Windows Cleaning Toolkit is a malicious program, which always reports about hundreds of different viruses. In reality, just like previously released Windows Expert Console and other FakeVimes threats, it has no ability to detect or remove any kind of threat because it doesn’t have virus data base and other things that are important for antiviruses. All what this program does is pretending, so you can easily ignore alerts that belong to Windows Cleaning Toolkit. Otherwise, you may lose your money, banking data and other sensitive information. Besides, experts warn that this threat slows down computers and may also download other viruses on them. That’s why you must remove Windows Cleaning Toolkit from the system as soon as you find it there.
HOW CAN WINDOWS CLEANING TOOLKIT INFILTRATE MY PC?
Just like previously released rogue antivirus programs, Windows Cleaning Toolkit is distributed using Trojan horse. Of course, those computers that are protected by latest versions of anti-virus programs can hardly be infected by such virus, but poorly protected systems are vulnerable and people won’t even notice how this Trojan will infiltrate them. As soon as it does that, it initiates several system changes that additionally help for Windows Cleaning Toolkit start its work every time PC is rebooted. As a result, victim starts seeing such alerts:
Please use secure encrypted protocol for torrent links.Torrent link detected!Receiving this notification means that you have violated:- the copyright laws. Using Torrent for downloading movies and licensed software shall be prosecuted and you may be sued for cybercrime and break of law under the SOPA legislation.
Attempt to run a potentially dangerous script detected.Full system scan is highly recommended.
System data security is at risk!To prevent potential PC errors, run a full system scan.
Remember, that Windows Cleaning Toolkit has no ability to check computer for viruses and remove them from there. It is a dangerous rogue anti-spyware, which is use for the only thing – earn the money for hackers. So, you must stay away from its offer to purchase its ‘licensed version’. Instead of that, you should simply remove Windows Cleaning Toolkit from the system.
HOW TO REMOVE WINDOWS CLEANING TOOLKIT?
if you were tricked into purchasing Windows Cleaning Toolkit, you should immediately contact your bank and dispute your payment. As soon as you do that, scan the system with updated anti-spyware. For that we recommend choosing Reimage, Plumbytes Anti-MalwareWebroot SecureAnywhere AntiVirus, Malwarebytes Anti Malware or other reputable anti-malware, which will automatically detect malicious files for you.
The latest parasite names used by FakeVimes:
Windows Cleaning Toolkit manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun "GuardSoftware" = "%AppData%guard-toiy.exe"
HKEY_CURRENT_USERSoftwareMicrosoftWindows NTCurrentVersionWinlogon "Shell"="C:\Users\User\AppData\Roaming\guard-fvtb.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsseces.exe "Debugger"="svchost.exe"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmsmpeng.exe "Debugger"="svchost.exe"