Sign in with
Sign up | Sign in
Your question

What is Clean This Antivirus, I am trying to uninstall it from my nephews comput

Last response: in Windows XP
Share
March 17, 2011 11:19:18 PM

Hello :)  This program was of a link on Facebooks TexasHoldem game page, but i can't find the link to thgeir page. This is a nastey App id trying to uninstall cleanly. Boots up in Safemode with AVG, and AVG is running 4 times in processes at the time.
a b 8 Security
March 18, 2011 11:23:22 AM

boot into save mode with networking.

download and install Malwarebytes.

update it and run a full scan.
m
0
l
March 19, 2011 3:03:20 PM

Symptoms: IE, Google Chrome, Safari, and Task Manager open the scanning tool called Clean This; program loads itself into the Shell upon reboot

I had a program called GOG.exe in the following folder:

C:\Documents and Settings\All Users\Application Data

The shortcut on your desktop will tell you the name and location of the EXE

If you download and run Procmon, you can find the rogue process with that tool, too

1. Strip the NTFS Security from the file by removing Inheritable permissions

2. Open a registry editor, and navigate to

HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

3. Delete the string value called Shell

4. Open a command prompt, and use taskkill to terminate GOG.exe process; you may have to repeat the command more than once

5. Force a restart

6. Use IE and scan from http://safety.live.com

It's not a virus, or spyware... it's a process which hijacks the shell
m
0
l
March 20, 2011 5:02:26 PM

CleanThis is a fake anti-virus application that claims to be a Microsoft product and wants to get you to upgrade to the full version in order to remove the threats which do not even exist on your computer. It constantly displays fake security warnings and pop-up windows saying that your computer is infected with malicious software. Source: http://deletemalware.blogspot.com/2011/03/how-to-remove...

Malwarebytes is not detecting this fake AV at the moment. snaz2000 advice is good, you just need to delete gog.exe and delete Shell value data and the CleanThis malware won't load up anymore. Then scan your computer with Hitman Pro or SUPERAntispyware. Also, run a full system scan with your anti-virus software.
m
0
l
!