:
What I know: Win XP Pro 32-bit, Ad-Aware free running constantly, router/hardware firewall, IE 8, EVGA GTX 460 @ 1024 MB, no virtual drive installed

What I can?t remember specifically offhand: Quad-core Intel, 2.5+ GB RAM, Mobo?(Asus ETS2 Energy Saver?)

I have searched numerous forums and sites for advice, and found many helpful tips ? but nothing has worked.

(NOTE: This post does not contain DDS and GMER logs, because I downloaded and transferred those programs to her computer with a flash drive and experienced problems, noted below:

DDS: began to run, but seemed to freeze up the machine?after 2 hours, the ?bar of asterisks? had not moved past ? of the way or so?I had to hard restart, and it took several tries on the initial BIOS screen, along with pulling the power cord out and letting the mobo power drain, before the BIOS would find the HD?s and continue the boot process.

GMER: Started and ran successfully, run overnight. In the morning, I tried to ?Save? a log for submittal, but received an error that there were ?not enough resources to complete the process? in My Documents or something similar, and then the computer froze?could move the mouse but not click anything, or pull up Task Manager?h... Read more

A:Open Cloud Security problem need advice

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Your logs indicate that a ZeroAccess infection is present on your computer:Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\WINDOWS\2478689085
Press Create button and post the content of the Result.txt.

Important: Restart the computer.===See if you can now run the DDS tool and include the log in your next reply.

Read other 1 answers
RELEVANCY SCORE 65.2

I'm following the directions to try to remove the Open Cloud AV trojan. I get all the way up through getting MBAM updated and starting the scan, but the scan stops and the program terminates a few seconds into it. It doesn't show up in running programs or processes when I CTRL+ALT+DEL. When I click the shortcut to start it again, I get windows error: "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." I tried restoring the computer to an earlier restore point - same issues. I got DDS to run (log pasted below), but GMER would not complete a scan - exact same symptoms and error message as described for MBAM.

I'm also having the Google re-direct symptoms (click on a search result and get sent somewhere else), so there must be more going on here.

.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_11
Run by The Man at 21:21:13 on 2011-10-02
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.2046.1639 [GMT -4:00]
.
AV: PC Security Guardian *Enabled/Updated* {00D8B0CF-05D6-4F00-9036-3895066D8282}
AV: AVG Anti-Virus Free *Disabled/Outdated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
AV: Lavasoft Ad-Watch Live! Anti-Virus *Enabled/Updated* {A1C4F2E0-7FDE-4917-AFAE-013EFC3EDE33}
AV: Norton Internet Security *Disabled/Outdated* {E10A9785-9598-4754-B552-92431C1C35F8}
AV: avast! Antivirus *Enabled/Outdated* {7591DB91-41F0... Read more

A:Trying to remove Open Cloud AV trojan - MBAM and GMER will not complete scan

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\WINDOWS\1946812688
Press Create button and post the content of the Result.txt.

Important: Restart the computer.:multiple Anti Virus programs: It looks like you are operating your computer with multiple Anti Virus programs running in memory at once: AV: PC Security GuardianAV: AVG Anti-Virus FreeAV: Lavasoft Ad-Watch Live! AV: Norton Internet SecurityAV: avast! Antivirus Anti-virus programs take up an enormous amount of your computer's resources when they are actively scanning your computer. Having two anti-virus programs ru... Read more

Read other 39 answers
RELEVANCY SCORE 64.4

While I was on Facebook today, a message popped up out of the blue that said I was infected with the Zeus Keylogger and to click here to buy the "only" way to remove it. When I tried to shut it down with tskmngr.exe it screamed that it was "infected" and refused to let me run the program. I also began getting fake email alerts every four minutes, a fake virus scan with the Zeus warning every seven minutes, and a fake BSOD and reboot every ten minutes (It happened so often I timed them, and the reboots always jumped back to where I left of instead of a usual reboot.). I also ended up with a program running in the task bar called "Security Guard 2012" that refused to let me shut it down. It also killed MBAM, SUPER ANTI-SPYWARE, and RKiller and it's various names (I tried them all...). When I try to run it, they all return an error that says: "Windows can't access the specified device, path, or file. You may not have the appropriate permissions to access the item." I have even tried Safe Mode on all of them after fighting with it for two hours to get into Add/Remove Programs feature to uninstall / reinstall (and the whole time the pc is screaming "It's infected!!" at the top of it's lungs - lol.). I even resorted to going to: C:\WINDOWS\system32\Taskmgr.exe since alt+ctrl+del didn't work. This program also created an icon on the desktop under the same name. When I right-clicked i... Read more

A:Security Guard 2012 becomes Open Cloud AV, google redirects, and ads galore

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.Do not run any other tool untill instructed to do so!Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\WINDOWS\338603927
Press Create button and post the content of the Result.txt.

