OpenCloud AV is a program that was released by the same scammers who let OpenCloud Antivirus or OpenCloud Security into the wild. Unlike regular anti-virus software, it has no capabilities to detect or remove viruses and reports only invented threats in order to scare its victims. Please do not confuse the rogue program with an open source project called OpenCloudAV, hosted on www.opencloudav.com. The legitimate OpenCloudAV is a multi-engine based malware analysis service from the network cloud. It has nothing to do with the fake one and cybercrime. However, this is a very good example how scammers can manipulate to suit their own needs. The rogue OpenCloud AV spreads through trojans and security holes in people’s computer systems, so most of its intrusion cases stay unnoticed. However, you can simply avoid OpenCloud AV infiltration by installing licensed versions of anti-virus and anti-spyware programs. In addition, as soon as you notice any of the following signs of the virus, remove Open Cloud AV.
According to security experts, OpenCloud AV acts just like a regular rogue anti-spyware. As soon as it manages to get inside the system, it modifies it by adding few new keys in Windows Registry and prepares itself to launch every time PC is rebooted. Malware starts ‘scanning’ the system additionally and always claims the same story about numerous viruses detected. You can also be sure that you will receive numerous of its popup ads and scanners saying the same thing. OpenCloud AV was also noticed to cause browser redirections to various websites also promoting its license or other things that shouldn’t be installed on your computer.
Most of its alerts report:
Warning: Infection is Detected
Windows has found spyware infection on your computer!
Click here to update your Windows antivirus software
Windows Security Alert
To help protect your computer, Windows Firewall has blocked some features of this program.
Do you want to keep blocking this program?
Warning! Infection found
Unwanted software (malware) or tracking cookies have been found during last scan. It is highly recommended to remove it from your computer.
Keylogger Zeus was detected and put in quarantine.
Keylogger Zeus is a very dangerous software used by criminals to steal personal data such as credit card information, access to banking accounts, passwords to social networks and e-mails.
The first advice we can give, is to ignore all those alerts saying that your computer is being attacked by Trojans, Worms and other malware. It becomes apparent that the scan is faked and you have OpenCloud AV on your machine. In addition, don’t remove those viruses reported by Open Cloud Antivurus – in reality they are harmless your system files that pose no potential risk for your PC and data on it. And finally, never purchase this malicious program. We highly recommend you to remove OpenCloud AV either manually or with a help of a reputable anti-spyware.
When removing OpenCloud AV, stop all the processes with csrss.exe ending except the one from C:\Windows…. or one of its subfolders . Additionally, download and run GMER and TDSS Killer because this virus always comes with rootkit and finally run a full system scan with STOPzilla anti-spyware to remove OpenCloud AV leftovers.
OpenCloud AV manual removal:
Delete registry values:
HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http=127.0.0.1:59232
c:Windows[random numbers].exe, which might be hidden due to rootkit