How to Remove “reg.exe”

Originally developed by  Microsoft Corporation, reg.exe and also this process known as Registry Console Tool and it is a legitimate file that is associated with Windows Operating System. It is an important component of Microsoft Narrator application and is located in C:\Windows\System32 by default.

reg.exe virus is created when malware authors write virus files and name them after reg.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with reg.exe malware?

If your system is affected by reg.exe malware, you will notice one or the several below symptoms:

1. reg.exe occupies an unusually large CPU memory
2. Erratic internet connection
3. Your browser is bombarded with annoying popup ads
4. Computer screen freezes
5. PC's processing speed suffers
6. You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove reg.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove reg.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

  • Smart Scan: Does a scan on critical areas of your system.
  • Full Scan: Does a complete scan of your system.
  • Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use. 
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to make sure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.

Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

31

Malware Entries

First Seen: 09 September 2018 at 2:37 pm
No. Company File Type SHA1 MD5 Malware
Name
Digitally
Signed
File
Version
Product
Version
Submitted
From
Malware Behavior
1 N/A Executable ae91144e69cd5fc8
c6c328d1d124423e
e9d5cea4
f37d4f61d433bf63
2b21873bcd9ec6f4
Virus.Win32.
Sality.gen
No N/A N/A 31.9.135.244/32 N/A
2 Корпорация Майкрософт Executable 4d19b97c0fbb57a4
b4ef8ec29d13dff3
b73eb232
105e287ed187b99e
718ba801986d5001
Virus.Win32.
Virut.CE
No 5.1.2600.2
180
(xpsp_sp2_
rtm.040803
-2158)
5.1.2600.2
180
5.227.233.194/32 N/A
3 Microsoft Corporation Executable 806b5621701a4719
31646492dc0704ab
b214eaab
6ec09839364ca5c3
56d95baed4e86d20
Virus.Win32.
Virut.CE
No 6.1.7600.1
6385
(win7_rtm.
090713-125
5)
6.1.7600.1
6385
5.155.7.12/32 N/A
4 Microsoft Corporation Executable a0fcc13dbcd6b8bd
01818771f4df818e
c0d01a90
54faaa354cb2fcf8
346602188f21a44e
EmailWorm.Wi
n32.Runonce.
~v001
No 6.1.7600.1
6385
(win7_rtm.
090713-125
5)
6.1.7600.1
6385
United States N/A
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
3

Safe Entries

First Seen: 15 February 2016 at 9:29 am
No. Company File Type SHA1 MD5 Digitally
Signed
File
Version
Product
Version
Submitted
From
1 Microsoft Corporation Executable e6b071077ceffa8e
5f62b347c66f6d0e
57110505
9861479a914d8d22
2f914b71e9b0f90c
No 10.0.16299
.15
(WinBuild.
160101.080
0)
10.0.16299
.15
United States
2 Microsoft Corporation Executable 3313e9724fc1852a
10962a1bfb1c1f12
5bf9a974
ac46883e2bd13234
4d0ee13fb901257c
No 10.0.10586
.0
(th2_relea
se.151029-
1700)
10.0.10586
.0
10.224.25.96/32
3 iSeePassword(iseepassword.com) Executable f9fbf343ab05dae0
a04edd326977a2b7
04aa6aff
fc6f09ea48913da2
48649b566db7c11d
No 3.17.1120.
3600
3.3.14.2 10.224.25.96/32
Display 4 items per page
  • 4 items per page
  • 8 items per page
  • 16 items per page
  • 32 items per page
 
Exclusive Offer
Get Free Endpoint Protection
Get Advanced
Endpoint
Protection

Award-Winning Security to Protect Your Clients from Cyber Attacks

Comodo Internet Security Pro

Antivirus Protection protection from hackers! Get the ultimate Antivirus solution to keep your PC clean and to remove viruses from a slow or infected PC. Improve the PC performance at home or use it on-the-go!

Get Comodo Internet Security Comodo Internet Security