Jump to content
Posted 04 October 2011 - 02:14 PM
Posted 04 October 2011 - 02:19 PM
Posted 04 October 2011 - 03:21 PM
Posted 04 October 2011 - 04:06 PM
Posted 04 October 2011 - 07:28 PM
Posted 04 October 2011 - 09:58 PM
Posted 04 October 2011 - 10:12 PM
Posted 05 October 2011 - 08:04 AM
Will MBAM run now?
Posted 05 October 2011 - 09:28 AM
Posted 05 October 2011 - 10:01 AM
I would like to offer a bit of help if allowed.
You can access the task manager with this virus if you log off, then log back in. While the machine is logging back in repeatedly press Ctrl+Shift+Esc.
You can then access the running processes and kill the OpenCloud process before it has a chance to start and cause trouble. The OpenCloud process is normally a jumble of letters and numbers.
From my experience, I believe this virus exploits someting in Java. I have had good results with keeping this one away by uninstalling Java until the cleanup process is complete, then reinstalling. Most of the infected machines that have come through my shop have had a very old version of Java installed, along with the newer updates.
This virus includes the ZeroAcess rootkit as well. That must be removed, and Comboix will handle that.
Please though, dont run Combofix until an experience board member tells you to do so.
I hope this short post will be a help to anyone who reads it.
Posted 05 October 2011 - 10:41 AM
Posted 05 October 2011 - 10:50 AM
Edited by coldnorth, 05 October 2011 - 10:56 AM.
0 members, 0 guests, 0 anonymous users