Important: Restart the computer.Run Combofix:You may be asked to install or update the Recovery Console (Win XP Only) if this happens please allow it to do so (you will need to be connected to the internet for this)Before you run Combofix I will need you to turn off any security software you have running, If you do not know how to do this you can find out >here< or >here<Combofix may need to reboot your computer more than once to do its job this is ... Read more

Read other 3 answers
RELEVANCY SCORE 64.4

I got the nasty Open Cloud Security rogue anti-virus software. Popped up while I was out of the room so I wasn't able to do an immediate hard shut down in time. By the time I got back, a few minutes later, it had sunk its tentacles in pretty deeply. It has disabled my Malwarebytes Anti-Malware, my AVG anti-virus, and system restore, even in safe mode. When I try to run MBAM or GMER I got a notification that says "Windows cannot access the specified device, path, or file. You may not have the appropriate permissions to access the item." Again, this occurs even in Safe Mode (with networking). I've also got Google re-direct going on. I manually deleted what I could of the virus and that seemed to slow it down considerably, but it's still in there somewhere. Here is my DDS log:
.
DDS (Ver_2011-08-26.01) - NTFSx86 NETWORK
Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_26
Run by Mike at 12:02:27 on 2011-10-01
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1014.346 [GMT -5:00]
.
AV: AVG Anti-Virus Free *Disabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
svchost.exe
C:\WINDOWS\370523963:3292588777.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Mozilla F... Read more

A:Open Cloud Security w/ Google Redirect; MBAM/AVG/GMER disabled

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/421421 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 4 answers
RELEVANCY SCORE 54.4

Can remove this from showing up its very annoying.
I don't have gpedit.msc because I'm running Windows 7 Home Premium is there another way of removing it?

A:Remove Open File - Security Warning

I have honestly no understanding of what you're asking. Could you provide us with a screen shot?

Read other 8 answers
RELEVANCY SCORE 50.4

Hello to all,
I have found using the pre-release W8 on my old system to run pretty fast and well. My issue is that I do not wish to use any cloud apps at all and want to delete them and replace them with the regular .exe programs. I have uninstalled all the apps that I've found on the start screen and installed the appropriate programs such as Thunderbird, Firefox etc. Not being very up to speed I was wondering if this unusual approach has been taken up by others and what things I might have missed or need to add.
For instance, how do I install the Window,s photoviewer program as I've removed the app? Things like that.
Appreciate any assistance, thanks in advance!
Glenn

A:Remove cloud apps

hi ,It should be already installed , go to the start ,right click on the screen and choose show all apps , scroll to the right and under windows systems category you should see choose defaults ,and It should be in the list ,was mine anyway and I don't remember installing it ,so I think it there by default

Read other 9 answers
RELEVANCY SCORE 50.4

Norton  keeps finding it and saying it has been removed.  How do I get rid of it once and for all?  windows 7.  emachines E627Edit: Moved topic from Windows 7 to the more appropriate forum. ~ Animal

A:How do I remove Suspicious Cloud 7 EP?

Hello tyl604
First -
Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.
NOTE - If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
 
 
Next -
Download Malwarebytes' Anti-Malware Free (aka MBAM): to your desktop.
- Do not accept the Free Trial Version at this time -
* Double-click mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-M... Read more

Read other 10 answers
RELEVANCY SCORE 50.4

I am having similar problems with Open Cloud AV to those mentioned in the forum, and I have been trying to apply the fixes mentioned here. Some details about my set-up and what I have tried:- Windows XP Service Pack 3, HP Pavilion Laptop- I started seeing the bogus "infection" warnings and saw a shortcut to Open Cloud AV on the desktop.- MBAW was installed, but I was unable to launch it (or any other type of antivirus software)- Task Manager was mostly unresponsive, many programs wouldn't launch, or would quickly quit.- I had internet access, but various ads would launch when opening IE or FF.- I have tried rkill (including renaming it).- I have tried re-installing and updating MBAM (including renaming it.) I can do both, but it quits just after "enumerating items to be scanned..."- Upon restart, the shortcut to MBAM no longer works.- I checked the Proxy Settings for both browsers, neither has proxy checked. (Is there somewhere else to look for a proxy setting?)- Windows Update will not run, nor will MS Security Essentials.- I ran tdsskiller. It finds problems, but the only options are to skip, copy to quarantine, and delete. I have tried all. There is no "ensure cure" that I can see. It asks to reboot. (Very slow) Whether I reboot or not, rescans show additional problems.- I have used Add/Remove Software to remove Java.- It still seems like "something" is preventing attempts to scan and fix problems.- I have tried many of these st... Read more

A:Open Cloud AV

have you rebooted after this, if no do that now. Then try MBAM again.If needed... This infection changes settings on your computer so that when you launch an executable, a file ending with .exe, it will instead launch the infection rather than the desired program. To fix this we must first download a Registry file that will fix these changes. From a clean computer, please download the following file and save it to a removable media such as a CD/DVD, external Drive, or USB flash drive.FixNCR.reginsert the removable device into the infected computer and open the folder the drive letter associated with it. You should now see the FixNCR.reg file that you had downloaded onto it. Double-click on the FixNCR.reg file to fix the Registry on your infected computer.

