OpenCloud Antivirus

OpenCloud Antivirus Description

Type: Rogue Anti-Virus Program

ScreenshotESG PC security researchers have identified OpenCloud Antivirus as a rogue anti-virus application from the FakeScanti family. This means that OpenCloud Antivirus is a fake anti-virus tool that is designed to steal your money and credit card details. The OpenCloud Antivirus interface attempts to resemble popular anti-virus software. This fake anti-virus program displays a continuous stream of fake security alerts and virus warnings in an attempt to convince its victim to pay for fixing these nonexistent issues. OpenCloud Antivirus is also associated with browser redirecting and blocked access to your legitimate anti-virus programs. ESG PC security researchers recommend automatically removing the OpenCloud Antivirus rogue security program with a legitimate anti-virus program.

This severe threat is actually a clone of known rogue security programs like Security Guard, Sysinternals Antivirus, Wireshark Antivirus, Milestone Antivirus, BlueFlare Antivirus, WolfRam AntiVirus, OpenCloud Security, Data Restore, OpenCloud AV, Security Guard 2012, AV Guard Online, Guard Online, Cloud Protection, AV Protection Online, System Protection 2012, AV Security 2012, Sphere Security 2012, AV Protection 2011, Super AV 2013.

The Deluge of Problems Associated with OpenCloud Antivirus

Rogue security programs like OpenCloud Antivirus operate by warning computer users of fake infections on their computer. These error messages can take various forms, such as pop-up notifications from the Task Bar or security alerts similar to those displayed by native Windows Security applications. These fake error messages, along with a misleading scan of your computer are all part of a scam designed to convince you to pay for a useless "full version" of OpenCloud Antivirus. Some of the fake infections that OpenCloud Antivirus detects include Trojan.VBS.Qhost, Trojan-Downloader.JS.Agent and Trojan-Downloader.JS.Romora. While these are real malware infections, there is a very low chance of these Trojans actually being present on your computer. OpenCloud Antivirus can also cause your computer system to run slowly, crash frequently and behave erratically. Other problems associated with OpenCloud Antivirus include Internet browser redirection, blocked executable files and changes to your system settings. All of these symptoms are characteristic of a large category of malware programs known as rogue security programs, or fake security applications.

Dealing with OpenCloud Antivirus

A good way of stopping the most annoying features of OpenCloud Antivirus consists in entering the registration code DB038748-B4659586-4A1071AF-32E768CD-36005B1B-F4520642-3000BF2A-04FC910B. This code will not remove OpenCloud Antivirus, but it will stop some of OpenCloud Antivirus' most annoying effects. ESG security researchers have found that this code works to stop most of OpenCloud Antivirus's clones, including Milestone Antivirus, AKM Antivirus 2010 Pro and Sysinternals Antivirus. It is important to understand that, after using this code, it is still necessary to start up your computer in Safe Mode and use a real anti-virus program to detect and remove an OpenCloud Antivirus infection.

Technical Information

Screenshots & Other Imagery

OpenCloud Antivirus Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

OpenCloud Antivirus Screenshots

File System Details

OpenCloud Antivirus creates the following file(s):
# File Name MD5 Detection Count
1 %StartupFolder%\csrss.exe N/A
2 %AppData%\OpenCloud Antivirus\csrss.exe N/A
3 %StartMenu%\OpenCloud Antivirus N/A
4 %AppData%\OpenCloud Antivirus\ms.conf N/A
5 %UserProfile%\Desktop\OpenCloud Antivirus.lnk N/A
6 %AppData%\OpenCloud Antivirus\ N/A
7 %StartMenu%\OpenCloud Antivirus\OpenCloud Antivirus.lnk N/A
8 OpenCloud Antivirus.exe 028589c3bd57d4ba452360d5432b2c50 0
9 jfurhdsuw.exe 83bb95152a706e21a3efcdee52156ef3 0
10 kdsyxx.exe e91ce745c8854e2c9d2d1122cfa4a1b6 0
More files

Registry Details

OpenCloud Antivirus creates the following registry entry or registry entries:
Directory
%AppData%\OpenCloud Antivirus
RegistryKey
HKEY_CLASSES_ROOT\exefile\shell\open\command "(Default)" = 'C:\Program Files\conhost.exe "%1" %'
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\C0AB6693AB3202B4B9D95716ED5CE4A6\SourceList

More Details on OpenCloud Antivirus

The following messages associated with OpenCloud Antivirus were found:
Security Warning
Malicious programs that may steal your private information and prevent your system from working properly are detected on your computer.
Click here to clean your PC immediately.
Security Warning
There are critical system files on your computer that were modified by malicious software.
It may cause permanent data loss.
Click here to remove malicious software.
Security Warning
Your computer continues to be infected with harmful viruses. In order to prevent permanent loss of your information and credit card data theft please activate your antivirus software. Click here to enable protection.
svchost.exe
svchost.exe was replaced with unauthorized program.
It has encountered a problem and needs to close.
If you were in the middle of something, the information you were working on might be lost.
Please tell Microsoft about this problem.
We have created an error report that you can send to us. We will treat this report as confidential and anonymous.
Warning!
The file "taskmgr.exe" is infected. Running of application is impossible.
Please activate your antivirus software.
Warning! Infection found
Unauthorized sending E-MAIL with subject "RE:" to was CANCELLED.
Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Name: Zeus Trojan
Publisher: Unauthorized
Windows Security Center
Serious security vulnerabilities were detected on this computer. Your privacy and personal data may be unsafe. Do you want to protect your PC?

Related Posts

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.