CleanScan
CleanScan is a rogue anti-malware program that displays threat alerts to confuse any victims into paying for a fake, premium disinfection service. Unlike the functions of real anti-malware products, detections from CleanScan installations have no corroboration with real attacks against your computer, and malware researchers have found no compelling reasons to avoid classifying CleanScan as scamware. Although current samples of this fraudulent software lack advanced defensive measures, a good rule of thumb is to use dedicated anti-malware tools to remove all threatening software, including using them to remove CleanScan.
The Dirt behind CleanScan's Scans
CleanScan, sometimes detected as a PUP, a FraudTool or even a variant of the Artemis Trojan, is threatening software that imitates the outer appearance of real anti-malware scanners. However, rather than providing the appropriate security functions, CleanScan displays fake warnings about your PC's health. These alerts may include imitative system scans that show inaccurate infection results, as well as other, generalized pop-ups.
CleanScan borrows its skin from the family, and, like most members of that family, specializes in targeting residents of South Korea. Although its interface is almost entirely in Korean, PCs of other regions visiting compromised sites associated with CleanScan also could be at risk of being attacked. The Onescan family especially is noted for its abuse of exploits that could install its members, like CleanScan, onto your computer as soon as the relevant website loads.
Unlike some other, more well-developed scamware families, CleanScan, and its variants have no histories of blocking real security software or engaging in major attacks besides loading fake security features. However, malware experts have found many variants of Onescan updating themselves, which could allow for the inclusion of new features to CleanScan automatically. The same backdoor connection also may be used to notify CleanScan's administrators of the original infection.
Cleaning Up after a CleanScan Attack
CleanScan's is meant to deliver revenue to third parties by imitating the features of a software product, but can provide none of the functions CleanScan promotes, and its purchase is heavily discouraged. Your response to any visible signs of CleanScan, SpeedCure, Dr.Boan or similar scamware always should treat these scamware products as threatening software whose removal is necessary for your PC's security. Likewise, any information delivered through CleanScan's fraudulent company website or entered during its registration must be assumed to be in third parties possession.
CleanScan family members include
Many, but far from all brands of anti-malware products have historically good rates for detecting Onescan variants like CleanScan. Taking all steps needed to block CleanScan (and other threats) from launching, and then scanning your PC with real anti-malware products, should provide the simplest method of deleting CleanScan with no side effects. With respect to prevention, malware experts merely encourage using safe browser practices, installing all updates routinely and avoiding domains that are well-known for their links to rogue security products like CleanScan.
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "CleanScan"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.