Read other 8 answers
RELEVANCY SCORE 50.4

downloaded bleeping computers anti malware to get rid of open cloud virus in safemode. instructions seemed to say to run in safe mode aswell. when i try to run the malware download i get this message:Windows cannot accesss the specified device path or file. you may not have appropriate permission to access the item.Please help!!! I purchased norton360 antivirus innitially online and tried to run that and i couldnt, then i tried pctools spyware and now this... been working on this for days please help me :-(

A:open cloud

I also ran this Rkill download before the anti malware
recieved this message after:

This log file is located at C:\rkill.log.
Please post this only if requested to by the person helping you.
Otherwise you can close this log when you wish.

Rkill was run on 06/06/2012 at 13:41:44.
Operating System: Windows Vista ™ Home Premium
Processes terminated by Rkill or while it was running:

C:\Users\5448\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ECB5GOOK\iExplore[2].exe
Rkill completed on 06/06/2012 at 13:41:47.

Read other 2 answers
RELEVANCY SCORE 50.4

I contracted Open Cloud AV and followed the removal instruction on this web, located athttp://www.bleepingcomputer.com/virus-removal/remove-opencloud-antivirusto the letter. Including downloading Rkill and Malwarebytes. It did not remove this bug, but it did manage to remove just about everything else on my computer, including photos, important documents, and software, including some of the Microsoft stuff that came with the computer such as Office. Not only these, but it also seems to have removed Rkill and Malwarebytes after it completed and re-booted. Aside from the recycling bin the only desktop icon I have now is something called ?Security Guard 2012?. Is there anything I can do?

A:Open Cloud AV

Hello, I've split you to your own topic.It actuall removed none of those things,this the malware doing it. so run these next.This infection family will also hide all the files on your computer from being seen. To make your files visible again, please download the following program to your desktop:Unhide.exe Once the program has been downloaded, double-click on the Unhide.exe icon on your desktop and allow the program to run. This program will remove the +H, or hidden, attribute from all the files on your hard drives. If there are any files that were purposely hidden by you, you will need to hide them again after this tool is run.Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!Be sure to download TDSSKiller.exe (v2.5.6.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
Vista/Windows 7 users right-click and select Run As Administrator.If TDSSKiller does not run, try renaming it. To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.Click the Start Scan button.Do not use the computer during the scanIf the scan completes with nothing found, click Close to exit.If malicious objects are found, they will sho... Read more

Read other 50 answers
RELEVANCY SCORE 50.4

Hi,
My original post is located here: http://www.bleepingcomputer.com/forums/topic424108.html and they sent me over here. Just to sum up:

I am working on a dell inspiron 910 Mini running windows XP that got open cloud AV a week ago. Based upon the other posts about Open Cloud, I ran combo fix and Rouge killer. Finally I was able to, I think, delete Open Cloud. Scans of Avast and Malwarebytes now show no suspicious files. However in the process of removal I lost the ability to connect to the internet either wireless or by network cable. I am currently on another laptop on the same network, so the network would seem to be working.

I have tried winsockxpfix to no avail. When I try the command ipconfig /renew, I get a message saying that the RPC server is unavailable. Yet when I open services it states that it is running. I have tried making my network open with no success and I have tried it with and without broadcasting ssid. I have also tried renewing the available networks list. I have also tried uninstalling the wireless card so that I can re-install it, but windows stops the the uninstallation saying that it is necessary for startup.

So I guess the question is, did I really get rid of this awful thing?

A:Open Cloud Av - Did I get rid of it?

Hi SeanR, I know it looks like a lot, but it's really just a lot of text asking for only 4 scans. Once you've done these and posted the results in your next post, let me know how the computer is running.========================================================================================================================================================Download Security Check by screen317 from here or here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document.========================================================================================================================================================Please download and scan with SUPERAntiSpyware FreeDouble-click SUPERAntiSypware.exe and use the default settings for installation.An icon will be created on your desktop. Double-click that icon to launch the program.If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.... Read more

Read other 10 answers
RELEVANCY SCORE 50.4

Hi! I got infected with OpenCloud AV and tried following the removal suggestions from this site and others with no luck. I'm not able to run rkill, maleware bytes or any other antiviral software, even in safe mode. My computer was pretty much unusable until I did a system restore. Now my computer will at least turn on, but I'm still having a tons of problems. I still can't use antiviral software, I seem to have some search engine redirect virus, I get random pop-ups saying "Congratulations you just won..." when I use the internet, my computer keeps freezing and has problems shutting down. OpenCloud AV is not present on my desktop anymore, but I have no reason to believe it's not still on my computer.

I wasn't able to run GMER, every time I tried I got a blue screen error message and my computer restarted. Unfortunately, I haven't been able to read what the message says because it flashes so quickly.

I was able to run DDS and attached the logs. Thanks so much for reading this, I really need some help!

