Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

OpenCloud Security virus


  • This topic is locked This topic is locked
7 replies to this topic

#1 squeaks70

squeaks70

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:07 AM

Posted 22 September 2011 - 09:24 AM

http://www.bleepingcomputer.com/forums/topic419746.html/page__pid__2414376#entry2414376
http://www.bleepingcomputer.com/forums/topic419746.html/page__view__getnewpost

Hello,

I hope I inserted the link from the Am I Infected? forum correctly. I have the OpenCloud Security virus on my personal computer at home. I have no way of accessing anything including backing up anything. At this point I have no idea what to do. And was sent to you by Broni. I hope you can help. Once I leave work the only access to internet is via my Blackberry. I don't know how to create screen shots or send logs. I am willing to try anything to get this fixed.

Whatever info you need I will do my best.

Thanks,
squeaks70

BC AdBot (Login to Remove)

 


#2 squeaks70

squeaks70
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:07 AM

Posted 26 September 2011 - 08:54 PM

Well I managed to get the Rkill to run but all of my icons have disappeared. I still have the notepads up. But with no icons I cannot get to the next step. Should I leave the computer on? I really need some help.

#3 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:07 AM

Posted 27 September 2011 - 08:55 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps.
===

This is a bad infection.

We have on the following page the removal instructions.

http://www.bleepingcomputer.com/virus-removal/remove-opencloud-security

I know you have downloaded Rkill and run the application.

I would still ask you to execute the instructions on the page.

If at any time you need help to proceed please ask.

If you can please post the MBAM log.

also,

Please download and run this DDS Scanning Tool. Nothing will be deleted. It will just give me some additional information about your system.

Posted Image
Download DDS and save it to your desktop from here or here.
Disable any script blocker, and then double click dds.scr to run the tool.
  • When done, DDS will open two (2) logs:
    • DDS.txt
    • Attach.txt
  • Save both reports to your desktop.

Please just paste the contents of the DDS.txt log in your next post.

#4 squeaks70

squeaks70
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:07 AM

Posted 27 September 2011 - 01:15 PM

Thank you for responding. I have printed out all the instructions. After, the Rkill ran through, something wiped out my screen. All I have is a black screen with Safe Mode in all four corners; no icons and still no access to the internet. Everytime I go back and check the proxy settings the box remains unchecked. Right now I can only commuicate to you via my work computer or my Blackberry. If I could get the MBAM log, where would I find it? Also, can I download the DDS Scanning Tool to a disk, and download it to my computer at home? I wish you could see what it's been doing. Very frustrated and want to get rid of it.

#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:07 AM

Posted 03 October 2011 - 08:37 AM

Sorry I missed you Sept. 27 post.

Are you still with me?

#6 squeaks70

squeaks70
  • Topic Starter

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:01:07 AM

Posted 03 October 2011 - 08:47 AM

Yes I am.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:07 AM

Posted 04 October 2011 - 08:12 AM

If you do not get an answer from me within 36 hours please send me a Personal message.
===

From your other topic.

I'm running XP.

I have the F2 F12 and F8 for Safe Mode.

It's like the virus knows what I am going to do or try, before I even do it.


What are the options you have when using the F2, F12 and F8

Let me know for each of the F keys.
===

When do you get this error
"PAGE_FAULT_IN_NONPAGED_AREA".

I need to see the additional information such as

Technical Information:

*** STOP : 0x000000xx, ( other numbers in this barcket )
*** a filename ending with .dll or .sys, any other extension, please make a note of it.


xx represent some number.

If you do please post the exact error message .
===

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,957 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:02:07 AM

Posted 09 October 2011 - 08:09 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days. Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users