Removal instructions for Registry Reviver

Content is republished with permission from Malwarebytes.

What is Registry Reviver?

The Malwarebytes research team has determined that Registry Reviver is a "system optimizer". These so-called "system optimizers" use intentional false positives to convince users that their systems have problems. Then they try to sell you their software, claiming it will remove these problems.
More information can be found on our Malwarebytes Labs blog.

How do I know if I am infected with Registry Reviver?

This is how the main screen of the sytem optimizer looks:

You will find these icons in your taskbar, your startmenu, and on your desktop:

and see this warning during install:

and these screens during "operations":

You may see this entry in your list of installed programs:

and these tasks in your list of Scheduled Tasks:

How did Registry Reviver get on my computer?

These so-called system optimizers use different methods of getting installed. This particular one was downloaded from their website:

How do I remove Registry Reviver?

Our program Malwarebytes can detect and remove this potentially unwanted application.

Please download Malwarebytes to your desktop.
Double-click mb3-setup-consumer-{version}.exe and follow the prompts to install the program.
Then click Finish.
Once the program has fully updated, select Scan Now on the Dashboard. Or select the Threat Scan from the Scan menu.
If another update of the definitions is available, it will be implemented before the rest of the scanning procedure.
When the scan is complete, make sure that all Threats are selected, and click Remove Selected.
Restart your computer when prompted to do so.

Is there anything else I need to do to get rid of Registry Reviver?

No, Malwarebytes removes Registry Reviver completely.
This PUP creates some scheduled tasks. You can read here how to check for and, if necessary, remove Scheduled Tasks.

How would the full version of Malwarebytes help protect me?

We hope our application and this guide have helped you eradicate this system optimizer.

As you can see below the full version of Malwarebytes would have protected you against the Registry Reviver installer. It would have warned you before the application could install itself, giving you a chance to stop it before it became too late.

and we block access to their domain:

Technical details for experts

You may see these entries in FRST logs:

 () C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoft Smart Monitor Service.exe
 (Corel Corporation) C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe
 (Corel Corporation) C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoftSmartMonitor.exe
 R2 ReviverSoft Smart Monitor Service; C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoft Smart Monitor Service.exe [495872 2017-07-21] ()
 C:\ProgramData\ReviverSoft
 C:\Windows\System32\Tasks\Start Registry Reviver Schedule
 C:\Windows\System32\Tasks\Start Registry Reviver Update
 C:\Windows\System32\Tasks\Start Registry Reviver for {computername}@{username}(logon)
 C:\Users\Public\Desktop\Registry Reviver.lnk
 C:\Windows\Tasks\Start Registry Reviver for {computername}@{username}(logon).job
 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
 C:\Program Files\ReviverSoft

Registry Reviver (HKLM\...\Registry Reviver) (Version: 4.18.1.4 - Corel Corporation)
Task: {3785FB2F-8A9C-464B-BD16-27EECB7369DD} - System32\Tasks\Start Registry Reviver Update => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2017-09-12] (Corel Corporation)
Task: {8662370D-3AF7-43D4-A32C-3CB4E482412E} - System32\Tasks\Start Registry Reviver Schedule => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2017-09-12] (Corel Corporation)
Task: {F1AB1064-DC38-4E14-A69E-3391A9891B73} - System32\Tasks\Start Registry Reviver for {computername}@{username}(logon) => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe [2017-09-12] (Corel Corporation)
Task: C:\Windows\Tasks\Start Registry Reviver for {computername}@{username}(logon).job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe

Most significantlterations made by the installer:

