Registry Virus Scanner

20 April 2011 Rogue 0 Comment

Registry Virus Scanner is a fake Windows utility application that attempts to mislead computer users with false-positive scan results. After a scan it will show a message stating “Warning: Errors were detected in your computer’s registry.” Also promoted as Registry Cleaner, this fake program has no capability to scan and fix one’s registry. In fact, it was solely developed in the purpose of misleading users and later on entice them to spend for the licensed version of the software. Whether unregistered or paid version of Registry Virus Scanner will not help in fixing computer errors. As a matter of fact, registry errors provided by the scan does not really exists on the system.

Getting infected with malicious software such as Registry Virus Scanner can be prevented an anti-malware program is present on the system. Anti-malware that has real-time scan can block traffics to malicious web sites were Registry Virus Scanner can be obtained. It will also block downloading and execution of any program that were found harmful. If Registry Virus Scanner has already penetrated a computer, immediately remove it by doing a full scan of effective security product. Below is a simple solution and removal tool to get rid of Registry Virus Scanner and all of its files and process dropped on the computer.

Screen Shot Image:

Alias: Registry Cleaner Virus

Damage Level: Medium

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Registry Virus Scanner Removal Procedures

Manual Removal:
1. Press Ctrl+Alt+Del on keyboard to stop process associated to “Registry Virus Scanner”. When Windows Task Manager opens, go to Processes Tab and find and end the following process:
(random characters).exe

2. You need to update your installed antivirus application to have the latest database.
3. Thoroughly scan the computer and any detected threats must be removed. If removal is prohibited, it is best to quarantine the infected item. Manually locating and deleting of malicious files should also be performed. Please see files below that are related to Registry Virus Scanner Virus.
4. Registry entries created by Registry Virus Scanner must also be remove from the Windows system. Please refer below for entries associated to the rogue program. [how to edit registry]
5. Exit registry editor.
6. Get rid of Registry Virus Scanner start-up entry by going to Start > Run, type msconfig on the “Open” dialog box. A windows containing System Configuration Utility will be launched. Go to Startup tab and uncheck the following Start-up item(s):
(random characters).exe

7. Click Apply and restart Windows.

Registry Virus Scanner Removal Tool:

1. Download Malwarebytes’ Anti-Malware (mbam-setup.exe) here and save it on your Desktop.
2. After downloading, double-click on the file to install the application.
3. Follow the prompts and install as “default” only
4. If it prompts to update the database after installation, please proceed.

5. Click “Finish.” Program will run automatically and you will be prompt to update the program before doing a scan. Please update.
6. Scan your computer thoroughly.
7. When scanning is finished, click on the “Show Results”
8. Make sure that all detected threats are marked, click on Remove Selected.
9. Restart the computer.

Note: MALWARE may prevent mbam-setup.exe from downloading and running. You can download and rename this program from a different computer before running it on infected system.

Technical Details and Additional Information:

Malicious Files Added by Registry Virus Scanner:
%PROGRAM_FILES%\Registry Virus Scanner
c:\Documents and Settings\All Users\Registry Virus Scanner\
c:\Documents and Settings\All Users\Start Menu\Registry Virus Scanner\

Registry Virus Scanner Registry Entries:
HKEY_LOCAL_MACHINE\Software\Registry Virus Scanner
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Registry Virus Scanner”