Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

So I'm needing a little help with Reg Clean Pro..


  • Please log in to reply
3 replies to this topic

#1 Kinohki

Kinohki

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:08 PM

Posted 16 November 2014 - 08:42 PM

Hello everyone. So I've done a few Reg Clean Pro removals in my time. It's usually pretty simple to just run a Revou tool and remove it that way or manually uninstall it. Well my dad has a friend whose computer got infected pretty bad. I've managed to kill the fix25 popups but Reg Clean pro is being a massive nuisance.

 

So here is the deal. I ran the uninstaller. I've gone through the registry and cleaned out everything that remotely looks like Regclean pro as I've done several times. Usually the problems stop, however upon starting his computer, there is a start up service that is clearly trying to run Reg Clean Pro. I can't for the life of me find it. It's not in the startup in msconfig, its not in the services but it has to be somewhere because it doesn't show up in safe mode.

 

What it's doing is it is attempting to run and then it gets a C# error saying that it can't locate the file reg_pro_cleaner\sys_auth.xml. If you click ok, then the reg clean pro UI comes up, but is blank. If you click on it, it crashes because it can't run. I have ran various tools such as malwarebytes, JRT, and everything short of combofix, which I am not confident enough to try on my own just yet. All the results come up negative and there are 0 infections left. Anyone have any idea what might be causing this issue? I'm certain its either a registry value, file or service but I can't for the life of me find it. Thanks for the help!



BC AdBot (Login to Remove)

 


#2 buddy215

buddy215

  • Moderator
  • 13,097 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:08 PM

Posted 16 November 2014 - 09:42 PM

Try this first....Install CCleaner. Use the default settings to clean the temporary files, logs, ALL cookies, etc. Pay close

attention while installing and UNcheck any offers of Toolbars such as Yahoo and Google.

Once you have used CCleaner to clean up the computer then open again. Click on Tools and choose Startups. Post the list

of startups by clicking on the button in the bottom right corner.

Open Startups again. Click on each of the buttons at top for Browsers and Tasks, etc. Look for anything that you don't need and disable.

Post the list of Tasks. CCleaner - PC Optimization and Cleaning - Free Download

 

If the problem startup isn't found using CCleaner then use AutoRuns for Windows. If you need help with that program then you can post

the startups back here. Hide the Signed Microsoft Entries before posting. If I recall correctly you can do that by clicking on Options.


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”

#3 Kinohki

Kinohki
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:04:08 PM

Posted 17 November 2014 - 12:30 PM

Just gonna say that so far, it seems that Autoruns for windows fixed the issue. I found a hidden RPC entry on the startup that was eluding me and nixed it. That seemed to work. Ccleaner and every other program I've used couldn't find it. Yup. Just done 3 successful reboots (had to reboot to uninstall some things.) and no sign of the broken RPC UI.

 

Appreciate the help, BC! Thanks ! Definitely going to save that program to my toolkit. Its awesome.



#4 buddy215

buddy215

  • Moderator
  • 13,097 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:West Tennessee
  • Local time:05:08 PM

Posted 17 November 2014 - 02:48 PM

You're welcome...happy surfin' !


“Every atom in your body came from a star that exploded and the atoms in your left hand probably came from a different star than your right hand. It really is the most poetic thing I know about physics...you are all stardust.”Lawrence M. Krauss
A 1792 U.S. penny, designed in part by Thomas Jefferson and George Washington, reads “Liberty Parent of Science & Industry.”




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users