CleanUp Antivirus
Posted: March 8, 2010
Threat Metric
The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to
give every identifiable malware threat. Our Threat Meter includes several criteria based off of
specific malware threats to value their severity, reach and volume. The Threat Meter is able to give
you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count,
Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic
breakdown of how all threats are ranked within our own extensive malware database. The scoring for
each specific malware threat can be easily compared to other emerging threats to draw a contrast in
its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to
remove a threat or pursue additional analytical research for all types of computer users.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 1,009 |
| First Seen: | March 15, 2010 |
|---|---|
| Last Seen: | August 17, 2022 |
| OS(es) Affected: | Windows |
CleanUp Antivirus is a rogue antivirus program from the FakeVimes family. CleanUp Antivirus enters the system stealthily and is often installed after you click to download an update for your PC, or use a corrupt online scanner. CleanUp Antivirus will try to convince you that your PC is in danger. The hackers behind this scam want your money and will urge you to purchase a useless copy of CleanUp Antivirus. Remove CleanUp Antivirus using a proven antivirus program before it causes havoc on your computer.
The CleanUp Antivirus' family is a huge family that has, among its members, Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall and Smart Security.
Aliases
Trojan.Win32.FakeAV [Ikarus]TrojWare.Win32.FraudTool.CuAV.~GGI [Comodo]Trojan.Win32.FakeAV!IK [a-squared]Trojan.Win32.Generic!BT [Sunbelt]Trojan:W32/FakeAlert.MJ [F-Secure]Suspicious.Insight [Symantec]Trojan.Win32.Generic.pak!cobra [Sunbelt]Mal/FakeAV-BW [Sophos]Suspicious file [Panda]Trojan.Win32.Bredolab [Ikarus]Win32:MalOb-AJ [Avast]Trojan.Win32.Bredolab!IK [a-squared]
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclnwiz.dll
File name: dskclnwiz.dllSize: 39.93 KB (39936 bytes)
MD5: f12fb43e151c075bc38fcec32c7cb6b8
Detection count: 625
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: October 7, 2010
%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclnwiz.dll
File name: dskclnwiz.dllSize: 39.93 KB (39936 bytes)
MD5: 81522af9cd6761a169b107d58eb09ff3
Detection count: 126
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: October 7, 2010
CUa42e.exe
File name: CUa42e.exeSize: 2.69 MB (2696192 bytes)
MD5: 2d2b0eb9df0f9d78df7ae6f765cdb553
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 25, 2010
CU00c4.exe
File name: CU00c4.exeSize: 3.02 MB (3020800 bytes)
MD5: 6780f54391729872d84c6df7cf32ca2d
Detection count: 96
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 6, 2010
CU6e0b.exe
File name: CU6e0b.exeSize: 2.03 MB (2038272 bytes)
MD5: 77c5ca0b088c02ec12fb829d5ebf9bab
Detection count: 73
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 25, 2010
CUfa07.exe
File name: CUfa07.exeSize: 2.69 MB (2693120 bytes)
MD5: f5324ebe5c89238c957e6dbd0f9a7dc0
Detection count: 72
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 25, 2010
CUe222.exe
File name: CUe222.exeSize: 2.7 MB (2704384 bytes)
MD5: 1f0a43a571c3a349a993d7ae017f7a03
Detection count: 71
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 25, 2010
CUa36c.exe
File name: CUa36c.exeSize: 2.03 MB (2037760 bytes)
MD5: ea1986dad67f5eaeaa5ec8c040a3130d
Detection count: 70
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 25, 2010
%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclnwiz.dll
File name: dskclnwiz.dllSize: 39.93 KB (39936 bytes)
MD5: abf4d87d727d6d8573834d4360124e1e
Detection count: 61
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: October 7, 2010
CUc42a.exe
File name: CUc42a.exeSize: 2.69 MB (2696704 bytes)
MD5: 1c27851b94a980d2eecca3b366e17104
Detection count: 56
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: March 19, 2010
CUdccb.exe, xp_c47b6[1].exe
File name: CUdccb.exe, xp_c47b6[1].exeSize: 2.69 MB (2697216 bytes)
MD5: 74b98cf1fcb66e93641a9d2748318639
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: August 17, 2022
CUe74.exe
File name: CUe74.exeSize: 3.15 MB (3159552 bytes)
MD5: 069e2b58d8e867a929109dd799a097a4
Detection count: 11
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: April 27, 2010
%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclnwiz.dll
File name: dskclnwiz.dllSize: 39.93 KB (39936 bytes)
MD5: ae08c77586fa716afc0108101a3893f2
Detection count: 9
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: October 7, 2010
%USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard\dskclnwiz.dll
File name: dskclnwiz.dllSize: 39.93 KB (39936 bytes)
MD5: 817ecb3a07cf8e232381e2e707116c13
Detection count: 5
File type: Dynamic link library
Mime Type: unknown/dll
Path: %USERPROFILE%\Local Settings\Application Data\Desktop Cleanup Wizard
Group: Malware file
Last Updated: October 7, 2010
Registry Modifications
The following newly produced Registry Values are:
File name without pathCleanUp Antivirus.lnk
File name without pathCleanUp Antivirus.lnk
Additional Information
The following directories were created:
%AppData%\CleanUp Antivirus
it helps
The person responsible for cleanup antivirus virus is a business law college professor named Raymond Christopher Bratschi. He is the one responsible for creating the software.
i CAN NOT ROMOVE CLEAN UP ANTIVIRUS FROM MY COMPUTER. PLEASE HELP ME.
Im new to this and i keep getting a screaming noise then some kind of engine system saying my details are being stolen, so far i have deleted almost everything that i was doin, which is over twelve months work, and the bl...y thing keeps coming back.
If my daughter is logged on to her guest site it does not happen.
I need help.
It says that I have trojans.
Regards
Graham