Is Registry Mechanic a Virus, And How Can You Remove It?
Often slow PCs can be repaired using a registry fixing tool, designed to repair errors in the Windows registry. We’ve covered many such tools on MakeUseOf in the past, and have even recommended some tools to monitor the registry for errors .
The problem is, not all of these tools work. Some are just rubbish; others promise more than they can deliver. The rest are malware.
There’s one registry fixer that promises much while being rubbish, and ransomware, at the same time: PC Tools Registry Mechanic. Fortunately, it can be removed with relative ease.
What Is PC Tools Registry Mechanic?
Initially formed in 2003, PC Tools (formerly WinGuides.com) has released several versions of Registry Mechanic over the years, the most recent being the 2011 version, coincidentally numbered 11.
In 2008, PC Tools was purchased by Symantec, and in 2013 the entire PC Tools line of security-related utilities (such as iAntivirus, Internet Security and Spyware Doctor) was withdrawn and renewals blocked. However, Registry Mechanic can still be found online.
Ostensibly designed to scan and repair problems with the Windows registry, Registry Mechanic was the first application released by PC Tools.
Registry Mechanic’s Malicious Behaviour
With Registry Mechanic running on your PC (you might have installed it on the recommendation of a friend, bundled in with other apps or on the instruction of a website popup) you may notice a reduction in system performance.
Once the software has completed scanning your registry (which it can seem to do almost constantly), it will often inform you of issues – but tell you that there is a charge to fix them.
The most famous case is probable that of Washington State man James Gross, who took legal action (ultimately defeated) against Symantec with regard to Registry Mechanic. His complaint (made against Registry Mechanic and two other tools, Norton Utilities and Performance Toolkit) asserted that “The Scareware does not conduct any actual diagnostic testing on the computer.”
The action continues:
“Instead, Symantec intentionally designed its Scareware to invariably report, in an extremely ominous manner, that harmful errors, privacy risks, and other computer problems exist on the user’s PC, regardless of the real condition of the consumer’s computer. Furthermore, the scareware does not, and cannot, provide the benefits promised by Symantec. Accordingly, consumers duped into purchasing software that does not function as advertised, and in fact, has very little (if any) utility.”
James Gross’ action states specifically in the case of Registry Mechanic that his computer displayed “high priority” errors and that he paid the $29.99 fee to resolve the problems. Noticing little had changed, he then hired computer forensics experts, who found that the errors were “not credible threats to a computer’s functionality.”
While there have been no new versions of Registry Mechanic since 2011 (and it is not possible to be conned into paying, as there is no longer a facility to take money for subscription), it is clearly not something you would want to install on your computer as it’s a complete waste of time!
When it was active, Registry Mechanic was more or less ransomware, distributed with the intention of generating cash by charging users to fix “errors” that it has found. While there are some claims that spyware is also installed with the non-utility, these can be dealt with thanks to apps like Malwarebytes Anti-Malware or Ad-Aware.
Since its purchase by Symantec, PC Tools Registry Mechanic doesn’t seem to be as common an issue for users as it once was, but there are legacy copies out there, on download sites and lurking on old PC magazine cover discs.
If you have somehow installed it, now is the time to remove it.
How You Can Remove Registry Mechanic
As it is just ridiculously cynical software, and not actually malware or a virus, PC Tools Registry Mechanic can be removed with considerable ease – much like any other standard Windows program.
Having tested the software, I can tell you that it displays results that need action even upon a clean install of Windows 7, which is obviously a concern. If that hasn’t made your mind up about Registry Mechanic, nothing will!
In Windows, go to the Start screen and type “Add or remove” (in Windows 7, open the Start menu, go to Control Panel). Select Add or remove programs, and after the list has populated (this can take a while on systems with a lot of software installed) look for “Registry Mechanic” or “PC Tools Registry Mechanic”.
Select the item, then click the Uninstall button and follow the instructions displayed in the wizard, making sure you clear the checkbox to Retain backup and custom ignore file lists. You should restart Windows to fully remove Registry Mechanic.
Repairing Your Registry? Rely On Proven Tools
The Windows system registry is more than just a list. It is extremely complex, features considerable references and cross references to other entries and both visible and hidden system files as well as images, sound files and other media. It even comes with its own editor to help you make changes safely .
Put simply, it can be very difficult to repair. Even if you rely on proven registry repair utilities, you may find that the results are less than satisfactory. This is why it is important to be able to recognise when to make repairs and when not to bother . After all, repairing or making registry tweaks rarely makes Windows faster .
In the event of a proven system registry repair tool not working as expected, you will probably need to consider reinstalling (or resetting) Windows.
Registry Mechanic is just one of many malicious applications posing as necessary utilities. Have you encountered any others? Have you run into problems because you used Registry Mechanic, and did you pay up when it scanned your system? Use the comments to let us know.