.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Owner at 19:15:10 on 2011-10-27
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.1014.469 [GMT -4:00]
.
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\WINDOWS\2194736433:3472502397.ex... Read more

A:Open Cloud AV and something else??

Good evening. Please download DummyCreator.zip by Farbar from here and save it to your Desktop - you will then need to unzip it.Right click on the zipped folder and from the menu that appears, click on Extract All...In the "Extraction Wizard" window that opens, click on Next> and in the next window that appears, click on Next> again. In the final window, click on Finish. Double click DummyCreator.exe to run the tool. Copy and paste the following into the edit box:

C:\WINDOWS\2194736433 Click the Create button. Make sure you have a copy of Result.txt that should appear once the tool has completed.
Important: Restart the computer and then let me have a copy of Result.txt in your next reply.

Read other 8 answers
RELEVANCY SCORE 50.4

i have tried the rkill and uninstalling microsft security essentials and reinstalling still no luck also there is a user on my computer called dutususer that i have never seen before i cant delete it eitherEdit: Moved topic from AntiVirus, Firewall and Privacy Products and Protection Methods to the more appropriate forum. Duplicate topic post deleted as well. ~ Animal

A:open cloud help plz

Hello and welcome.Please download MiniToolBox, save it to your desktop and run it. Checkmark the following checkboxes: Flush DNS Report IE Proxy Settings Reset IE Proxy Settings Report FF Proxy Settings Reset FF Proxy Settings List content of Hosts List IP configuration List Winsock Entries List last 10 Event Viewer log List Installed Programs List Users, Partitions and Memory size. List Minidump FilesClick Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.Please follow our Removal Guide here How to remove Google Redirects. You will move to the Automated Removal InstructionsIf it finds something make sure Cure is selectedNext click Continue then Reboot nowA log file should be created on your C: drive named "TDSSKiller.txt" please copy and paste the contents in your next reply.Now do RKill....Download and Run RKillPlease download RKill by Grinler from one of the 4 links below and save it to your desktop.

Link 1
Link 2
Link 3
Link 4

Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
A blac... Read more

Read other 4 answers
RELEVANCY SCORE 50.4

Hello,My brother in laws machine recently become infected with the open cloud malware. I have attempted to follow the guides on your site but am still unable to get rid of this thing. I've tried the rkill and malwarebytes but during the mbam run it kicks off in 1 minute. I disabled any cd emulators as well. I ran the dds and was able to create some logs. I also attempted to run the GMER but that kicks off 1 minute in as well. I attempted to use superantispyware to remove it and it shows the open cloud but then shuts down. When attempting to run the programs again I am getting an error advising me that I do not have permissions to run the programs. I have the logs and can post. Looking for some advise on the next step. ThanksAttach.txt.UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.IF REQUESTED, ZIP IT UP & ATTACH IT.DDS (Ver_2011-08-26.01).Microsoft Windows XP ProfessionalBoot Device: \Device\HarddiskVolume2Install Date: 4/29/2009 2:21:01 PMSystem Uptime: 9/28/2011 12:33:29 PM (0 hours ago).Motherboard: First International Computer, Inc. | | K8MC51GProcessor: AMD Sempron™ Processor 3400+ | Socket 754 | 2009/201mhz.==== Disk Partitions =========================.C: is FIXED (NTFS) - 149 GiB total, 4.45 GiB free.D: is CDROM ()E: is CDROM ()G: is RemovableH: is FIXED (FAT32) - 4 GiB total, 2.233 GiB free.I: is RemovableJ: is RemovableK: is Removable.==== Disabled Device Manager Items =============.Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}Des... Read more

A:Open Cloud

Hello, Welcome to BleepingComputer.I'm nasdaq and will be helping you.If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.===Please download DummyCreator.zip and unzip it.Run the tool.Copy and paste the following into the edit box:

C:\WINDOWS\2348756298
Press Create button and post the content of the Result.txt.

Important: Restart the computer.===Please post the log. Wait for my next instructions.

Read other 2 answers
RELEVANCY SCORE 50.4

I got Open Cloud a few days ago, but I was too lazy to do anything about it until today. I followed this tutorial here:
http://www.bleepingcomputer.com/virus-removal/remove-opencloud-antivirus

but when I run the rKill thing it doesn't work right. I'll see the black box, and then the Open Cloud pop up and the icon on my desktop disappears after about a minute or 2, then 10 seconds later, and it's back and the black box is still there. That's been happening on and off for the past half an hour and it's very frustrating >.<

Now rkill has a message written on notepad saying it removed some stuff, but Open Cloud is still popping up and removing itself!

Please help, it makes my computer really slow, and I have a lot of homework to get done...

A:Open Cloud AV won't go away!

