Exterminate It! Antimalware

malpedia

Known threats:699,742 Last Update:November 20, 22:46

Testimonials

I consider myself pretty good with a computer, but after 10 hours of trying to do this myself, the sysguard.exe whipped me. I couldn't find all the files and when I thought I had them all, they would replicate and play hide and go seek I have never endorsed a product in a comment, but if you want to rid yourself of this stuff, pay the $24.99 and download Exterminate-It It fixed my system in 5 minutes!

Mike T.

PowerReg.Scheduler

How to Remove PowerReg.Scheduler from Your Computer

To completely purge PowerReg.Scheduler from your computer, you need to delete the files and folders associated with PowerReg.Scheduler. These files and folders are respectively listed in the Files and Folders sections on this page.

For instructions on deleting the PowerReg.Scheduler files and folders, see the following section How to Delete PowerReg.Scheduler Files (.exe, .dll, etc.).

How to Delete PowerReg.Scheduler Files (.exe, .dll, etc.)^

The files and folders associated with PowerReg.Scheduler are listed in the Files and Folders sections on this page.

To delete the PowerReg.Scheduler files and folders:

  1. Using your file explorer, browse to each file and folder listed in the Folders and Files sections.
  2. Note: The paths use certain special folders (conventions) such as [%PROGRAM_FILES%]. Please note that these conventions are depending on Windows Version / Language. These conventions are explained here.
  3. Select the file or folder and press SHIFT+Delete on the keyboard.
  4. Click Yes in the confirm deletion dialog box.
  5. IMPORTANT: If a file is locked (in use by some application), its deletion will fail (the Windows will display a corresponding message).You can delete such locked files with the RemoveOnReboot utility. To delete a locked file, right-click on the file, select Send To->Remove on Next Reboot on the menu and restart your computer. You can install the RemoveOnReboot utility from here.
[%STARTUP%]\powerreg scheduler.exe
[%STARTUP%]\powerreg scheduler v3.exe
[%WINDOWS%]\pss\PowerReg Scheduler.exe.Startup
[%SYSTEM_DRIVE%]\Temp\PowerReg Scheduler.exe.Startup
[%WINDOWS%]\pss\PowerReg Scheduler.exeStartup
[%SYSTEM_DRIVE%]\$Recycle.Bin\[%USER_SID%]\$RZ40M8C.exe
[%WINDOWS%]\pss\PowerReg Scheduler V3.exe.Startup
[%APPDATA%]\TuneUp Software\TU2013\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%APPDATA%]\360safe\360Disabled\PowerReg Scheduler.exe
[%APPDATA%]\avg\AWL2014\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%STARTUP%]\powerreg schedulerv2.exe
[%LOCAL_APPDATA%]\SlimWare Utilities Inc\SlimCleaner\Backups\StartupFiles\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TU2013\StartUp Manager\Objets dГ©sactivГ©s\PowerReg Scheduler.exe
[%APPDATA%]\AVG\AWL2015\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%SYSTEM_DRIVE%]\Windows.old\Users\joacisilva\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe
[%SYSTEM_DRIVE%]\Windows.old\Users\Randy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe
[%WINDOWS%]\pss\PowerReg Scheduler.exe.CommonStartup
[%COMMON_APPDATA%]\RogueKiller\Quarantine\F0370FAEC74D3A22.vir
[%SYSTEM_DRIVE%]\Windows.old\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
[%PROFILE%]\Downloads\[EXT(USB)01]\Transfer\D-Drive-v1996CE(b)\WINDOWS\Start Menu\Programs\StartUp\PowerReg Scheduler.exe
[%WINDOWS%]\pss\PowerReg Scheduler V3.exeStartup
[%APPDATA%]\TuneUp Software\TuneUp Utilities 2014\StartUp Manager\Objetos desactivados\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities 2014\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%STARTUP%]\temp.000
[%STARTUP%]\temp.001
[%COMMON_APPDATA%]\RogueKiller\Quarantine\0201ABE8F149DC82.vir
[%COMMON_APPDATA%]\RogueKiller\Quarantine\0BDB0E7D4EF26BBE.vir
[%APPDATA%]\VSRevoGroup\RevoUninstaller\ADCU\PowerReg Scheduler.exe
[%DESKTOP%]\User\Start Menu\Programs\Startup\PowerReg Scheduler.exe
[%USER_RECYCLE_BIN%]\Dc1.exe
[%SYSTEM_DRIVE%]\Petra.D-Alt\W98\StartmenГј\Programme\Autostart\PowerReg Scheduler.exe
[%SYSTEM%]\config\backup\systemprofile\Start Menu\Programs\Startup\PowerReg Scheduler V3.exe
[%SVC_SYS_STARTUP%]\PowerReg Scheduler V3.exe
[%SYSTEM_DRIVE%]\$Recycle.Bin\[%USER_SID%]\$RKSLTBQ.exe
[%APPDATA%]\VS Revo Group\Revo Uninstaller Pro\ADCU\PowerReg Scheduler V3.exe
[%COMMON_STARTUP%]\PowerReg Scheduler V3.exe
[%SYSTEM_DRIVE%]\_TechWin\_Xfer\DRV_C\WINDOWS\Start Menu\Programs\StartUp\PowerReg SchedulerV2.exe
[%LOCAL_APPDATA%]\VS Revo Group\Revo Uninstaller Pro\BackUpsData\PowerReg Scheduler V3.exe-16072012-215422\File8
