CleanThis is a fake rogue anti-spyware program that is part of the Fake Microsoft Security Essentials infection.
When this infection is installed on your computer it will display a fake Microsoft Security Essentials alert that states that it has detected an Unknown Win32/Trojan on your computer. It will then prompt you to scan your computer, which will start a fake scan of your computer that ultimately states that C:\Program Files\Messenger\msmsgs.exe is infected with Trojan.Horse.Win32.PAV.64.a and that it will install CleanThis to remove the virus. It will then prompts you to press the OK button, which will reboot your computer to finish the installation.
When your computer reboots you will be presented with the CleanThis start screen before your normal Windows desktop is shown. It then prompts you to scan your computer, which will state that your computer is infected with numerous infections. It will not, though, allow you to use your computer as the Windows desktop or the Windows task manager will not be allowed to run until you purchase the CleanThis program.
Kill malicious Processes from Task Manager:
Location of the infection:
- %UserProfile%\Application Data\completescan
- %UserProfile%\Application Data\gog.exe
- %UserProfile%\Application Data\install
- HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon - Shell = “%AppData%\gog.exe”
Although it is possible to manually remove CleanThis, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend malware and spyware removal applications.