How to remove the regsrv virus
Most antivirus programs identify regsrv.exe as malware, for example Symantec identifies it as W32.Mubla, and TrendMicro identifies it as BKDR_IRCBOT.CU.
The free file information forum can help you find out how to remove it. If you know more about this file, please leave a comment or a hint for other users.
Regsrv.exe file information
Description: The file regsrv.exe is located in the folder "C:\Program Files\Common Files".
The file size on Windows 7/XP is 643,072 bytes.
The program has a visible window. The process starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). The file is not a Windows system file. regsrv.exe seems to be a compressed file. Therefore the technical security rating is 28% dangerous.
Recommended: Identify regsrv.exe related errors
If regsrv.exe is located in the folder C:\Windows\System32\drivers, the security rating is 62% dangerous. The file size is 148,480 bytes. It is a file without information about the developer of this file. It is located in the Windows folder, but it is not a Windows core file. The program has no visible window. It is not a Windows core file. regsrv.exe is able to hide itself and monitor applications.
If regsrv.exe is located in the folder C:\Windows\System32, the security rating is 96% dangerous. The file size is 72,704 bytes. There is no information about the author of the file. It is located in the Windows folder, but it is not a Windows core file. The program has no visible window. The application starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). The application listens for or sends data on open ports to a LAN or the Internet. The file is not a Windows core file.
External information from Paul Collins:
There are different files with the same name:
- "regsrv" definitely not required. Added by the OPTIXPRO.11 TROJAN!
- "System Profile" definitely not required. Added by a variant of the OPTIX TROJAN!
Important: Some malware camouflages itself as regsrv.exe, particularly when located in the c:\windows or c:\windows\system32 folder. Therefore, you should check the regsrv.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.
Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.
MalwareBytes detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.
SpeedUpMyPC scans, cleans, repairs and optimizes your computer.
bclogoff.exe ac_secdbm.exe ntfsnlpa.exe regsrv.exe uncfatdms.exe wiaup.exe ibqossvc.exe actlbstr.exe zatray.exe updatetutoriales100hp.exe winlogonsys.exe [all]