"clean this" computer scam has taken over,
Solved/Closed
Related:
- "clean this" computer scam has taken over,
- How to clean virtual memory - Guide
- Shein 500 gift card scam - Guide
- How to clean airpods - Guide
- Windows installer clean up - Download - Cleaning and optimization
- Checkr background check scam - Guide
7 responses
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Mar 26, 2011 at 03:56 PM
Mar 26, 2011 at 03:56 PM
Hello Molly,
Were you the one in the film "Ghost"?
Here is how to solve the issue, please ask your hubby to follow my instructions to the letter.
1. Reboot your PC. CleanThis will prevent you from accessing your Desktop. After the system boots up you will be presented with the CleanThis start up screen, denying you access to the Desktop.
2. You will only have the choice of selecting "SAFE START UP" After you select this option, the CleanThis scan will start.
3. Click on the SETTINGS button located next to SUPPORT
then you will be presented with a notification about infected object and check data base.
From there press Alt+F4 and Cleanthis will terminate
4. You will now be presented with a blank screen. Press CTRL + ALT & DEL on the keyboard at the same time, and this should launch the Windows Task Manager
5. Once the Task Manager launches, click on the Applications tab, and click on New Task and then click on Browse
6. Navigate to explore.exe in the Windows Folder
7. Click Open, and then click OK
Now that you have done that, you can open your internet browser and download
To kill the processes:
1. Download to your desktop and run Rogue Kill:
https://download.bleepingcomputer.com/grinler/rkill.com
2. You should now see a window that shows all of your desktop icons, including the rkill.com program.
3. Double-click on the rkill.com in order to automatically attempt to stop any processes associated with the Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the Horse when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . So, please try running Rkill until malware is no longer running.
As a matter of a fact, if you get messages, it is a sign that the virus is agonizing with excrutiating pain, so you can just grin while it is suffering!:)))
Please, DO NOT REBOOT your computer or the processes will come back to haunt you!
Download to your desktop Malwarebyte.
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Once on your desktop, we must still outwit the virus.
Right click on the MBAM icon and click on rename. Rename it kioskea.exe.
Install Malwarebyte and launch it. From the second tab, update it.
Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.
It is very important that you let Malwarebyte run for as long as it takes, in some cases the creators of Malwarebyte suggest that you go do something like watch a rerun of "Gone with the Wind" or read Tolstoy's "War and Peace".
Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.
This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.
(Malwarebyte may reboot your computer, don't be alarmed. Should it happened, relaunch Malwarebyte to complete the FULL scan)
Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.
Please let us know about the results or I may throw a curse on your system which will cause it to bark all the time.:)))
Best regards
Were you the one in the film "Ghost"?
Here is how to solve the issue, please ask your hubby to follow my instructions to the letter.
1. Reboot your PC. CleanThis will prevent you from accessing your Desktop. After the system boots up you will be presented with the CleanThis start up screen, denying you access to the Desktop.
2. You will only have the choice of selecting "SAFE START UP" After you select this option, the CleanThis scan will start.
3. Click on the SETTINGS button located next to SUPPORT
then you will be presented with a notification about infected object and check data base.
From there press Alt+F4 and Cleanthis will terminate
4. You will now be presented with a blank screen. Press CTRL + ALT & DEL on the keyboard at the same time, and this should launch the Windows Task Manager
5. Once the Task Manager launches, click on the Applications tab, and click on New Task and then click on Browse
6. Navigate to explore.exe in the Windows Folder
7. Click Open, and then click OK
Now that you have done that, you can open your internet browser and download
To kill the processes:
1. Download to your desktop and run Rogue Kill:
https://download.bleepingcomputer.com/grinler/rkill.com
2. You should now see a window that shows all of your desktop icons, including the rkill.com program.
3. Double-click on the rkill.com in order to automatically attempt to stop any processes associated with the Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step.
If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by the Horse when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate the processes . So, please try running Rkill until malware is no longer running.
