How to Remove Registry Cleaner
Level of difficulty: Intermediate
The Registry Cleaner application is also known as System Registry cleaner. It is fake computer clean-up software. The software will pretend to scan the system. It will alert users of supposed errors found in the system. Users are told to purchase its full version to remove all the harmful elements it found. The application will also generate several pop-up advertisements to entice the user to buy the product.
Materials Needed:- Administrative access to the computer
- installed anti-malware program
Step 1
Open the 'Control Panel'. It is often found in the 'Start' Menu of most Windows Operating Systems. Once the window is opened, click on 'Add or Remove Programs'. Wait for the list of installed programs to be populated. Check if the Registry Cleaner application is included. If it is, click the 'Remove' button.
Step 2
If the malware program is not included in Add/Remove Programs, try using an anti-malware application. Scan the system and check if the Registry Cleaner software is detected. If it is, use the software to clean the computer and remove the malicious components.
Step 3
If the security software does not detect the malicious software, the components need to be removed manually. Restart the computer. During boot-up, press F8 before the Windows icon appears. A menu will appear showing several options. Click on the option to run Windows in Safe Mode.
Step 4
Look for Registry Cleaner processes and delete them. These are reportedly reglclean.exe, rcuuninstall.exe, uninstregclean.exe, unwise.exe, soref_regclean.exe, regclean.dll, and soref.dll. These processes are often stored in the Registry Cleaner Trial folder in the Program Files directory. Make sure to empty the Recycle Bin after deleting the files.
Step 5
After the components have been deleted, the registry entries created by the program have to be deleted. The computer can be restarted to run in normal mode. Remove all the other components of the rogue clean-up application. These are also stored in the program folder in the Program Files directory. These include install.log, license.rtf, regclean.ini, tmp.edb, and registry cleaner.chm.
Step 6
The registry entries added by the software need to be removed as well. This can be done by getting a legitimate registry cleaner. It can also be done manually.
Step 7
Before making changes to the system registry, make sure to back up the current settings. Access the rstrui.exe process located in the file path %SystemRoot%\system32\restore\. This will open a program window entitled 'Welcome to System Restore'. Choose the option to create a restore point and click next. Create a name for the restore point and click 'Create'. Close the program window after the restore point has been created.
Step 8
Open the registry editor. Click on 'Start' Menu and select 'Run'. This will open a command line prompt. In the field beside 'Open', type 'regedit'. This will open the registry editor. Search for the registry entries created by the program and delete them. These are listed as: HKEY_CLASSES_ROOT\clsid\{205ff73b-ca67-11d5-99dd-444553540013}, HKEY_CLASSES_ROOT\clsid\{5fce5f25-b51e-2e50-ed07-ad26b874e903}, HKEY_CLASSES_ROOT\typelib\{205ff72e-ca67-11d5-99dd-444553540013}, HKEY_CURRENT_USER\software\registry cleaner, HKEY_CURRENT_USER\software\registry cleaner\registry cleaner, HKEY_CURRENT_USER\software\registry cleaner\registry cleaner\1.0, HKEY_CURRENT_USER\software\registry cleaner\registry cleaner\1.0\settings, HKEY_CURRENT_USER\software\softwareonline.com\soref\{334cca36-c1f1-4649-8dae-a46e24911e1b}, HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\registry cleaner, HKEY_LOCAL_MACHINE\software\registry cleaner,HKEY_LOCAL_MACHINE\software\registry cleaner\uninstall.