File system details [View: All details] (Selection)
---------------------------------------------------
    Adds the folder C:\Program Files\ReviverSoft\Registry Reviver
       Adds the file FileExtensionManager-vc100-mt.dll"="9/12/2017 2:52 PM, 357632 bytes, A
       Adds the file FileExtensionManager-vc100-mt.mab"="9/12/2017 2:52 PM, 115812 bytes, A
       Adds the file lci.lci"="12/14/2017 11:37 AM, 657 bytes, H
       Adds the file msvcp100.dll"="7/19/2017 6:28 PM, 608080 bytes, A
       Adds the file msvcr100.dll"="7/19/2017 6:28 PM, 829264 bytes, A
       Adds the file nfo"="12/14/2017 11:37 AM, 272 bytes, A
       Adds the file RegistryReviver.exe"="9/12/2017 2:52 PM, 27740928 bytes, A
       Adds the file RegistryReviver.mab"="9/12/2017 2:52 PM, 2291498 bytes, A
       Adds the file RegistryReviverUpdater.exe"="9/12/2017 2:52 PM, 76544 bytes, A
       Adds the file RegistryReviverUpdater.mab"="9/12/2017 2:52 PM, 5105 bytes, A
       Adds the file ScanInfo"="12/14/2017 11:39 AM, 25318 bytes, A
       Adds the file system_excludes"="12/14/2017 11:37 AM, 11940 bytes, A
       Adds the file tray.exe"="9/12/2017 2:52 PM, 2222336 bytes, A
       Adds the file tray.mab"="9/12/2017 2:52 PM, 242436 bytes, A
       Adds the file unfixable_excludes"="12/14/2017 11:37 AM, 103 bytes, A
       Adds the file Uninstall.exe"="9/12/2017 2:52 PM, 514208 bytes, A
       Adds the file user_excludes"="12/14/2017 11:37 AM, 103 bytes, A
    Adds the folder C:\Program Files\ReviverSoft\Registry Reviver\Backups
       Adds the file Original.smg"="12/14/2017 11:38 AM, 3952 bytes, A
    Adds the folder C:\Program Files\ReviverSoft\Registry Reviver\defaults
       Adds the file English.xml"="7/19/2017 6:28 PM, 3600 bytes, A
       Adds the file English1"="7/19/2017 6:28 PM, 16855 bytes, A
       Adds the file English2"="7/19/2017 6:28 PM, 17906 bytes, A
    Adds the folder C:\Program Files\ReviverSoft\Smart Monitor
       Adds the file apps"="7/21/2017 12:58 PM, 4432 bytes, A
       Adds the file msvcp100.dll"="5/11/2016 6:02 PM, 608080 bytes, A
       Adds the file msvcr100.dll"="5/11/2016 6:02 PM, 829264 bytes, A
       Adds the file ReviverSoft Smart Monitor Service.exe"="7/21/2017 1:14 PM, 495872 bytes, A
       Adds the file ReviverSoft Smart Monitor Service.mab"="7/21/2017 1:14 PM, 161887 bytes, A
       Adds the file ReviverSoftSmartMonitor.exe"="7/21/2017 1:14 PM, 2118400 bytes, A
       Adds the file ReviverSoftSmartMonitor.mab"="7/21/2017 1:14 PM, 698597 bytes, A
       Adds the file SystemInfo-vc100-mt.dll"="7/21/2017 1:14 PM, 2227456 bytes, A
       Adds the file SystemInfo-vc100-mt.mab"="7/21/2017 1:14 PM, 979882 bytes, A
       Adds the file Uninstall.exe"="7/21/2017 1:14 PM, 183928 bytes, A
    Adds the folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft\Registry Reviver
       Adds the file Registry Reviver.lnk"="12/14/2017 11:37 AM, 1079 bytes, A
       Adds the file Uninstall.lnk"="12/14/2017 11:37 AM, 1049 bytes, A
    Adds the folder C:\ProgramData\ReviverSoft\Registry Reviver\Language
       Adds the file English.xml"="9/12/2017 2:34 PM, 40242 bytes, A
    Adds the folder C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}
       Adds the file rd_statistic"="12/14/2017 11:38 AM, 24576 bytes, A
       Adds the file ro_statistic"="12/14/2017 11:39 AM, 28672 bytes, A
       Adds the file Settings.xml"="12/14/2017 11:39 AM, 2799 bytes, A
    Adds the folder C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\Logs
       Adds the file app.log"="12/14/2017 11:39 AM, 1544 bytes, A
       Adds the file logRegScan.log"="12/14/2017 11:39 AM, 55904 bytes, A
    Adds the folder C:\ProgramData\ReviverSoft\Smart Monitor\{user clsid}
       Adds the file settings.data"="12/14/2017 11:38 AM, 674 bytes, A
    In the existing folder C:\Users\{username}\AppData\Roaming\Microsoft\Protect\{user clsid}
       Adds the file 723f22c3-6aad-42b4-a999-a8a67da6b456"="12/14/2017 11:38 AM, 468 bytes, HSA
       Alters the file Preferred
        9/15/2017 9:09 AM, 24 bytes, HSA ==> 12/14/2017 11:38 AM, 24 bytes, HSA
    In the existing folder C:\Users\Public\Desktop
       Adds the file Registry Reviver.lnk"="12/14/2017 11:37 AM, 1055 bytes, A
    In the existing folder C:\Windows\System32\Tasks
       Adds the file Start Registry Reviver for {computername}@{username}(logon)"="12/14/2017 11:37 AM, 2672 bytes, A
       Adds the file Start Registry Reviver Schedule"="12/14/2017 11:37 AM, 3460 bytes, A
       Adds the file Start Registry Reviver Update"="12/14/2017 11:37 AM, 3392 bytes, A
    In the existing folder C:\Windows\Tasks
       Adds the file Start Registry Reviver for {computername}@{username}(logon).job"="12/14/2017 11:37 AM, 364 bytes, A