As a matter of a fact, if you get messages, it is a sign that the virus is agonizing with excrutiating pain, so you can just grin while it is suffering!:)))
Please, DO NOT REBOOT your computer or the processes will come back to haunt you!
Download to your desktop Malwarebyte.
https://ccm.net/downloads/security-and-maintenance/4621-malwarebytes-anti-malware/
Once on your desktop, we must still outwit the virus.
Right click on the MBAM icon and click on rename. Rename it kioskea.exe.
Install Malwarebyte and launch it. From the second tab, update it.
Pretty please, request a FULL system scan which should take more than hour. Once the scan is finish, delete all of item that were found.
It is very important that you let Malwarebyte run for as long as it takes, in some cases the creators of Malwarebyte suggest that you go do something like watch a rerun of "Gone with the Wind" or read Tolstoy's "War and Peace".
Once your computer is clean and working normally just to be on the safe side
*Turn off system restore and wait 30 seconds,
*Turn it back on and create a new restore point.
This way it gets rid of anything bad that might have gotten saved in a restore point and you have a clean restore point to use in the near future if needed.
Do not turn it off until your computer is clean and working normally because you might need to use it if something goes wrong during the clean-up process.
It is better to go back to an infected restore point if something goes wrong then to not be able to undo changes that were damaging.
(Malwarebyte may reboot your computer, don't be alarmed. Should it happened, relaunch Malwarebyte to complete the FULL scan)
Once all this is completed, I always suggest to delete Malwarebyte as some people have reported that it may interfere with other antivirus applications.
Please let us know about the results or I may throw a curse on your system which will cause it to bark all the time.:)))
Best regards
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Mar 26, 2011 at 04:35 AM
Mar 26, 2011 at 04:35 AM
Hello Molly,
Can you husband boot in safe mode with networking and then allow him to download. If so, inform me and I will give you the step by step procedure to remove the rogue Trojan Horse.
If he can't get to a download page from the safe mode, I must know if he can access to the task manager.
Regards
Can you husband boot in safe mode with networking and then allow him to download. If so, inform me and I will give you the step by step procedure to remove the rogue Trojan Horse.
If he can't get to a download page from the safe mode, I must know if he can access to the task manager.
Regards
Hello..Thanks very much for the reply. He cannot access the task manager at all. He rebooted in safe mode and the Clean This virus screen pops up and he can go no further. He has the Malwarebytes program on his computer but he cannot access it because of this screen.
I can't thank you enough for all the good instructions. My husband is a happy man and then of course so am I! Peace is restored. No barking thank you very much!
Yes, the one in Ghost.
Best regards and thanks again,
Molly
Yes, the one in Ghost.
Best regards and thanks again,
Molly
Didn't find the answer you are looking for?
Ask a question
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Mar 27, 2011 at 04:42 AM
Mar 27, 2011 at 04:42 AM
Great! You are totally welcome! The pleasure was all mine.
Create a helping chain, help someone else with anything.
Create a helping chain, help someone else with anything.
My daughters lap top had the same virus which she picked up from a facebook site.
I followed Ambucias above chain of instructions with 1 exception. On another computer i downloaded and saved rkill & malwarebyte to usb stick, I kept the stick in the infected laptop thruought the reboots which allowed me to launch rkill the moment i could access task manager.
The virus complained a lot about this but rkill did its job and shut the virus down.
I then ran Malwarebyte as suggested and cleaned up the laptop of all issues.
Great instructions Ambucias thankyou
I followed Ambucias above chain of instructions with 1 exception. On another computer i downloaded and saved rkill & malwarebyte to usb stick, I kept the stick in the infected laptop thruought the reboots which allowed me to launch rkill the moment i could access task manager.
The virus complained a lot about this but rkill did its job and shut the virus down.
I then ran Malwarebyte as suggested and cleaned up the laptop of all issues.
Great instructions Ambucias thankyou
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Mar 28, 2011 at 04:27 PM
Mar 28, 2011 at 04:27 PM
You are totally welcome JW.
