How to remove CleanUp Antivirus

Home » Rogue Anti-Spyware » CleanUp Antivirus Repair and protect your computer easily. Download CleanUp Antivirus removal tool

CleanUp Antivirus description

CleanUp Antivirus is a rogue anti-spyware program which is also a copy of Security Antivirus malicious application. Malware usually spreads via trojan. Trojan enters the system through its vulnerable places and leaves a backdoor for CleanUp Antivirus  to sneak. This parasite lies within your PC and installs itself automatically.

Once user starts the machine malware also begins its fake scans and shows fraudulent results. This is its way to trick user into purchasing illegal CleanUp Antivirus security tool. It is not able to process any security actions. Just ignore this scam. It can’t infect your computer unless you’ll buy this fake security tool. Then it may cause you serious problems. Other wise choose decent anti-spyware program and terminate the parasite.

How to get rid of CleanUp Antivirus

This infection can be removed using Spyware Doctor.

Download does not start? Try a mirror download here
Spyware Doctor is widely valued as one of the best AntiSpyware programs available to protect you from CleanUp Antivirus and the latest internet security threats. If your computer is infected with CleanUp Antivirus we strongly recommend automatic spyware scanner.

How to manually remove CleanUp Antivirus

To get rid of spyware such as CleanUp Antivirus you need to remove processes, search and delete registry keys, DLL and other CleanUp Antivirus related files from your computer.

Take Note: The manual process of removing spyware from your computer is difficult and puts you at risk of damaging your computer. We advise using our automatic CleanUp Antivirus remover.

1. Uninstall CleanUp Antivirus from Control Panel
   Start > Settings > Control Panel > Add/Remove Programs. Double click to uninstall.
2. End these CleanUp Antivirus processes:
   PE.exe
   grid.exe
   CU345d.exe
   To stop processes press Ctrl + Alt + Del or click Start > Run > type "taskmgr". Select malicious process in the list and click "End Process" button.
3. Unregister CleanUp Antivirus DLL files:
   FS.dll
   DBOLE.dll
   mozcrt19.dll
   sqlite3.dll
   To unregister DLL click Start > Run > type "regsvr32 /u PATH_TO_FILE/FILE.dll"
4. Delete CleanUp Antivirus registry entries: HKEY_CURRENT_USER\Software\3
   HKEY_CLASSES_ROOT\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}
   HKEY_CLASSES_ROOT\CU345d.DocHostUIHandler
   HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=195&q={searchTerms}"
   HKEY_CURRENT_USER\Software\Classes\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=195&q={searchTerms}"
   HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer "PRS" = "http://127.0.0.1:27777/?inj=%ORIGINAL%"
   HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform "Library1.00195"
   HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "CleanUp Antivirus"
   HKEY_CLASSES_ROOT\Software\Microsoft\Internet Explorer\SearchScopes "URL" = "http://findgala.com/?&uid=195&q={searchTerms}"
   HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\Documents and Settings\All Users\Application Data\345d567\CU345d.exe"
   HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List "C:\Documents and Settings\All Users\Application Data\345d567\CU345d.exe"
   HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
   To open registry editor click Start > Run > type "regedit".
   Warning! Manual registry entries editing may cause damage to your system.
   Download Uniblue RegistryBooster 2010 to scan for registry errors.
5. Search and delete these CleanUp Antivirus related files:
   c:\Documents and Settings\All Users\Application Data\345d567\
   c:\Documents and Settings\All Users\Application Data\345d567\46.mof
   c:\Documents and Settings\All Users\Application Data\345d567\CU345d.exe
   c:\Documents and Settings\All Users\Application Data\345d567\CUA.ico
   c:\Documents and Settings\All Users\Application Data\345d567\mozcrt19.dll
   c:\Documents and Settings\All Users\Application Data\345d567\sqlite3.dll
   c:\Documents and Settings\All Users\Application Data\345d567\BackUp\
   c:\Documents and Settings\All Users\Application Data\345d567\CUASys\
   c:\Documents and Settings\All Users\Application Data\345d567\CUASys\vd952342.bd
   c:\Documents and Settings\All Users\Application Data\345d567\Quarantine Items
   c:\Documents and Settings\All Users\Application Data\CUCAISTUA\
   c:\Documents and Settings\All Users\Application Data\CUCAISTUA\CUEWA.cfg
   c:\Program Files\Mozilla Firefox\searchplugins\search.xml
   %UserProfile%\Application Data\CleanUp Antivirus
   %UserProfile%\Application Data\CleanUp Antivirus\cookies.sqlite
   %UserProfile%\Application Data\CleanUp Antivirus\Instructions.ini
   %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\CleanUp Antivirus.lnk
   %UserProfile%\Desktop\CleanUp Antivirus.lnk
   %UserProfile%\Recent\cb.tmp
   %UserProfile%\Recent\CLSV.tmp
   %UserProfile%\Recent\DBOLE.dll
   %UserProfile%\Recent\DBOLE.sys
   %UserProfile%\Recent\eb.tmp
   %UserProfile%\Recent\exec.tmp
   %UserProfile%\Recent\FS.dll
   %UserProfile%\Recent\grid.exe
   %UserProfile%\Recent\pal.drv
   %UserProfile%\Recent\pal.tmp
   %UserProfile%\Recent\PE.exe
   %UserProfile%\Recent\tempdoc.drv
   %UserProfile%\Recent\tempdoc.tmp
   %UserProfile%\Recent\tjd.sys
   %UserProfile%\Recent\tjd.tmp
   %UserProfile%\Start Menu\CleanUp Antivirus.lnk
   %UserProfile%\Start Menu\Programs\CleanUp Antivirus.lnk
   
6. Block CleanUp Antivirus malicious domains:
   www1.savewayforurown-pc.in