Hello,Please follow the instructions in ==>This Guide<== starting at step 6. If you cannot complete a step, skip it and continue.Once the proper logs are created, then post them in a reply to this topic by using the Add Reply button.If you can produce at least some of the logs, then please create the post and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the reply and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.Please note that I am not a member of the Malware Removal Team and will not be assisting you in removing the infection. I'm simply helping you to post the information they need in order to assist you.If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.Orange Blossom

Read other 3 answers
RELEVANCY SCORE 50.4

Hello and Welcome to the forums! My name is Gringo and I'll be glad to help you with your computer problems. Somethings to remember while we are working together.Do not run any other tool untill instructed to do so!Please Do not Attach logs or put in code boxes.Tell me about any problems that have occurred during the fix.Tell me of any other symptoms you may be having as these can help also.Do not run anything while running a fix.We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.Click on the Watch Topic Button and select Immediate Notification and click on proceed, this will help you to get notified faster when I have replied and make the cleaning process faster.In order for me to see the status of the infection I will need a new set of logs to start with.Please print out or make a copy in notpad of any instructions given, as sometimes it is necessary to go offline and you will lose access to them.DeFogger: Please download DeFogger to your desktop.

Double click DeFogger to run the tool.
The application window will appear Click the Disable button to disable your CD Emulation drivers Click Yes to continue A 'Finished!' message will ap... Read more

A:open cloud help plz

Hello 48 Hour bumpIt has been more than 48 hours since my last post.do you still need help with this?do you need more time?are you having problems following my instructions?
if after 48hrs you have not replied to this thread then it will have to be closed!Gringo

Read other 3 answers
RELEVANCY SCORE 50.4

Referred from here: http://www.bleepingcomputer.com/forums/topic421880.html ~ OBI have a serious Open Cloud AV infection that is proving difficult to remove. On advice of a forum moderation I have started a thread here. I attempted to follow the Prep Guide but and did download DDS but was unable to get it to run on the infected computer. On advice of that same moderator I did download OTL and it would run, the two logs it produced follow. Thanks to anyone who can help.OTL LogOTL logfile created on: 10/8/2011 12:37:03 PM - Run 1OTL by OldTimer - Version 3.2.29.1 Folder = C:\Users\Mike and Jean\Desktop64bit- Home Premium Edition (Version = 6.1.7600) - Type = NTWorkstationInternet Explorer (Version = 8.0.7600.16385)Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy 1.75 Gb Total Physical Memory | 0.53 Gb Available Physical Memory | 30.53% Memory free3.49 Gb Paging File | 1.73 Gb Available in Paging File | 49.44% Paging File freePaging file location(s): ?:\pagefile.sys [binary data] %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)Drive C: | 218.37 Gb Total Space | 140.11 Gb Free Space | 64.16% Space Free | Partition Type: NTFSDrive D: | 14.22 Gb Total Space | 2.35 Gb Free Space | 16.52% Space Free | Partition Type: NTFSDrive E: | 99.18 Mb Total Space | 95.72 Mb Free Space | 96.51% Space Free | Partition Type: FAT32 Computer Name: MIKEANDJEAN-PC | User Name: Mike and Jean | Lo... Read more

A:Open Cloud AV

OTL Log Continues[2011/10/03 20:50:27 | 016,409,960 | ---- | C] (Safer Networking Limited ) -- C:\Users\Mike and Jean\Desktop\spybotsd162.exe[2011/10/03 20:50:25 | 000,000,000 | ---D | C] -- C:\ICwVNtxP0ciDoGa[2011/10/03 20:50:21 | 000,000,000 | ---D | C] -- C:\WF4pmH5sQ7E8[2011/10/03 20:50:18 | 000,000,000 | ---D | C] -- C:\opm5aQJWfLTqUkB[2011/10/03 20:50:14 | 000,000,000 | ---D | C] -- C:\rekIVrONx[2011/10/03 20:50:11 | 000,000,000 | ---D | C] -- C:\zkUVrlOtx0c1v[2011/10/03 20:50:07 | 000,000,000 | ---D | C] -- C:\K9hYXwjVeBPAu[2011/10/03 20:50:04 | 000,000,000 | ---D | C] -- C:\dBrzONyxA[2011/10/03 20:50:01 | 000,000,000 | ---D | C] -- C:\H7fE8gTqhwUrOt[2011/10/03 20:49:57 | 000,000,000 | ---D | C] -- C:\rWJ7dEL8RqYUeOz[2011/10/03 20:49:54 | 000,000,000 | ---D | C] -- C:\X8fRZ9hTXjClB[2011/10/03 20:49:50 | 000,000,000 | ---D | C] -- C:\WdRL9gTqjeIrOtA[2011/10/03 20:49:43 | 000,000,000 | ---D | C] -- C:\CZ9XwjUVeBzNc1v[2011/10/03 20:49:39 | 000,000,000 | ---D | C] -- C:\LaQ6dWK8fLhXjC[2011/10/03 20:49:35 | 000,000,000 | ---D | C] -- C:\GL9gTqjYCkVzN[2011/10/03 20:49:27 | 000,000,000 | ---D | C] -- C:\ZqYCwkVrliHEwy3[2011/10/03 20:49:18 | 000,000,000 | ---D | C] -- C:\BbQEjOSns8wBvWX[2011/10/03 20:49:11 | 000,000,000 | ---D | C] -- C:\TNyA0uS2i3GaHdK[2011/10/03 20:49:05 | 000,000,000 | ---D | C] -- C:\CzPNyA1uv2b3m5[2011/10/03 20:4... Read more

Read other 39 answers
RELEVANCY SCORE 50

Is there a way to permanently remove OneDrive and Cloud from my system, including all references to both from my registry?

