Update and Removal Instructions
The easiest way to be safe from these trojans is to make sure that Internet Explorer (IE) is up to date. Instructions for updating IE and removing present infections are available here:
Note: In some cases, even with an updated browser, the trojans are sometimes downloaded, but they are at least unable to activate.
These trojans usually download other trojan/spyware components on the system.
Installation to system
The Openconnection trojans install themselves from a malicious web page that contains a reference to the trojan.
The trojan uses a vulnerability in the classloader system of Microsoft Java runtime, that allows the malicious applet to break out of the sandbox, and gain same access as any other executable running with users permissions.
Further information about the vulnerability in the Microsoft Java VM, including a fix, is available at: