How to Remove the regedit.exe virus from PC

Regedit.exe is a legitimate process file popularly known as Registry Editor. It is associated with software Microsoft Windows Operating System developed by Microsoft. It is located in C:\Windows\System32 files by default.

Malware programmers write virus files with malicious scripts and save them as regedit.exe with an intention to spread virus on the internet.

Affected Platforms: Windows OS

How to determine if your computer is infected with regedit.exe malware?

Look out for the these symptoms to check if your PC is infected with regedit.exe malware:

Internet connection is unstable
regedit.exe occupies extra CPU space
PC processing speed slows down
Browser often redirects to irrelevant websites
You get a lot of unsolicited ads and popups
Computer screen freezes repeatedly

Take the following steps to diagnose your PC for possible regedit.exe malware attack:

Step 1: Simultaneously press CTRL+ALT+DEL keys to open Task Manager.

Step 2: If you notice the file located outside C:\Program Files, perform an an antivirus scan to get rid of the malware.

How to remove regedit.exe malware from system using Comodo Antivirus?

Step 1: Download the award-winning Free Comodo Antivirus.

Step 2: Select the “Do not detect new networks again” option when Comodo Internet Security internal firewall activates the network detection process.

Step 3: After network detection is over, click on the “Close” button for a scan window.

Step 4: Restart your PC.

Step 5: Wait for Comodo Internet Security to update the antivirus.

Step 6: Proceed with the quick scan that automatically begins after the update.

Step 7: If threats are found during the scanning, you will be notified through an alert screen.

