English | Deutsch


How to remove the regsrv virus


Most antivirus programs identify regsrv.exe as malware, for example Symantec identifies it as W32.Mubla, and TrendMicro identifies it as BKDR_IRCBOT.CU.
The free file information forum can help you find out how to remove it. If you know more about this file, please leave a comment or a hint for other users.

Click to Run a Free Virus Scan for the regsrv.exe malware


Regsrv.exe file information

The process known as maLnJ or UToo belongs to software UToo or IlBToHBrQg by uctg or UToo.

Description: The file regsrv.exe is located in the folder "C:\Program Files\Common Files". The file size on Windows 7/XP is 643,072 bytes. http://www.file.net/process/regsrv.exe.html 
The program has a visible window. The process starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). The file is not a Windows system file. regsrv.exe seems to be a compressed file. Therefore the technical security rating is 28% dangerous.

Recommended: Identify regsrv.exe related errors

If regsrv.exe is located in the folder C:\Windows\System32\drivers, the security rating is 62% dangerous. The file size is 148,480 bytes. It is a file without information about the developer of this file. It is located in the Windows folder, but it is not a Windows core file. The program has no visible window. It is not a Windows core file. regsrv.exe is able to hide itself and monitor applications.

If regsrv.exe is located in the folder C:\Windows\System32, the security rating is 96% dangerous. The file size is 72,704 bytes. There is no information about the author of the file. It is located in the Windows folder, but it is not a Windows core file. The program has no visible window. The application starts when Windows starts (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run). The application listens for or sends data on open ports to a LAN or the Internet. The file is not a Windows core file.

External information from Paul Collins:
There are different files with the same name:

  • "regsrv" definitely not required. Added by the OPTIXPRO.11 TROJAN!
  • "System Profile" definitely not required. Added by a variant of the OPTIX TROJAN!

Important: Some malware camouflages itself as regsrv.exe, particularly when located in the c:\windows or c:\windows\system32 folder. Therefore, you should check the regsrv.exe process on your PC to see if it is a threat. We recommend Security Task Manager for verifying your computer's security. This was one of the Top Download Picks of The Washington Post and PC World.



Score

User Comments



1 user think it's probably harmless. 1 user think regsrv.exe is dangerous and recommend removing it.


Do you have additional information? Help other users!
What do you know about regsrv.exe: 
How do you rate it: 
Link for more info's: 
Your Name: 


Regsrv scanner


Security Task Manager shows all running Windows tasks including embedded hidden functions (e.g. keyboard or browser monitoring, autostart entry). A unique security risk rating indicates the likelihood of the process being potential spyware, malware, keylogger or a Trojan.

MalwareBytes detects and removes sleeping spyware, adware, trojans, keyloggers, malware and tracking threats from your hard disk. Ideal supplement to Security Task Manager.

SpeedUpMyPC scans, cleans, repairs and optimizes your computer.


Other processes


regsrv.exe [all]