In the absence of that, is there a third-party application that will for sure block all functions of both of them?

I recently spent about an hour editing out all references to OneDrive from my registry, at least all that Windows 10 would allow, and now they are all back.
 

Read other answers
RELEVANCY SCORE 49.6

Hello,

2 days ago in the middle of a search I suddenly started getting pop-ups for open cloud AV suggesting my computer was infected. I attempted to do a system restore and the problem seemed fixed, however I was still being redirected on websites. Then, open cloud AV returned the next day. I've tried running scans, tdsskiller, malwarebytes, spybot S&D, tried deleting program from files, etc. Nothing is getting rid of this! Malwarebytes will not run for more than 20 seconds. Spybot says it detects a trojan and resolves but everytime I run, its still comes up on list. Spybot detects Win32.Palevo but nothing else. There was also another icon that appeared on my desktop but is now gone named Security Guard 2012. I will occasionally get the "blue screen" but it doesn't shut down the computer. I've tried ending processes with task manager but rarely can I get it to open. Proxy settings are not effected everytime I check. This is really driving me crazy. Usually, I'm capable of getting rid of viruses myself but this one really has me stumped. Please help!!!

A:OPEN CLOUD AV VIRUS - PLEASE HELP!

Hello and welcome to Tech Support Forum.

I am currently assessing your situation and will be back with a fix for your problem as soon as possible.

Please subscribe to this thread to get immediate notification of replies as soon as they are posted. To do this, click Thread Tools, then click Subscribe to this Thread. Under the Notification Type: title, make sure it is set to Instant notification by email, then click Add Subscription.

Please be patient with me during this time.

Meanwhile, please make a reply to this topic to acknowledge that you have read this and is still with me to tackle the problem until the end. If I do not get any response within 3 days, this topic will be closed.

Read other 15 answers
RELEVANCY SCORE 49.6

Hi, I apologize for the length, but I'm not sure how to sum this up well. I have been referred here from the am I infected forum, having been referred there from the Windows XP Forum. I will try to sum up as best as I can. I should also point out that this is my wife's computer so I don't have an in depth knowledge of what led up to the infection. I have a Dell Mini Inspiron 910 that became infected with Open Cloud AV. I followed the removal guides I found online and had thought I finally got rid of it, but that doesn't seem to be the case. In the process I have now lost the ability to connect to the internet on that computer either on wireless or through network cable. When I pull up the details of the wireless connection it says that the ip is invalid. I cannot connect in to the internet in safe mode either. Unfortunately I am unable to accurately recount every step I took previously. (I have since learned that this was foolish on my part.)I am using a different computer and an external hard drive (both of which have been scanned extensively to ensure no infections.) to download what is needed and I always save it to the desktop of the new computer before I start working with that downloaded program.My original post about wireless connection can be found here: http://www.bleepingcomputer.com/forums/topic424108.html - I have made sure that IE browser>>click tools>>internet options>> Proxy server is not checked and that automaticall... Read more

A:Leftovers from Open Cloud AV?

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/424950 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 13 answers
RELEVANCY SCORE 49.6

On Sunday evening (Oct 2) my PC got inadvertantly infected with the Open Cloud virus.

We have a Windows XP Home operating system, and two people use the computer - my wife Martha and I - with separate login accounts.

Martha was browsing with the Firefox broswer and got the Open Cloud infection. She called me immediately and I attempted to remove it, since it was overtaking the machine, showing messages and terminating programs repeatedly.

I will tell you what I have done to remove it, and what the remaining behavior is. This virus is more difficult than I originally imagined, and I will need help to get the machine completely clean.

Initially, before searching for professional advice, I deleted all of the Open Cloud folders and files, and followed this with a registry cleaner (CC Cleaner), that scans the registry and removes remaining references to deleted executables. I did this as triage, because I couldn't manage to do ANYTHING on the machine until I removed the files.

Then I went to another machine and looked up on BleepingComputer what to do. Over the next 48 hours, I tried several things recommended by BleepingComputer professionals, including following all of the three procedures listed in the following URLs, in the order they were suggested:
+ http://www.bleepingcomputer.com/virus-removal/remove-opencloud-security
+ http://www.bleepingcomputer.com/forums/topic421637.html
+ http://www.bleepingcomputer.com/forums/topic34773.html

Unfortunately, none o... Read more

A:Open Cloud infection

I managed to resolve my problem. The solution is given in the following post.

http://www.bleepingcomputer.com/forums/topic422225.html

The current topic can now be closed.

