Posted: March 19, 2011
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
|First Seen:||March 21, 2011|
|Last Seen:||January 29, 2019|
The rogue program CleanThis is a copy of older malware threats like ThinkPoint and shares in their aggressively debilitating behavior. Although CleanThis might look like software that can help you clean malware from your computer, it has no affiliation with Microsoft and is a fraudulent product that shuts down programs while generating misleading error messages. Because this rogue product disables so many parts of your PC, you should remove CleanThis whenever you find it to be lurking on your hard drive. Until then, your computer's security will be seriously compromised!
Far from Clean Software
CleanThis shares a trojan-based delivery method with many other rogue applications, and can be injected by the widespread fake Microsoft Security Essentials Alert trojan. This trojan can drop an incredible variety of rogue programs; the key to stopping it is to notice the unusual error message and react with appropriate defensiveness. Here's the message you should watch out for:
Microsoft Security Essentials Alert
Potential threat details
Microsoft Security Essentials detected potential threats that might compromise your privacy or damage your computer. Your access to these items may be suspended until you take an action. Click ‘Show details’ to learn more.
After this, the trojan will alert you to the fake presence of an 'Unknown Win32/Trojan,' which, after a few more click-throughs will be revealed as a more specific trojan infection type. This infection doesn't exist and is only warned to get you to willingly download CleanThis or another rogue program. If you see these messages, reboot your system into Safe Mode and take steps to rid yourself of the trojan. Otherwise, CleanThis may be installed even if you try to avoid it.
Getting loaded down with CleanThis will inflict many different problems on the PC, all of which are caused by this rogue program or its helping trojan:
- CleanThis will take over your desktop and your system in general, loading itself before everything else and preventing you from accessing most of your PC's interface. You may or may not be allowed to use shortcuts, et cetera as per the norm after waiting through a fake scan on CleanThis's part. If CleanThis does scan your PC, it will pretend to find malware each and every time - because it's not even looking for real threats!
- A secondary symptom of CleanThis infection is a number of warning messages different from the ones caused by the trojan that delivered it. These errors are just as false, but shouldn't be completely ignored - they can prevent you from seeing real errors and may contain links to malicious websites.
- Different programs are also completely disabled by CleanThis. Your Windows Task Manager, Control Panel, Registry Editor and anti-virus software are all prime targets for CleanThis to block off. This particularly dangerous functionality makes CleanThis a real threat to your computer's security, even if it's not causing active damage.
Cleaning Out CleanThis
Although CleanThis will keep on telling you that you should register it to fix your PC back up to perfect health, this is just a scam designed to steal your money and personal information. Users who've fallen for this trick and given up their credit card information should talk to their credit card company and get charges revoked; most companies will allow this in a case of such clear-cut fraud.
Disable CleanThis through whatever methods you need to regain access to all your blocked programs, since trying to delete CleanThis while the rogue program is still running may result in failure. Since there have been cases reported of CleanThis running even in Safe Mode, specialized anti-malware software solutions may be required. However, the rogue product CleanThis is based on has been around for more than long enough for good solutions to be developed by the industry, so you have nothing to fear!
While removing CleanThis, be particularly cautious to remove any infections that are linked to it, too. The fake Microsoft Security Essentials Alert trojan is paired with CleanThis in most cases and can drop other rogue software like Red Cross Antivirus, and Major Defense Kit and, of course, ThinkPoint. Take care to remove CleanThis and its malware friends completely the first time, and you'll save yourself the bother of having to do it a second time later.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to CleanThis may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.The following files were created in the system:
%AppData%\gog.exeFile name: gog.exe
Size: 602.62 KB (602624 bytes)
Detection count: 34
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 21, 2011
|1||The application taskmgr.exe was launched successfully but was forced to shut down due to security reasons.|
This happened because the application was infected by a malicious program which might post a threat for the OS.
It is highly recommended to install the necessary heuristic module and perform a full scan of your computer to exterminate malicious programs from it.