Registry details [View: All details] (Selection)
------------------------------------------------
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}]
       "(Default)"="REG_SZ", "ReviverSoft Smart Monitor Service"
       "LocalService"="REG_SZ", "ReviverSoft Smart Monitor Service"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\AppID\ReviverSoft Smart Monitor Service.exe]
       "AppID"="REG_SZ", "{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Registry Reviver]
       "BID"="REG_SZ", "0"
       "DisplayIcon"="REG_SZ", "C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe"
       "DisplayName"="REG_SZ", "Registry Reviver"
       "DisplayVersion"="REG_SZ", "4.18.1.4"
       "InstallLocation"="REG_SZ", "C:\Program Files\ReviverSoft\Registry Reviver"
       "InstallPath"="REG_SZ", "C:\Program Files\ReviverSoft\Registry Reviver"
       "MajorVersion"="REG_DWORD", 4
       "MinorVersion"="REG_DWORD", 18
       "OSOURCE"="REG_SZ", ""
       "Publisher"="REG_SZ", "Corel Corporation"
       "TID"="REG_SZ", ""
       "UninstallString"="REG_SZ", "C:\Program Files\ReviverSoft\Registry Reviver\Uninstall.exe"
       "URLInfoAbout"="REG_SZ", "www.reviversoft.com/support/registry-reviver"
       "VersionMajor"="REG_DWORD", 4
       "VersionMinor"="REG_DWORD", 18
    [HKEY_LOCAL_MACHINE\SOFTWARE\Registry Reviver]
       "AppDir"="REG_SZ", "C:\Program Files\ReviverSoft\Registry Reviver"
       "Language"="REG_SZ", "English.xml"
       "OriginalLang"="REG_SZ", "English.xml"
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\ReviverSoft Smart Monitor Service]
       "DependOnService"="REG_MULTI_SZ, "RPCSS "
       "Description"="REG_SZ", "ReviverSoft Smart Monitor Service"
       "DisplayName"="REG_SZ", "ReviverSoft Smart Monitor Service"
       "ErrorControl"="REG_DWORD", 1
       "ImagePath"="REG_EXPAND_SZ, ""C:\Program Files\ReviverSoft\Smart Monitor\ReviverSoft Smart Monitor Service.exe""
       "ObjectName"="REG_SZ", "LocalSystem"
       "Start"="REG_DWORD", 2
       "Type"="REG_DWORD", 16

Malwarebytes log:

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 12/14/17
Scan Time: 11:54 AM
Log File: 1a4f2116-e0bd-11e7-ad46-080027750297.json
Administrator: Yes

-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3487
License: Premium

-System Information-
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: {computername}\{username}

-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 243840
Threats Detected: 148
Threats Quarantined: 148
Time Elapsed: 2 min, 5 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 1
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe, Quarantined, [1732], [179182],1.0.3487

Module: 2
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\FileExtensionManager-vc100-mt.dll, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe, Quarantined, [1732], [179182],1.0.3487

Registry Key: 8
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Registry Reviver, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\Registry Reviver, Quarantined, [1732], [257033],1.0.3487
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start Registry Reviver for {computername}@{username}(logon), Quarantined, [1732], [242279],1.0.3487
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start Registry Reviver Schedule, Quarantined, [1732], [242279],1.0.3487
PUP.Optional.RegistryReviver, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Start Registry Reviver Update, Quarantined, [1732], [242279],1.0.3487
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\CLASSES\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Quarantined, [2680], [347964],1.0.3487
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Quarantined, [2680], [347964],1.0.3487
PUP.Optional.ReviverSoft, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{2A2423AE-1AD9-4B60-A021-BBD75766C2FD}, Quarantined, [2680], [347964],1.0.3487

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 7
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\Logs, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\PROGRAMDATA\REVIVERSOFT\REGISTRY REVIVER, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\Backups, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\PROGRAMDATA\MICROSOFT\WINDOWS\START MENU\PROGRAMS\REVIVERSOFT\REGISTRY REVIVER, Quarantined, [1732], [179183],1.0.3487

