How to Remove the resgen.exe virus from PC

What is resgen.exe?

Originally developed by Microsoft Corporation, resgen.exe is a legitimate file process that is associated with Microsoft .NET Framework. It is an important component of Microsoft .NET Framework and is located in C:\Windows\System32 by default.
resgen.exe virus is created when malware authors write virus files and name them after resgen.exe with an aim to spread virus on the internet.

Affected Platform: Windows OS

How to check if your computer is infected with resgen.exe malware?

If your system is affected by resgen.exe malware, you will notice one or the several below symptoms:

resgen.exe occupies an unusually large CPU memory
Erratic internet connection
Your browser is bombarded with annoying popup ads
Computer screen freezes
PC's processing speed suffers
You are redirected to unknown websites

To pinpoint the virus file location, take the following steps:

Step 1: Press CTRL+ALT+DEL keys at once to open Task Manager.

Step 2: If you notice the file located outside C:\Windows\System32, you should run an antivirus scan to get rid of the malware.

How to remove resgen.exe malware from system using Comodo Cleaning Essentials?

You can either choose to remove resgen.exe and other malwares using Comodo Antivirus, or Comodo Cleaning Essentials (CCE) – both of which are absolutely free to download! CCE is a set of computer security tools designed to help you identify and remove malwares and unsafe processes from an infected computer.

To remove malwares using CCE, take the following steps:

1. Check the system requirements and download the feature-rich CCE suite for free.

2. After installation, choose the type of scan you want to perform. CCE offers 3 scan options to get rid of malwares from a PC:

Smart Scan: Does a scan on critical areas of your system.
Full Scan: Does a complete scan of your system.
Custom Scan: Does a scan only on selected items.

The process to initiate the above mentioned scans are self-explanatory and thus, easy-to-use.
Additionally, it's recommended that you approve of any updates that the CCE will prompt you about to ensure it does a better job of identifying all the latest threats.

3. Click 'Next' to view the results.
Regardless of the type of scan you choose, the results will sometimes show false positive (flagging files that are actually safe), which has to be ignored. Only select the files you want to get rid of.

4. Click 'Apply' to apply the selected operations to the threats. The selected operations will be applied.

Malware Entries

Safe Entries

First Seen: 17 September 2019 at 3:39 am

No.	Company	File Type	SHA1	MD5	Malware Name	Digitally Signed	File Version	Product Version	Submitted From	Malware Behavior
1	N/A	Executable	0da579b735192f84 1e6713290692a185 739051b0	f8a5e516427f65ec f0c4cb4df86961a5	Win32.Neshta .A	No	N/A	N/A	Maldives	N/A

