BSOD - problems with RegCleanPro

Page 1 of 3 123 LastLast

  1. Posts : 25
    Win7 Home Premium (x64), SP1
       #1

    BSOD - problems with RegCleanPro


    Hi - my first post so please bear with me!

    My Norton found and removed RegCleanPro. I searched the web and every result said it was crapware (OK to say that, here?).

    I then searched my PC and the results showed it is a Registry Console Tool located in C:\Windows\System32. So it seemed to be a Windows application, not crapware.
    I then searched again to be sure but I did a typo - I input Reg Cleen Pro. And back came the same 'safe' result.
    Even searching for Reg Cleeeeeeeeeeeeen Pro brought the same result - a file with that name is in Windows System 32!
    Norton said it had removed it as did a scan just now with AdwCleaner.

    So why is it that when I search my laptop using 'Start/Search for file or program' and put in a corrupted version of the spelling, it stills returns a window saying that that file exists?

    PS I could upload images using the 'Scenic' icon above so was relieved to see the Additional Options box below. I guess I should now read the Forum Procedures!
    Attached Thumbnails Attached Thumbnails BSOD - problems with RegCleanPro-snip-regcleanpro.png   BSOD - problems with RegCleanPro-snip-reg-cleeeeeeeeeen-pro.png  
      My Computer


  2. Posts : 25
    Win7 Home Premium (x64), SP1
    Thread Starter
       #2

    just checking that I ticked the "email me when reply" box.
      My Computer


  3. Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       #3

    Have you run a scan with Malwarebytes yet? If not, D/L & run a full system scan. The free version will work fine. Just be sure to uncheck the "Start 14 day free trial" at the end of the installation. Do a full system scan & see what it finds. Quarantine anything it finds & then see if the program has been eliminated.

    Also, this link will guide you through removal

    Remove RegClean Pro (Virus Removal Guide)
      My Computer


  4. Posts : 25
    Win7 Home Premium (x64), SP1
    Thread Starter
       #4

    Hi Borg. MBAM scanned as clean. AdwCleaner found several items but in my ever-growing cranky mood, I must have hit exit instead of save.
    But the thing that bothers me is, assuming I haven't got this nasty on my PC why is it that when I search my PC I get a hit, something described as a Registry Console Tool in my Windows/System32 folder? (I've checked that but can't find such a file.
    If you search in Start-search programs and files for 'reg clean' do you get a hit? (Just wondering if it's a MS problem. or if MS uses something like it in its Registry Console - assuming it has one!
    PS Just realised I shouldn't have used BSOD in my heading - I copied the example given for newbies and have only just realised what it means.
      My Computer


  5. Posts : 7,781
    Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
       #5

    There is a exe in Win called Registry Console Tool. Yes, it is listed on my system also.

    Reg.exe - What is reg.exe? - Registry Console Tool

    When Malwarebytes finds something, make sure it quarantines anything it finds. Quarantine isolates it from the system & renders it inoperable. Keep the items in quarantine for a bit just in case any problems are caused by removing a file. If after a week, everything is running fine, feel free to clear the quarantine.

    If you have run the programs listed on the page to remove Reg Clean Pro & everything comes up clean, then it might be out of your system. I say "might" because malware tends to invite other nasties to a PC. Keep an eye on your PC & it's behavior & run regular scans with Malwarebytes.
      My Computer


  6. Posts : 25
    Win7 Home Premium (x64), SP1
    Thread Starter
       #6

    Many thanks, Borg. Very helpful. There's a Free-to-try scanning program mentioned in that link - Auslogics Antivirus. It's currently unavailable but I'll try again later.
    BTW, when I earlier "AdwCleaner found several items but in my ever-growing cranky mood, I must have hit exit instead of save." I should have added that as a result I didn't save the results of that scan.
    Thanks again for your help. I think that I can now stop investigating 'reg clean pro', and stop worrying about it but as you say, I'll remain vigilant. Cheers.
      My Computer


  7. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #7

    Hi Taffy078,

    AdwCleaner should have saved a log here > C:\AdwCleaner\AdwCleaner[Sx].txt

    x denotes how many logs are present. Under Date Modified, choose the time you ran it where you saw what it had found.

    Double-click AdwCleaner.exe to run the tool again.

    • Click the Scan button.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • AdwCleaner will begin to scan your computer like it did before.
    • After the scan has finished, this time click on the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

      Next:

      Let's make sure that RegCleanerPro has been completely removed:

      Please download OTL to your Desktop
      • Double click on the to run the program. On Vista/Win7 or 8 right click select Run As Administrator to start the program. If prompted by UAC, please allow it.
      • Make sure all other windows are closed and to let it run uninterrupted.
      • Click the Scan All Users checkbox
        and
      • Check the option for All under the Extra Registry section
      • Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan won't take long.
        • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
        • Please copy (Edit->Select All, Edit->Copy) the contents of these files and post them in your topic




      • OTL.txt <-- Will be opened, maximized
      • Extras.txt <-- Will be minimized on task bar.


      Please post the contents of both OTL.txt and Extras.txt files in your next reply.

      In your next reply, please post the following logs:

      AdwCleaner[S0].txt
      OTL.txt
      Extras.txt
      My Computer


  8. Posts : 25
    Win7 Home Premium (x64), SP1
    Thread Starter
       #8

    Reg Clean Pro / AdwCleaner / OTL


    Hello DonnaB!

    Many thanks for your speedy and most helpful reply. Here are the files you wanted. I just made one change in the OTL scan; the default was for 30 days and because the Norton scan that found Reg Clean Pro was a little older I changed it to 180 days. Hoping this makes sense!
    BSOD - problems with RegCleanPro Attached Files
      My Computer


  9. Posts : 163
    Win7 64-bit, Vista 32-bit, XP 32-bit, W2K 32-bit (VM)
       #9

    Hi Taffy078,

    The logs look pretty good. I did find a few things that need to be tended to, though I would like for you to run the following scan to see what it finds. If anything is found, we can add those files to my OTL to "kill 2 birds with one stone", so to speak. The scan can take quite a while to complete because it is thorough, so your patience will be necessary.

    Please do the following:

    ESET Online Scanner

    Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.


    • Please go >>HERE<< then click on:

      Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on the icon to install.

      All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
    • Select the option YES, I accept the Terms of Use then click on:
    • When prompted allow the Add-On/Active X to install.
    • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
    • Now click on Advanced Settings and select the following:
      1. Scan for potentially unwanted applications
      2. Scan for potentially unsafe applications
      3. Enable Anti-Stealth Technology



    • Now click on:
    • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
    • When completed the Online Scan will begin automatically.
    • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
    • When completed make sure you first copy the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt
    • Copy and paste that log as a reply to this topic.
    • Now click on:
      (Selecting Uninstall application on close if you so wish)



    Thank you,
    Donna :)
      My Computer


  10. Posts : 25
    Win7 Home Premium (x64), SP1
    Thread Starter
       #10

    ESET scan update


    Hi Donna.

    I opened the logfile in Program Files (x86) - all that's there is this:


    ESETSmartInstaller@High as CAB hook log:

    OnlineScanner64.ocx - registred OK

    OnlineScanner.ocx - registred OK

    Is this what you were expecting, please?
    Just in case, I've attached a snip of the final screen showing the Trojan that was found (and is still present, of course).

    Attached Thumbnails Attached Thumbnails BSOD - problems with RegCleanPro-snip-eset-scan-results-17-nov-2014-15-30.png  
    Last edited by Taffy078; 17 Nov 2014 at 10:52. Reason: remove lines of spaces
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 20:46.
Find Us