Malware Entries

Safe Entries

First Seen: 22 October 2011 at 8:04 pm

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	5ef34c4b4e24ba89 6268a67fef415edb ef3cbc14	833b7bbb9f5531f4 6246415751cab95c	Virus.Win32. Sality.gen	No	1, 0, 0, 1	1, 0, 0, 1	Ukraine	N/A
2	N/A	Non-executable	8a9b8fbf9bee28cf 943e692fa6d3bb20 8aabf05d	34d654255824f7da 5aa4d228f90d9071	Unclassified Malware	No	N/A	N/A	181.66.169.99/32	N/A
3	Microsoft Corporation	Executable	6b3e38fe7625ec74 599db29835eb6b76 98d5ddf2	2a161e9407c4083f a64029c4347ea15a	Virus.Win32. Virut.Ce	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Egypt	N/A
4	Корпорация Майкрософт	Executable	51aaf50259a9d1a1 37b75863216b95a8 76c17f42	f43b29661aeedfac cc8353885833cdbf	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Ukraine	N/A
5	N/A	Executable	8eeaba9e00ea3528 a0402e5c2e886e92 278b981f	26c901f0a113025e 30afa226f2d13e09	TrojWare.Win 32.Trojan.NS PM.~gen	No	N/A	N/A	Russian Federation	N/A
6	Microsoft Corporation	Executable	31eb0344cef097be 9a8c7bb4ed5c3da8 9b055554	cb15ecc7cc62fe4e 4acef31ba0fdbc1d	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Nigeria	N/A
7	N/A	Executable	b097398dcb72e933 a1a935c39ec22caa 6b9e87a3	d7015cb6e9bfaeaf c879cd0d8b24f532	Backdoor.Win 32.Poison.as	No	N/A	N/A	Poland	N/A
8	Microsoft Corporation	Executable	f8e4571dfe097521 934381f5ed68f3e1 f4e3a301	a53e95a4f0982856 d42772ee10131f1a	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Russian Federation	N/A
9	Microsoft Corporation	Executable	da1914627c3ec5ea 2c4bc17fb33362e5 424e1299	468c98fc1f1de17a 189d87049b2397a8	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Palestinian Territory, Occupied	N/A
10	N/A	Executable	343a1ce6f37cfd30 2b1d33415dba284a b3ff3138	85bdc76ca047cfcd 10eaca4c3e43ba85	TrojWare.Win 32.Banbra.rh	No	N/A	N/A	Portugal	N/A
11	N/A	Executable	7becdf3d095ddb9f 9ab78a657e63f3aa 0cb704d3	49a35d8c60cdf9b2 e744465dc469a010	Virus.Win32. Sality.gen	No	1, 0, 0, 1	1, 0, 0, 1	Ukraine	N/A
12	Корпорация Майкрософт	Executable	a15af647f58435d0 29e4c645a12893b8 4cace749	e2f5f13393c5e408 d0aed1be0d95c516	MalCrypt.Ind us!	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Russian Federation	N/A
13	Microsoft Corporation	Executable	b78cd0b7aa288938 49b4cfb280f192ef efb6d6c2	6a714b4f3cff104b c3b35efdaf352f6b	Win32.Jeefo. A	No	6.3.9600.1 6384 (winblue_r tm.130821- 1623)	6.3.9600.1 6384	Poland	N/A
14	N/A	Executable	54b8e9eca81b391b d41cb702cedbad7c ff8269d3	2788f338af7c5d0d 4127c0e34b025166	TrojWare.Win 32.Bancteian .AC	No	1.0.0.0	1.0.0.0	105.172.120.249/32	N/A
15	Microsoft Corporation	Executable	815e0ff15cf62f5a 45cf526e64b24864 cf1e480d	8e87316a503190c7 4207494d71e62de6	P2PWorm.Win3 2.Polip.A	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Serbia	N/A
16	Microsoft Corporation	Executable	46478f2fa7242b93 573c496adf1d0c54 5e612a17	4018899821886d01 38011efe6b839d17	Virus.Win32. Alman.A	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Turkey	N/A
17	Microsoft Corporation	Executable	5759ef642b5a9359 439387c81e903e8b 0683e739	83510ff663768320 cc9922f20ad9973f	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	156.217.202.194/32	N/A
18	N/A	Executable	4041ea45a496d444 0aa238eef8a2b4f4 f27f751f	d35aa4854ab7a0a3 e368d0aacb0e7a40	Backdoor.Win 32.Poison.as	No	N/A	N/A	Hungary	N/A
19	Microsoft Corporation	Executable	a0c5b0a70e8d428d a7dbcf8ff889f15d c2d4e4f3	fb36141be01e2976 6d0be92f52aeaf87	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Brazil	N/A
20	N/A	Executable	d968ad0cfce894af 04b21fe4338a1a61 d4139060	666d392db19219ea 9f11fa5c12de29c8	Win32.Neshta .A	No	N/A	N/A	Turkey	N/A
21	N/A	Executable	97a47c62a3afcd47 765c34edecefe779 42628dec	db78b7696ac3ebbf a69601c995a09c73	Virus.Win32. Ramnit.K	No	N/A	N/A	105.105.128.220/32	N/A
22	Microsoft Corporation	Executable	95143e50dc9780b3 7a1825ea73ece063 25025b90	74b77cd3d76f94f4 439b31a5e94560cd	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Indonesia	N/A
