Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • Annoying Pop-up's
  • Slow Computer

Windows Cleaning Tool

Windows Cleaning Tool is a fake security program which comes forth with a notorious background behind its back. It is a direct clone of Windows Risks Prevention, Windows Precautions Center, Windows Troubles Solver and many other fake antispyware applications which look exactly the same and all come from the Fake Microsoft Security Essentials scam. Windows Cleaning Tool also has exactly the same interface as its predecessors, so it is obvious what one is supposed to expect from this computer threat.

Download Spyware Removal Tool to Remove* Windows Cleaning Tool
  • Quick & tested solution for Windows Cleaning Tool removal.
  • 100% Free Scan for Windows

This rogue is distributed via Trojan infections. You might be infected already and have the infections crippling your computer without you even knowing it. Windows Cleaning Tool starts its way into your system with a relatively small alert with says that Unknown Win32/Trojan was detected in your computer. Here is what it says:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click 'show details' to learn more.

If you click to “show details” you will be urged to perform a quick system scan after which the infection will tell you that the Trojan which is plaguing your system is called Trojan.Horse.Win32.PAV.64.a. Take notice that all the previous versions of this rogue also have “detected” the very same infection. This shows that not much effort is put into creating new versions of the rogue, they are simply being released as if low-quality goods right off a conveyer belt.

Once Windows Cleaning Tool “detects” the infection it then sends you this message informing you about the supposed solution to your problem:

Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press 'OK' to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

Once you press “OK” Windows Cleaning Tool will be downloaded and installed in your computer, and then it will perform a fake system scan, giving a very low overall security rating and finding a lot “dangerous” errors. The rogue will press you to fix these errors, but it will not allow you to do it in a simple way. The only reason why Windows Cleaning Tool is in your computer is money and the rogue will try to rip you off offering to purchase the full version of the program, because only the full version can “delete” all the viruses from your computer.

Do not fall for this despicable trick. Remove Windows Cleaning Tool from your computer as soon as you can, before it manages to slow down your computer to the point of now return. You can do it either manually or automatically, although manual removal requires a lot more computer knowledge, so if you are afraid to experiment, invest in a reliable antispyware tool and delete Windows Cleaning Tool for good.

Download Spyware Removal Tool to Remove* Windows Cleaning Tool
  • Quick & tested solution for Windows Cleaning Tool removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Cleaning Tool

Files associated with infection (Windows Cleaning Tool):

%AppData%\Microsoft\[random].exe

Processes to kill (Windows Cleaning Tool):

%AppData%\Microsoft\[random].exe

Remove registry entries (Windows Cleaning Tool):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.