Rich Wagner

Read other 2 answers
RELEVANCY SCORE 49.6

I have been asked to clean a laptop that was infected with the open cloud av malware on 10/3/2011. Malwarebytes is now warning that this variant includes a trojan that make it impossible to guarantee a clean machine. They suggest changing all account numbers and passwords. Having played with removal for a day I am amazed at the sophistication of this variant. I am inclined to recommend a low level reformat and reinstall. What do your experts think about this nasty code. Thanks, PS

A:open cloud av malware

With the information you have provided I believe you will need help from the malware removal team. Please make sure that you read the information about getting started first.Then start a new thread HERE and include or required logs.Including a link to this thread will be helpful. Good luck and be patient. Help is on the way!

Read other 1 answers
RELEVANCY SCORE 49.6

I have a problem with open cloud which is really messing with my computer, I cannot run RKILL or at least it doesn't run automatically. I have tried to download the RKILL program but it never seems to run...help please.

A:Open cloud issues

Hello I moved you to the Am I Infected forum.It is possible that the infection you are trying to remove will not allow you to download files on the infected computer. If you run into this problem when following the steps in this guide you will need to download the files requested in this guide on another computer and then transfer them to the infected computer. You can transfer the files via a CD/DVD, external drive, or USB flash drive.Please follow our Removal Guide here Remove OpenCloud Security (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 1 answers
RELEVANCY SCORE 49.6

I too have the OPen Cloud virus. I have looked at verious other posts to attempt to fix teh issue but have been unsuccessful. I did the preparation steps 6-9. But gmer did nto create a log for me to save. It did run. I had my computer in safe mode. Previously I had tried rkill.exe adn then malwarebytes but when I ran malwarebytes it would close itself down after a second or two. I tried to do the one that was to loaded form a clean computer onto a zip drive. It would not open that up.
Hoping someone can help!

A:Open Cloud virus

Were you able to create the DDS logs? If so, please post them in a reply to this topic. If not, please explain what happens when you try to create them.

Orange Blossom

Read other 3 answers
RELEVANCY SCORE 49.6

My mothers computer was infected with open cloud.
I restarted in safe mode and ran malware and removed the infected files.
I no longer get redirects but I still can not update MSE.
How can I verify that I have properly romoved open cloud and what can I do to fix MSE?
I also ran rkill and it found nothing.
here is a ddr log
.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 8.0.6001.18702
Run by Compaq_Administrator at 16:59:34 on 2011-10-18
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1982.1358 [GMT -4:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095}
AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Browny02\Brother\BrStMonW.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Com... Read more

A:Open cloud infected?

gmer txt here
is it normal for it to scan well over an hour?
I had to stop it after a while
GMER 1.0.15.15641 - http://www.gmer.net
Rootkit scan 2011-10-18 18:20:30
Windows 5.1.2600 Service Pack 3 Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-5 ST3160812AS rev.3.AHH
Running: 95no0kru.exe; Driver: C:\DOCUME~1\COMPAQ~1.YOU\LOCALS~1\Temp\kgxdafob.sys
---- Kernel code sections - GMER 1.0.15 ----

.text C:\WINDOWS\system32\DRIVERS\nv4_mini.sys section is writeable [0xB8F83360, 0x20574D, 0xE8000020]
? C:\DOCUME~1\COMPAQ~1.YOU\LOCALS~1\Temp\mbr.sys The system cannot find the file specified. !

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\internet explorer\iexplore.exe[2272] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E2154D5 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2272] USER32.dll!SetWindowsHookExW 7E42820F 5 Bytes JMP 3E2E9AD1 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\internet explorer\iexplore.exe[2272] USER32.dll!CallNextHookEx 7E42B3C6 5 Bytes JMP 3E2DD10D C:... Read more

Read other 9 answers
RELEVANCY SCORE 49.6

Moving Security to the Cloud. (2 web pages)

Combining scanning approaches could keep PCs safe from viruses.

-- Tom
 

A:Moving Security to the Cloud

Cool article, Thanks for postint! it will be interesting to see how this theory plays out. It makes a lot of sense.
 

Read other 3 answers
RELEVANCY SCORE 49.6

Partly Cloudy With a Chance of Data Compromise: Cloud Security Quiz

I got 16/20
all the best
 

A:cloud security quiz

Interesting to freshen up your knowledge, got 16/20 where visiting on forum and reading articles should really help you out to learn and not take it as granted.
 

Read other 0 answers
RELEVANCY SCORE 49.6

Hello to all,

today saw a commercial about Kaspersky Security Cloud. Was thinking whaaaattt...??!!

So today reinstalled Windows 10 64bit clean on a new GPT EFI Dynamic Drive and must say, that thing is snappy.

Kaspersky Version 18.0.0.405(b)

The interface and features feel allot like the Internet Security 2017 but allot more smooth.

My Question to you all here in the Community is how do you think about it?