[%APPDATA%]\TuneUp Software\TU2013\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%SYSTEM_DRIVE%]\Windows.old\Users\Brian D\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PowerReg Scheduler.exe
[%LOCAL_APPDATA%]\Microsoft\Windows Defender\Software Explorers\Disabled Startup Folder Items\PowerReg Scheduler V3.exe
[%APPDATA%]\TuneUp Software\TU2011\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%APPDATA%]\AVG\AWL2015\StartUp Manager\Objetos desactivados\PowerReg Scheduler V3.exe
[%APPDATA%]\AVG\AWL2012\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%APPDATA%]\TuneUp Software\TU2012\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities 2014\StartUp Manager\Objetos desativados\PowerReg Scheduler.exe
[%SYSTEM_DRIVE%]\$RECYCLE.BIN\[%USER_SID%]\$RUNBGRS.Vxe
[%PROGRAMS%]\Disabled Startup\PowerReg Scheduler.exe
[%APPDATA%]\iolo\Disabled Entries\Current User\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler.exe
[%APPDATA%]\iolo\Disabled Entries\Current User\PowerReg SchedulerV2.exe
[%APPDATA%]\Soluto\Startup\PowerReg Scheduler.exe
[%SYSTEM_DRIVE%]\$Recycle.Bin\[%USER_SID%]\$R3K22CV.exe
[%APPDATA%]\Runscanner.net\Backups\{D124E515-FED5-4935-AD73-1D9F7CFB63D3}
[%APPDATA%]\TuneUp Software\TU2012\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%WINDOWS%]\pss\PowerReg SchedulerV2.exeStartup
[%COMMON_APPDATA%]\5f1c97b\BackUp\PowerReg Scheduler V3.exe
[%WINDOWS%]\pss\PowerReg SchedulerStartup
[%STARTUP%]\POWERR~1.EXE
[%PROGRAM_FILES%]\TrendMicro\HiJackThis\backups\backup-20100820-122923-615-PowerReg Scheduler V3.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Deaktivierte Objekte\PowerReg Scheduler V3.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\PowerReg Scheduler V3.exe
[%PROGRAMS%]\StartupAdvanced Uninstaller\PowerReg Scheduler.exe
[%STARTUP%]\PowerReg Scheduler V3.exe.vir
[%PROGRAMS%]\Startup (Disabled by AnVir)\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TU2012\StartUp Manager\Gedeactiveerde objecten\PowerReg Scheduler V3.exe
[%USER_RECYCLE_BIN%]\Dc2.exe
[%PROGRAM_FILES%]\Microsoft AntiSpyware\Quarantine\4DF1371A-10AF-45F6-A4AB-633C05\DD00B23B-4B05-4572-BE7A-155C10
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_6.1.2.10\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler.exe
[%PROGRAM_FILES%]\Trend Micro\HiJackThis\backups\backup-20110323-110843-277-PowerReg Scheduler.exe
[%COMMON_APPDATA%]\952e936\BackUp\PowerReg Scheduler.exe
[%PROGRAM_FILES%]\Microsoft AntiSpyware\Quarantine\F4724AD0-1DD9-46EC-BCC5-071ECC\E007F4BB-86C2-42DF-82D9-6946B7
[%PROGRAM_FILES%]\Microsoft AntiSpyware\Quarantine\F4724AD0-1DD9-46EC-BCC5-071ECC\ECF45AE2-7AF7-49AC-A773-070A9E
[%COMMON_STARTUP%]\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\ddbe6f1\BackUp\PowerReg Scheduler V3.exe
[%DESKTOP%]\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TU2011\StartUp Manager\Objetos desactivados\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\46477c\BackUp\PowerReg Scheduler V3.exe
[%APPDATA%]\iolo\Disabled Entries\Current User\PowerReg Scheduler V3.exe
[%PROGRAM_FILES%]\Yahoo!\YPSR\Quarantine\ppq14.tmp
[%PROGRAM_FILES%]\IObit\Advanced SystemCare 5\Boottime\Backup\user\POWERREG SCHEDULER V3.del
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Deaktivierte Objekte\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TU2011\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\1544fed\BackUp\PowerReg Scheduler V3.exe
[%STARTUP%]\norton disk doctor.lnk
[%APPDATA%]\SpeedBit\SpeedOptimizer3\DB\StartupApps\PowerReg Scheduler V3.exe
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Objetos desactivados\PowerReg Scheduler V3.exe
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler V3.exe
[%COMMON_APPDATA%]\586b1c\BackUp\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.1.0.29\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TU2011\StartUp Manager\Objets d?sactiv?s\PowerReg Scheduler V3.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Disabled objects\PowerReg Scheduler.exe
[%APPDATA%]\SB\cache\7eb1ecfb485ad7dd06297592d6b60c51
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\Norton\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler V3.exe
[%COMMON_APPDATA%]\d4e675\BackUp\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.0.0.127\QuickStart\[%USER_SID%]FolderForUser\PowerReg Scheduler.exe
[%APPDATA%]\NeoSoftTools\System Manager\Startup\Disabled\PowerReg Scheduler.exe
[%COMMON_APPDATA%]\1ec8f8\BackUp\PowerReg Scheduler.exe
[%APPDATA%]\TuneUp Software\TuneUp Utilities\StartUp Manager\Objetos desactivados\PowerReg Scheduler.exe
[%DESKTOP%]\startup
[%PROGRAM_FILES%]\powerreg