23	Microsoft Corporation	Executable	88f6116191e1047a f48cd2209bbbb441 1ca42a91	cb5fc0e5c3641108 e6e28e13bd07d1e6	Virus.Win32. Virut.CE	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	United Kingdom	N/A
24	Microsoft Corporation	Executable	cc7068474bd96ba8 da031c4e053a3be2 8b36f389	056d548679fd7016 9fd3dd2f253f07d1	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Sudan	N/A
25	Microsoft Corporation	Executable	2174330d25517c90 144b5d26a53b7a2f 6b2a63ee	3f5be3dd4e999970 6e8a9a9f6f94aa1a	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Palestinian Territory, Occupied	N/A
26	Корпорация Майкрософт	Executable	7286dfccfe7f555f fe16a511df48aea2 218496e7	3554caf03a6b4a39 a7b9de8c8358fc05	Virus.Win32. Sality.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Ukraine	N/A
27	Microsoft Corporation	Executable	00e41d336e259b64 696204eac31620de 31a7dc37	a8108767f9cefdf5 9ef18a0288024fc7	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Indonesia	N/A
28	Microsoft Corporation	Executable	96a9bb1d1715caa7 e7a67ed4d33bde3a b905dc87	c78cfd3f1660f90d 0662d659be4a7313	Virus.Win32. Virut.Ce	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Latvia	N/A
29	N/A	Executable	fd7f4de77e2cbd3f 74062c1d9233b451 6744399a	ec682ca96141284c d0c14d89bf5a0876	TrojWare.Win 32.Trojan.NS PM.~gen	No	N/A	N/A	Ukraine	N/A
30	Microsoft Corporation	Executable	dd9e86ffc999bee7 efc1c4a053c933a0 42139aba	94a4a2d194820a2f 8388a00221b108df	Virus.Win32. Parite.gen	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	China	N/A
31	Microsoft Corporation	Executable	1ab2c49e12e47f57 9ae3cfc85eadff52 b1b25d49	f59c955f1b14a104 d170ba13b4059b93	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United Kingdom	N/A
32	Корпорация Майкрософт	Executable	424adef35fb37fd0 ba7bed4fb24ca62c 76450b1d	662fff189543bffd 786bfd4ec91ffec8	Virus.Win32. Sality.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Russian Federation	N/A
33	Microsoft Corporation	Executable	3116eaadf0b44b70 222f38902dbfa352 445610d9	91e6a27f625fb772 a326d3a14014448b	Virus.Win32. Parite.gen	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Turkey	N/A
34	N/A	Executable	1817066207737b8e 9bcf1112173e1d36 6d5fd3a4	98b57fb76adf32e5 6658e4b49354edbb	Backdoor.Win 32.Poison.as	No	N/A	N/A	Italy	N/A
35	Корпорация Майкрософт	Executable	b93240b303a777a6 693243071a8cd05a b6885005	728a6ba779b6ceef 82dc611565637379	Virus.Win32. Virut.CE	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Russian Federation	N/A
36	N/A	Executable	36ff64d04177d2a3 87e19bf476437f73 080ea0bf	2df8dc93613662b3 a58c3302407bad5d	Virus.Win32. Sality.gen	No	1, 0, 0, 1	1, 0, 0, 1	Russian Federation	N/A
37	Microsoft Corporation	Executable	655b3893e4a9efe9 aa71b4b7122189a6 554e52b6	f93af6bd6371ccf3 90d38208bbd6597d	Virus.Win32. Parite.gen	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United Arab Emirates	N/A
38	Microsoft Corporation	Executable	0093c813a66685a2 c92a2e317741d821 eba63d2c	8566feaa03b629fc 27665d744523053c	Virus.Win32. Sality.Q	No	5.1.2600.1 106 (xpsp1.020 828-1920)	5.1.2600.1 106	Poland	N/A
39	N/A	Executable	2e90e62277f6701f 688d19808dfbee2c e840836e	088c33934bcbd656 74b7d5aeca2fb5d8	TrojWare.Win 32.Agent2.ui 22	No	N/A	N/A	Venezuela	N/A
40	Microsoft Corporation	Executable	5a45d30e0fed5202 77974d7e063cb07f 784d1ce8	502ef23a70498eec a79b9a4ed007210e	Virus.Win32. Virut.Ce	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	Australia	N/A
41	Microsoft Corporation	Executable	f9b9113199553066 403a4a074feb5786 19008c7a	e2f905229f31d981 2e602df89cb6fd46	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	156.205.143.115/32	N/A
42	Microsoft Corporation	Executable	40beb34e1e3ff7ac 662f137193d5ed47 17f67a08	f919c481969a7716 00f38705950c9d3c	Virus.Win32. Virut.Ce	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United States	N/A
43	Microsoft Corporation	Executable	ce47b5d04418ce45 acf7330419ea91cd cf274d25	6b289cd1d4bcde91 671e90e75a027a2d	Virus.Win32. Virut.CE	No	6.1.7600.1 6385 (win7_rtm. 090713-125 5)	6.1.7600.1 6385	154.178.42.223/32	N/A