You idea about the usb stick was superb... another one bites the dust!:-)
You idea about the usb stick was superb... another one bites the dust!:-)
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Apr 2, 2011 at 04:07 AM
Apr 2, 2011 at 04:07 AM
Ben
What setting screen are you talking about and why alt4?
What setting screen are you talking about and why alt4?
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Apr 3, 2011 at 04:59 AM
Apr 3, 2011 at 04:59 AM
Please, what do you see when you click on the settings button?
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Apr 3, 2011 at 04:54 PM
Apr 3, 2011 at 04:54 PM
1.Download SmitFraudFix on your desktop
https://www.softpedia.com/get/Antivirus/SmitfraudFix.shtml
2.Restart your computer in safe mode then click on the Smitfraufix icon
3.Past the presentation screen a menu will appear, select option 2 and press enter, un menu apparaîtra. Sélectionnez l'option numéro 2, to clean infected files
4.Once done the clean up process will be launched
5.You will be asked if you want to clean the registry, answer yes (y)
6.SmitFraudFix will ask if you wish to replace wininet.dll , answer yes and click enter.
7.Restart your machine
8.You will get a report on all deleted infected files.
9.Again rebbot in safemode
10. Go to C:\Windows\Temp, click on edit select all and delete, cliquez sur
11.Go to C:\Documents and Settings\[shown user]\Local Settings\Temp, clickl on edit, select all and delete
12. Restart you computer in normal mode and download all Windows critical updates.
https://www.softpedia.com/get/Antivirus/SmitfraudFix.shtml
2.Restart your computer in safe mode then click on the Smitfraufix icon
3.Past the presentation screen a menu will appear, select option 2 and press enter, un menu apparaîtra. Sélectionnez l'option numéro 2, to clean infected files
4.Once done the clean up process will be launched
5.You will be asked if you want to clean the registry, answer yes (y)
6.SmitFraudFix will ask if you wish to replace wininet.dll , answer yes and click enter.
7.Restart your machine
8.You will get a report on all deleted infected files.
9.Again rebbot in safemode
10. Go to C:\Windows\Temp, click on edit select all and delete, cliquez sur
11.Go to C:\Documents and Settings\[shown user]\Local Settings\Temp, clickl on edit, select all and delete
12. Restart you computer in normal mode and download all Windows critical updates.
Ambucias
Posts
47310
Registration date
Monday February 1, 2010
Status
Moderator
Last seen
February 15, 2023
11,164
Apr 20, 2011 at 04:00 PM
Apr 20, 2011 at 04:00 PM
Bonjour Yannick from Paris
It all depends on your OS.
Try esc or ctrl+alt+f4
What you want to do is close that window
It all depends on your OS.
Try esc or ctrl+alt+f4
What you want to do is close that window
I launched windows with the safe mode. Then I downloaded Malwarebyte. It founded 2 errors in the key that I erased. I was suprised it did not find more. I restarted the computer but cleanthis is still here
Do you think I should start avast before windows is launched?
Ps: ctrl + alt + f4 did not work
I have windows vista
For the safe mod I used this help: http://www.2-viruses.com/remove-thinkpoint
Thx for your help
Thx
Do you think I should start avast before windows is launched?
Ps: ctrl + alt + f4 did not work
I have windows vista
For the safe mod I used this help: http://www.2-viruses.com/remove-thinkpoint
Thx for your help
Thx
Apr 14, 2011 at 03:51 AM
Apr 14, 2011 at 04:36 AM
Me a star? You are making me blush!
You are totally welcome
Apr 19, 2011 at 02:31 AM
And my computer is free of that horrible germ. But if it was not for you instructions I would still be using a infected computer. Again many thanks.
May 7, 2011 at 11:07 AM
Jun 19, 2011 at 10:59 AM
Followed all steps to the letter (except could not access Internet as advised - opened via IE Explorer on 2ndary user account's desktop).
You mate, are a star who has given his time for nowt. I owe you a pint or dozen - which I'd be happy to buy.
Thank you.