My Security config. changed again. Will post a new one soon.

Best regards
Val.
 

A:Kaspersky Security Cloud?

I'm waiting that Kaspersky releases it in Belgium to buy it ! But it looks very promising
 

Read other 0 answers
RELEVANCY SCORE 49.6

Hello,
 
 I am currently doing a project on cloud computing security. I am trying argue about how secure the cloud is and am doing researcher to that end. I am reaching out to any cloud security professionals or anyone that has any information on cloud security. If you just want to give your opinion on cloud security, that is fine too. I want to know what people think about the security of the cloud. 

A:Cloud Computing Security

Are you doing data security in the "cloud"? Or Security as a service (cloud security)?

Read other 2 answers
RELEVANCY SCORE 49.6

Per my IT professional, I ran combofix on my husband's laptop. I now cannot get on the internet ....either wirelessly or plugged into the router. Followed instructions on bleeping computer website, however, I have windows 7 and cant find "repair" as it shows on tutorial. I did run detect problems - said it didn't find anything. Called Brighthouse - they coached me through ipconfig and determined that the ip addresses were not genuine ip addresses. Tried to correct but said there was nothing more they could do.

please see combofix log attached.

Thank you for your help.

 ComboFix log 10-20-11.txt   26.62KB
  3 downloads

A:used combofix to remove cloud protection - cant get on internet

Hello and welcome to Bleeping Computer! I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything. We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here. To help Bleeping Computer better assist you please perform the following steps:*************************************************** In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/424440 <<< CLICK THIS LINK If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.*************************************************** If you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lo... Read more

Read other 2 answers
RELEVANCY SCORE 49.2

Hello, I have recently gotten the Open Cloud Antivirus virus, and I am unable to get rid of it because it has blocked my exe files. I tried running Malwarebytes in safe mode, but it gave me the message that I did not have the permission to use the program. When I run safe mode with networking, my browsers (FF and IE) say that the page could not be found. In addition to this, I have redirects when I try to open a web page. Help would be appreciated! Thanks!

A:Open Cloud Antivirus and redirects

tn2642Please follow our Removal Guide here Remove OpenCloud Antivirus (Uninstall Guide) .After reading how the malware is misleading you ...You will move to the Automated Removal InstructionsAfter you completed that, post your scan log here,let me know how things are.The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.

Read other 9 answers
RELEVANCY SCORE 49.2

Hello,

I have a Dell Vostro 1000 with Windows XP, Service Pack 3.

About two weeks ago, Firefox stopped working. My mistake was to think nothing of it and use Internet explorer instead. About a week or so ago, my URLs were being redirected to pay for ad sites (although the links appeared to be content relevent).

Two nights ago Open Cloud AV (I don't ever recall installing this) opened up and showed issues. I closed it down as quickly as I could and tried to run MS Security Essentials, but it wouldn't start. I didn't note the error, unfortunately.

My first attempt was with AVG 2012 and it found nothing.

I tried downloading Malwarebytes, as well as Superantispyware, but couldn't download it onto that machine, I was continually redirected.

I downloaded the following to a flash drive and ran (IIRC this is the order, over a period of a day):
FixNCR
SUPERantispyware

Then
Rkill with the following names:
Rkill
IExplore
WiNlOgOn
eXplorer

mbam-setup

Initially, I ran in safe mode without networking and logged in as administrator.
Many items were caught and quarantined.
Then I tried to updated Security Essentials logged in as admin in safe mode with networking and access was denied.

Then, I rebooted and logged in as my user, in safe mode with networking and there was definitely still an issue. I tried downloading and updating Superantispyware which it appeared to do, but when running the scan, it stopped after 20 seconds or so.
I tried MBAM and the same sym... Read more

A:Open Cloud AV issues and URL redirects

I did check the Internet Explorer Proxy settings, and proxy is not enabled.

Read other 2 answers
RELEVANCY SCORE 49.2

Bleeping Computer Administrators,

I know there are other posts very well explaining how to get out of the terrible situation that is Open Cloud AV. I've dealt with a VERY similar malicious program before. I dealt with it my running Rkill and then Malwarebyte's Anti-Malware. I have recently been infected with Open Cloud AV. I looked up how to remove it, and seeing as the steps were the same, I did the same. Rkill terminated the process, but MBAM would not open. I tried to open it with some 'Inherit.exe' but that didn't work. I download Anvira, which I was told worked as well, and that program didn't find Open Cloud on a full scan. I restarted my computer and tried it all again, still to no avail.
I still can't open MBAM, and Rkill doesn't find/doesn't terminate Open Cloud AV.

I'm pretty desperate, and I'm not great with computers.

Thanks for your time,
-Dylan

A:LOTS of problems with Open Cloud AV

With the information you have provided I believe you will need help from the malware removal team. Please make sure that you read the information about getting started first.Then start a new thread HERE and include or required logs.Including a link to this thread will be helpful. Good luck and be patient. Help is on the way!

Read other 4 answers