Prev 1 2 3...11 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 26 June 2008 at 5:04 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	Microsoft Corporation	Executable	c166a63006fc3d45 9ff5cb59a2de1713 6086489e	acb6949bff49baed d305aa14a17a1223	No	5.2.3790.3 959 (srv03_sp2 _rtm.07021 6-1710)	5.2.3790.3 959	Internal Submission
2	NewSoft Technology Corporation	Executable	e9626fce6436060f 7f0e2e698e4d4157 7bde442f	05b4e0474f1b072b 67dd80c8a876af65	Yes	1.0.0	1, 0, 0, 0	104.238.128.144/32
3	Microsoft Corporation	Executable	4d1756e625a7bc75 5a7ccb9891795720 a33c8b2f	a04c6f93701f90fc 6f41e21859b4a2e3	No	5.1.2600.1 106 (xpsp1.020 828-1920)	5.1.2600.1 106	Internal Submission
4	N/A	Non-executable	a784dc225495182e 441cce5377e64d72 2542e621	f700825ac36901a0 cdf4d48deeca2ee6	No	N/A	N/A	United States
5	Microsoft Corporation	Executable	95a9c5aee9b5211b 93520b3cd965f2d2 0274dd9e	08d8384279eb3e25 242b270860193e1c	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	104.238.128.144/32
6	Microsoft Corporation	Executable	9414414d8aa0c0f9 77dd6be99c06e0bd 758367be	61cfbf8232291c9f 1e3cf4d0189aca02	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	United States
7	Microsoft Corporation	Executable	568754f54af2925e dfb4a4484056ab53 47749d73	a52fd41a89899de0 ee1d428e411a26a4	No	5.2.3790.0	5.2	United States
8	Microsoft Corporation	Executable	44e82de5b89b69c7 fc6bd6f6eb100261 9ec289e5	cfa23656a8aa2f60 77ea4547f2173c39	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Vietnam
9	N/A	Executable	7b429a4715eabc84 cd82b32e344ad92f 01ecabf1	dfc6fa59bb85ad9d ed6841094383e8bd	No	N/A	N/A	Internal Submission
10	N/A	Executable	9f221fdbbb9660df 29642da19a2fceb6 dac40715	19e1825dbc3a157c 2830ff9e3792c9bd	No	N/A	N/A	United States
11	Microsoft Corporation	Executable	95a9c5aee9b5211b 93520b3cd965f2d2 0274dd9e	08d8384279eb3e25 242b270860193e1c	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	United States
12	Microsoft Corporation	Executable	8829b5a655b9d480 d0d4a8ab4faf219c 89368ac1	783afc80383c176b 22dbf8333343992d	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Internal Submission
13	Microsoft Corporation	Executable	d00f62824867513c ba6ae0555a67ac82 8d4d16ee	9dc324558e94c428 4a61439a37872b81	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Mongolia
14	Microsoft Corporation	Executable	d22b365a5153498b 2aec4dc5701a7070 6593d09d	c99acff4e913fa4c d477c5e62835511b	No	5.00.2134. 1	5.00.2134. 1	United States
15	ReactOS Development Team	Executable	0c474086623463ec b6372ba3b2960f04 5fb836cf	06beb14022010ab6 4427882db97a5133	No	0.4.9	0.4.9	10.108.51.116/32
16	IT Dev Team	Executable	a8ef4d1f81b45ddc b88f30caa653871f 03bfa558	aba059c00b202b3b 97258d6899f8e57e	No	1.0.0.0	1.0.0.0	Nigeria
17	Microsoft Corporation	Executable	e9f9fff398040cb8 e7427f29a49a7931 645a67aa	0ee48cc819e58d26 6827f8605af17abd	No	10.0.19041 .1 (WinBuild. 160101.080 0)	10.0.19041 .1	104.238.128.144/32
18	Microsoft Corporation	Executable	2952365fd4f38aae b39feb99fc63889f 867b9b7f	d62f105d8fe04fa8 54d0fc50a15cf485	No	5.1.2600.5 512 (xpsp.0804 13-2111)	5.1.2600.5 512	Canada
19	Microsoft Corporation	Executable	51ec265ee0e8c824 9a9d765da3c73b6a b9bef2ac	2f040a684e717f34 a653ead091303b29	No	5.1.2600.2 180 (xpsp_sp2_ rtm.040803 -2158)	5.1.2600.2 180	Internal Submission

Prev 1 2 3...5 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “regedit.exe”