Saturday, 14 September 2013

How To Remove the Stubborn "Registry Helper" Scareware

If you have tried removing the Registry Helper with the usual programs and features uninstall utility and was not successful then read on the rest of this post. I had the same problem and accidentally stumbled upon a solution within one of the files of the the program itself.

I was surprised this morning that my laptop screen greeted me with a not so good news. A program called registry helper is splashing a bad news that it has detected threats (Pic. 1) in my device. I was surprised, not because of the "detected" threats but the presence of the said program. I know that it is just one of the scarewares out there that mimics legitimate scanners but always shows scary results and asks you at the end to download another software to remove the threats. But do not fall for it because your laptop is fine and the program it wants you to download will only makes matters worst. 

Pic 1

Can't Remove it the Usual Way

I tried to remove it through programs and features (control panel, program and features) by highlighting the program and clicking uninstall. I thought it is gone but when I restarted my computer, the scary message still pops up. I checked the startup items (start, type msconfig, start up), and the registry helper is still on the list. I unticked it and restarted my computer. The message is gone but I am sure that the program or other parts of the program are still installed in my laptop.

I turned to google and followed a link that gave me these steps but did not worked for me. 

1. Click “Ctrl+Alt+Del” to open Windows Task Manager, and then stop all registry helper processes. 

Which registry helper processes? I do not know! It doesn't show me which processes.

2. Click “Start” button and select “Run”. Type “regedit” into the box and click “OK”. Delete the following file:

“HKEY_LOCAL_MACHINE\Software\Registry Helper.” Right-click this registry key and select “Delete.”

I could not see this value myself inside Software folder.

3. Navigate to directory %PROGRAM_FILES%\Registry Helper\ and delete the infected files manually.

"If you don’t have sufficient expertise in dealing with computer files, this may cause damage to your computer. So please be prudent during the whole removal process. Otherwise, why not use a virus removal tool to help you remove virus and optimize computer system automatically."

Although the warning is scary, I tried to do this. But every time I try it says that it is being used by another program, so I could not delete it.

I was stuck for a while on thinking of how to remove it. The name of the program is no longer listed at programs and features, because of the first uninstall attempt. But it is still in my system as it is still showing at the start up. 

Whilst inspecting the elements of the program, I came across it's un installation process (computer, system C:, program files(x86), Registry Helper, Help folder) that came with the package. It is just a matter of double clicking ! 

Pic 2

But how can I do that when it is no longer showing in the list of programs?

This might sound crazy but in order for the program to be on the list again is to download and install  it the second time from!

Uninstalling Registry Helper

After installing it, the program's name is back on the list. The software comes with two more additional programs, the computer updater and disk cleaner. I know that they come with it because the installation time of the three softwares are at the same time.

Pic 3

To uninstall, just double click it! A dialogue pops up saying to close the program (this dialogue did not showed up using programs and features to uninstall). 

Pic 4

Whilst uninstalling, a dialogue shows and asking if I want to keep the settings of registry helper. I did chose No.

Pic 5

Once uninstalled, I also uninstalled computer updater and disk cleaner!

Pic 6

The scary pop up stopped showing after the restart!

Related Post

How not to get infected with scarewares

1 comment:


Popular Posts