KillAndClean
It is a Rogue Security Program that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false,
misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits. It includes High risk threats are typically installed without user interaction
through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware. These
threats may also collect and transmit personally identifiable information (PII) without our consent and severely degrade the performance and stability of our computer.0
General information:
| Malware Name: |
KillAndClean |
| Malware Type: |
Rogue Security Program |
| Company Name: |
KillAndClean |
| Company URL: |
http://killandclean.com/
|
| Threat Level: |
High Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
KillAndClean ensures the system stability. It frees up hard disk by removing the unnecessary data from the hard disk. It also removes unnecessary programs being loaded at startup to allow for faster system booting. It boosts system performance by
removing device drivers that are no longer in use. Blocks the spyware. Detect and remove spyware or adware from the PC.
Spyware Description:
It is a Rogue Security Program that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with intrusive, deceptive warnings and/or false,
misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits. It includes High risk threats are typically installed without user interaction
through security exploits, and can severely compromise system security. Such threats may open illicit network connections, use polymorphic tactics to self-mutate, disable security software, modify system files, and install additional malware. These
threats may also collect and transmit personally identifiable information (PII) without our consent and severely degrade the performance and stability of our computer.0
Characteristics/Symptoms:
-> False positives work as good to purchase -> False scan results -> Uses inadequate scan/detection scheme -> Uses out of date ref database0
Additional information might be found here:
Processes Running:
KillAndClean.exe
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Documents and Settings\sapna\Desktop\Kill |
634 |
Shortcut |
| C:\Documents and Settings\sapna\Start Menu\Programs\KillAndClean\KillAndClean.lnk |
1528 |
Shortcut |
| C:\Program Files\KillAndClean\warez.dat |
33187 |
DAT File |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\KillAndClean |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
SoftwareKillAndCleanOptions |
EnableMonitor |
| HKEY_CURRENT_USER |
\Software\KillAndClean\Options |
ClearHostsFile |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\KillAndClean |
UninstallString |
