Regedit.exe is a legitimate process file popularly known as Registry Editor. It is associated with software Microsoft Windows Operating System developed by Microsoft. It is located in C:\Windows\System32 files by default.
Malware programmers write virus files with malicious scripts and save them as regedit.exe with an intention to spread virus on the internet.
Affected Platforms: Windows OS
How to determine if your computer is infected with regedit.exe malware?
Look out for the these symptoms to check if your PC is infected with regedit.exe malware:
- Internet connection is unstable
- regedit.exe occupies extra CPU space
- PC processing speed slows down
- Browser often redirects to irrelevant websites
- You get a lot of unsolicited ads and popups
- Computer screen freezes repeatedly
Take the following steps to diagnose your PC for possible regedit.exe malware attack:
Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.
Step 2: If you notice the file located outside C:\Program Files, perform an an antivirus scan to get rid of the malware.
How to remove regedit.exe malware from system using Comodo Antivirus?
Step 1: Download the award-winning Free Comodo Antivirus.
Step 2: Select the “Do not detect new networks again” option when Comodo Internet Security internal firewall activates the network detection process.
Step 3: After network detection is over, click on the “Close” button for a scan window.
Step 4: Restart your PC.
Step 5: Wait for Comodo Internet Security to update the antivirus.
Step 6: Proceed with the quick scan that automatically begins after the update.
Step 7: If threats are found during the scanning, you will be notified through an alert screen.
No. | Company | File Type | SHA1 | MD5 | Malware Name |
Digitally Signed |
File Version |
Product Version |
Submitted From |
Malware Behavior |
---|---|---|---|---|---|---|---|---|---|---|
1 | N/A | Executable | 5ef34c4b4e24ba89 6268a67fef415edb ef3cbc14 |
833b7bbb9f5531f4 6246415751cab95c |
Virus.Win32. Sality.gen |
No | 1, 0, 0, 1 | 1, 0, 0, 1 | ![]() |
N/A |
2 | N/A | Non-executable | 8a9b8fbf9bee28cf 943e692fa6d3bb20 8aabf05d |
34d654255824f7da 5aa4d228f90d9071 |
Unclassified Malware |
No | N/A | N/A | ![]() |
N/A |
3 | Microsoft Corporation | Executable | 6b3e38fe7625ec74 599db29835eb6b76 98d5ddf2 |
2a161e9407c4083f a64029c4347ea15a |
Virus.Win32. Virut.Ce |
No | 5.1.2600.5 512 (xpsp.0804 13-2111) |
5.1.2600.5 512 |
![]() |
N/A |
4 | Корпорация Майкрософт | Executable | 51aaf50259a9d1a1 37b75863216b95a8 76c17f42 |
f43b29661aeedfac cc8353885833cdbf |
Virus.Win32. Sality.gen |
No | 5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158) |
5.1.2600.2 180 |
![]() |
N/A |
No. | Company | File Type | SHA1 | MD5 | Digitally Signed |
File Version |
Product Version |
Submitted From |
---|---|---|---|---|---|---|---|---|
1 | Microsoft Corporation | Executable | c166a63006fc3d45 9ff5cb59a2de1713 6086489e |
acb6949bff49baed d305aa14a17a1223 |
No | 5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710) |
5.2.3790.3 959 |
![]() |
2 | NewSoft Technology Corporation | Executable | e9626fce6436060f 7f0e2e698e4d4157 7bde442f |
05b4e0474f1b072b 67dd80c8a876af65 |
Yes | 1.0.0 | 1, 0, 0, 0 | ![]() |
3 | Microsoft Corporation | Executable | 4d1756e625a7bc75 5a7ccb9891795720 a33c8b2f |
a04c6f93701f90fc 6f41e21859b4a2e3 |
No | 5.1.2600.1 106 (xpsp1.020 828-1920) |
5.1.2600.1 106 |
![]() |
4 | N/A | Non-executable | a784dc225495182e 441cce5377e64d72 2542e621 |
f700825ac36901a0 cdf4d48deeca2ee6 |
No | N/A | N/A | ![]() |