File: 130
PUP.Optional.RegistryReviver, C:\WINDOWS\TASKS\Start Registry Reviver for {computername}@{username}(logon).job, Quarantined, [1732], [242278],1.0.3487
PUP.Optional.RegistryReviver, C:\USERS\PUBLIC\DESKTOP\REGISTRY REVIVER.LNK, Quarantined, [1732], [242276],1.0.3487
PUP.Optional.RegistryReviver, C:\WINDOWS\SYSTEM32\TASKS\Start Registry Reviver for {computername}@{username}(logon), Quarantined, [1732], [242277],1.0.3487
PUP.Optional.RegistryReviver, C:\WINDOWS\SYSTEM32\TASKS\Start Registry Reviver Schedule, Quarantined, [1732], [242277],1.0.3487
PUP.Optional.RegistryReviver, C:\WINDOWS\SYSTEM32\TASKS\Start Registry Reviver Update, Quarantined, [1732], [242277],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Bulgarian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Croatian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Czech.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Danish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Dutch.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\English.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Finnish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\French.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\German.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Greek.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Hungarian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Indonesian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Italian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Japanese.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Korean.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Norwegian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Polish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Portuguese.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Romanian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Russian.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\SimpChinese.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Spanish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Swedish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Thai.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\TradChinese.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\Language\Turkish.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\Logs\app.log, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\Logs\logRegScan.log, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\rd_statistic, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\ro_statistic, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\ReviverSoft\Registry Reviver\{user clsid}\Settings.xml, Quarantined, [1732], [179181],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\Backups\Original.smg, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Dutch2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\SimpChinese.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Bulgarian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Bulgarian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Bulgarian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Croatian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Croatian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Croatian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Czech.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Czech1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Czech2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Danish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Danish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Danish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Dutch.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Dutch1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\English.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\English1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\English2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Finnish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Finnish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Finnish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\French.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\French1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\French2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\German.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\German1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\German2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Greek.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Greek1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Greek2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Hungarian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Hungarian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Hungarian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Indonesian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Indonesian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Indonesian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Italian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Italian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Italian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Japanese.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Japanese1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Japanese2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Norwegian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Norwegian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Norwegian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Polish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Polish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Polish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Portuguese.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Portuguese1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Portuguese2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Romanian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Romanian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Romanian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Russian.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Russian1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Russian2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\SimpChinese1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\SimpChinese2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Spanish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Spanish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Spanish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Swedish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Swedish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Swedish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Thai.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Thai1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Thai2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\TradChinese.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\TradChinese1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\TradChinese2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Turkish.xml, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Turkish1, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\defaults\Turkish2, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\FileExtensionManager-vc100-mt.dll, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\FileExtensionManager-vc100-mt.mab, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\lci.lci, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\nfo, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.mab, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviverUpdater.exe, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviverUpdater.mab, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\ScanInfo, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\system_excludes, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\tray.exe, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\tray.mab, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\unfixable_excludes, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\Uninstall.exe, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\Program Files\ReviverSoft\Registry Reviver\user_excludes, Quarantined, [1732], [179182],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft\Registry Reviver\Registry Reviver.lnk, Quarantined, [1732], [179183],1.0.3487
PUP.Optional.RegistryReviver, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft\Registry Reviver\Uninstall.lnk, Quarantined, [1732], [179183],1.0.3487
PUP.Optional.RegistryReviver, C:\USERS\{username}\DESKTOP\REGISTRYREVIVERSETUP.EXE, Quarantined, [1732], [343736],1.0.3487

Physical Sector: 0
(No malicious items detected)


(end)

As mentioned before the full version of Malwarebytes could have protected your computer against this threat.
We use different ways of protecting your computer(s):

Dynamically Blocks Malware Sites & Servers
Malware Execution Prevention

Save yourself the hassle and get protected.

	Security → Malware Removal Guides and Tutorials → Removal instructions for Security Reviver Started by Metallica , 22 Jan 2020 reviversoft		0 replies 998 views	Metallica 22 Jan 2020
	Security → Malware Removal Guides and Tutorials → Removal instructions for Privacy Reviver Started by Metallica , 01 Sep 2017 reviversoft		0 replies 1,976 views	Metallica 01 Sep 2017

#1
Metallica

Posted 14 December 2017 - 05:25 AM

Advertisements

Also tagged with one or more of these keywords: reviversoft

Removal instructions for Security Reviver

Removal instructions for Privacy Reviver

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us