How to Remove “reg.exe”

Originally developed by  Microsoft Corporation, reg.exe and also this process known as Registry Console Tool and it is a legitimate file that is associated with Windows Operating System. It is an important component of Microsoft Narrator application and is located in C:\Windows\System32 by default.

reg.exe virus is created when malware authors write virus files and name them after reg.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with reg.exe malware?

If your system is affected by reg.exe malware, you will notice one or the several below symptoms:

1. reg.exe occupies an unusually large CPU memory
2. Erratic internet connection
3. Your browser is bombarded with annoying popup ads
4. Computer screen freezes
5. PC's processing speed suffers
6. You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove reg.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove reg.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to make sure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.

Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

21

Malware Entries

First Seen: 25 February 2018 at 1:57 am
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 Microsoft Corporation Executable 3f7f1baa326b8fad
7c3619738ed04ec6
aa830a11
fe9ee4d923719e44
a67acb83786d6428
Virus.Win32.
Virut.CE
No 5.1.2600.5
512
(xpsp.0804
13-2111)
5.1.2600.5
512
156.220.2.23/32 N/A
2 Microsoft Corporation Executable cbb7d24cfcaa413d
36a1d5a2792e367d
8256bea5
e9fbefe4a59328dd
6564c1fdf0070371
Virus.Win32.
Virut.CE
No 6.1.7600.1
6385
(win7_rtm.
090713-125
5)
6.1.7600.1
6385
Egypt N/A
3 Microsoft Corporation Executable 15140833515477dc
524c946704f9b869
dfed057d
894575cc97c009a0
3a17eafa63991094
Virus.Win32.
Expiro.naf
No 6.1.7600.1
6385
(win7_rtm.
090713-125
5)
6.1.7600.1
6385
Russian Federation N/A
4 Microsoft Corporation Executable 9e884dae7d96812c
e0290e6e46a749a8
0caa710f
fed3a8f863113b5f
52e5ad0f7b03ec69
Virus.Win32.
Virut.CE
No 6.1.7600.1
6385
(win7_rtm.
090713-125
5)
6.1.7600.1
6385
Philippines N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
15

Safe Entries

First Seen: 05 June 2008 at 9:33 am
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable da207b299e4f0b11
d215c9fc7e0d70a5
f5d6e90f
ef09be7409ef7bc7
f7d2bc1507748942
No 2, 0, 0, 0 2, 0, 0, 0 United States
2 Microsoft Corporation Executable 775668a974879f0b
757d3387ce1cc6c0
2f795d02
f6917fb7be5715b8
af6930fe3878d390
No 5.1.2600.1
106
(xpsp1.020
828-1920)
5.1.2600.1
106
United States
3 Microsoft Corporation Executable d4b0671974631408
2775c8be24544ccb
e641bc26
6935af282b082eec
a424399d51725edf
No 6.3.9600.1
6384
(winblue_r
tm.130821-
1623)
6.3.9600.1
6384
United States
4 Microsoft Corporation Executable d4b0671974631408
2775c8be24544ccb
e641bc26
6935af282b082eec
a424399d51725edf
No 6.3.9600.1
6384
(winblue_r
tm.130821-
1623)
6.3.9600.1
6384
10.108.51.116/32
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Free Antivirus protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security