Adware

Software that is designed to launch advertisements, frequently pop-up ads, on a user’s computer and/or to redirect search results to promotional Web sites. Adware programs are often built into freeware or shareware programs, where the adware creates an indirect ‘charge’ for using the free program. Sometimes a trojan can silently download an adware program from a Web site and install it onto a user’s machine.

Hacker tools, or Browser Hijackers, can also download an adware program by exploiting a web browser’s vulnerability. Browser Hijackers may tamper with the browser settings, redirect incorrect or incomplete URLs to unwanted Web sites, or change the default home page. They can also re-direct a user’s searches to “pay-to-view” (often pornographic) Web sites.

Typically, many adware programs do not leave any marks of their presence in the system: they are not listed on Start | Programs; they add no icons to the system tray; and they don’t show up on the task list. In addition, adware programs seldom provide an uninstallation procedure, and attempts at manually removing them frequently result in failure of the original carrier program.

Be Aware of the Following Adware Threats:

FactoryNetwork, Surf.buddy, Privato, IFriends, Hesney.

How Did My PC Get Infected with PowerReg.Scheduler?^

The following are the most likely reasons why your computer got infected with PowerReg.Scheduler:

  • Your operating system and Web browser's security settings are too lax.
  • You are not following safe Internet surfing and PC practices.

Downloading and Installing Freeware or Shareware

Small-charge or free software applications may come bundled with spyware, adware, or programs like PowerReg.Scheduler. Sometimes adware is attached to free software to enable the developers to cover the overhead involved in created the software. Spyware frequently piggybacks on free software into your computer to damage it and steal valuable private information.

Using Peer-to-Peer Software

The use of peer-to-peer (P2P) programs or other applications using a shared network exposes your system to the risk of unwittingly downloading infected files, including malicious programs like PowerReg.Scheduler.

Visiting Questionable Web Sites

When you visit sites with dubious or objectionable content, trojans-including PowerReg.Scheduler, spyware and adware, may well be automatically downloaded and installed onto your computer.

Detecting PowerReg.Scheduler^

The following symptoms signal that your computer is very likely to be infected with PowerReg.Scheduler:

PC is working very slowly

PowerReg.Scheduler can seriously slow down your computer. If your PC takes a lot longer than normal to restart or your Internet connection is extremely slow, your computer may well be infected with PowerReg.Scheduler.

New desktop shortcuts have appeared or the home page has changed

PowerReg.Scheduler can tamper with your Internet settings or redirect your default home page to unwanted web sites. PowerReg.Scheduler may even add new shortcuts to your PC desktop.

Annoying popups keep appearing on your PC

PowerReg.Scheduler may swamp your computer with pestering popup ads, even when you're not connected to the Internet, while secretly tracking your browsing habits and gathering your personal information.

E-mails that you didn't write are being sent from your mailbox

PowerReg.Scheduler may gain complete control of your mailbox to generate and send e-mail with virus attachments, e-mail hoaxes, spam and other types of unsolicited e-mail to other people.