Prev 1 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Safe Entries

First Seen: 12 December 2010 at 7:23 pm

No.	Company	File Type	SHA1	MD5	Digitally Signed	File Version	Product Version	Submitted From
1	MONO development team	Executable	273f320ccef79552 84faf37465315dcc 91abc44a	f5109e5c596faf5c f2140834f3fcc5cf	No	4.6.57.0	4.6.57.0	United States
2	MONO development team	Executable	23b43cad0772c2ab de41f4a00e706df4 baa33bee	c747f76ccdb12244 76d07fe611b67dda	No	4.6.57.0	4.6.57.0	United States
3	N/A	Executable	b211aed245679d1c 3c46aa28f5c77d7a bf1d79b9	f4c567dc85e672f3 48862f972cbe6b42	No	N/A	N/A	10.224.27.193/32
4	MONO development team	Executable	0d44fe0cdea33e88 c4d4cd59bdaeb555 23f3e4e9	63f1193b5786ce18 d4da25b9180c80e7	No	2.0.50727. 1433	2.0.50727. 1433	10.224.25.45/32
5	Microsoft Corporation	Executable	91670367087fa5ba f2f89f705f08a8b0 ecb42fe9	e6106f5305f61f69 f63d15286f0ee129	Yes	4.0.30319. 1 (RTMRel.03 0319-0100)	4.0.30319. 1	10.224.1.59/32
6	MONO development team	Executable	277745cc807851de a3fe5dfae9b948ba 53e72fef	f35c76a8a8f250b6 1e7d84e1b9421c9d	No	4.6.57.0	4.6.57.0	United States
7	MONO development team	Executable	1065d61a847623c3 2704a1f2126cdb58 4b62a24f	2d355711541ab402 f4ddc4bb3d74f011	No	2.0.50727. 1433	2.0.50727. 1433	10.224.1.54/32
8	MONO development team	Executable	20f7a1543d41c268 5684b1f0c0e8300c 19f415c3	ef850923d535c5a5 91d7b9e5d3b2da71	No	4.6.57.0	4.6.57.0	10.224.25.61/32
9	Microsoft Corporation	Executable	956da79a705f715f e64eaecc1b90244f f66b0844	a8e4d0c6dbfe4b2a c47897b041281cfb	Yes	4.8.3928.0 built by: NET48REL1	4.8.3928.0	10.224.25.207/32
10	MONO development team	Executable	29c40f5c491cd31f 45a3771c0a58057a 8e549a9d	971981611a05f5fe 9016ff640906acd0	No	4.6.57.0	4.6.57.0	United States
11	MONO development team	Executable	7743687f688791b0 1c326d6dc056f04c f5e97f13	12c53188a15324c1 8abeddac9015020a	No	4.6.57.0	4.6.57.0	10.224.25.107/32
12	MONO development team	Executable	b142673f0f37086a cbd99c965b0ef454 99f3d494	24d71d2176faa1fb 8ce348ae8e35d9c7	No	1.0.5000.0	1.1.4322.2 032	10.224.27.193/32
13	N/A	Executable	6912c7d36f6ca371 1a0c6897fa82d46f 7e2ea7f0	5cd93e0949281510 6e3ba5d939dc249f	No	N/A	N/A	10.224.27.193/32
14	MONO development team	Executable	27b91ee74ff4baeb 55f3750c69cafc19 4b480784	edd2ba84d46a76d9 1b204760f1fe3052	No	4.6.57.0	4.6.57.0	United States
15	Microsoft Corporation	Executable	7ae934e22f7a2d63 5b581b4b88f861fe 72f6e8b1	18b3a5a1adb000da 6e86eddcde657ad5	Yes	3.5.30729. 4507 (QFE.03072 9-4500)	3.5.30729. 4507	10.224.25.207/32
16	MONO development team	Executable	8ed9d9efa7d1d451 a0dcae59c28aabd1 0173afe8	d1fde77ab7464a5e 302ba50fdca57750	No	4.6.57.0	4.6.57.0	Turkey
17	N/A	Executable	e67d7d9cc2ecad73 9c30237e8a57f84b 908820da	08af38c46c00fe3b 30485ce95a3b68e2	No	N/A	N/A	10.224.27.193/32
18	N/A	Executable	ada5c3174f4ab00c c3f00c4ae7f66507 baa50f5b	2323b2b39c328bb5 5aa950d6c0e98612	No	2.0.0.0	N/A	10.224.1.59/32
19	MONO development team	Executable	0d44fe0cdea33e88 c4d4cd59bdaeb555 23f3e4e9	63f1193b5786ce18 d4da25b9180c80e7	No	2.0.50727. 1433	2.0.50727. 1433	10.100.19.19/32
20	NULL	Executable	f20db4e465748494 f60558894f12b5d5 120a4c25	9e7eb36ac8fa2bf7 2fcafdda0d63ebab	No	4.0.0.0	NULL	10.224.27.193/32
21	NULL	Executable	1c288ef2f9bbb7ab cb104239c2834c0e adfb48ff	03f373cf7a12eafc 6e56b5ef7c6da8ab	No	4.0.0.0	NULL	10.224.27.193/32
22	N/A	Executable	8d64c63dd97fa19d fcb115964592b6dc dca38c1e	0d97f5aceb42e6d5 c76a8b70295293c1	No	N/A	N/A	10.224.27.193/32
23	N/A	Executable	7bda6c057f2781d7 c09578ee518e88a6 8dba797c	7e8561af4815bc71 c6415b236cb58485	No	2.0.0.0	N/A	10.224.1.54/32
24	MONO development team	Executable	5007d46ebcc49fbc 06759abb7c91e41c 9b19ea44	b0865ccc57142488 c0f89b7099ea9133	No	4.6.57.0	4.6.57.0	United States
25	MONO development team	Executable	049901e2ca250621 25dd2e1177caeca0 a6f3e365	45687eb8c8a00053 ef5d126bda0de07e	No	2.0.50727. 1433	2.0.50727. 1433	United States
26	MONO development team	Executable	9d06bc72abdbe013 c98c6b18a2c79773 ea6af46b	f6067dfcf7a24469 b696707aa4b1d519	No	2.0.50727. 1433	2.0.50727. 1433	United Kingdom
27	MONO development team	Executable	ec645210b61e8104 0c12db9bd4889691 f872599e	ee6ac9307dc746af 1fb00cb95d059c00	No	1.0.5000.0	1.1.4322.2 032	10.224.27.193/32
28	NULL	Executable	26b03a76de7d6e2d 0c345a778b1cd3c8 8e7a74f1	706053632aa865a8 c40905259a474a1c	No	2.0.0.0	NULL	10.224.27.193/32
29	Microsoft Corporation	Executable	7ae934e22f7a2d63 5b581b4b88f861fe 72f6e8b1	18b3a5a1adb000da 6e86eddcde657ad5	Yes	3.5.30729. 4507 (QFE.03072 9-4500)	3.5.30729. 4507	104.238.128.144/32
30	Microsoft Corporation	Executable	73113f918df730f5 572bad637407b4b5 aca1b49f	cf348a3aa849ec72 bbf0186d2dc70e9f	Yes	3.5.30729. 4507 (QFE.03072 9-4500)	3.5.30729. 4507	United States
31	N/A	Executable	f75575287775275e ab5a6d0731c9e28b aeabbdcd	86e9bff52d54b81d 5033ecebf603bc46	No	4.0.0.0	N/A	10.224.1.54/32
32	N/A	Executable	bdce7d4950fc3271 6793c47c8d29c329 fd0158b8	7606cc76d698252b cbb738ec68eda167	No	4.0.0.0	N/A	10.224.1.59/32
33	Microsoft Corporation	Executable	73113f918df730f5 572bad637407b4b5 aca1b49f	cf348a3aa849ec72 bbf0186d2dc70e9f	Yes	3.5.30729. 4507 (QFE.03072 9-4500)	3.5.30729. 4507	10.224.1.59/32
34	Microsoft Corporation	Executable	aebd4d5dd8eeed1a 1cd6fd20bbbdd7b4 7b60a838	c142b08e81c628df 3972507da56279fb	Yes	4.6.1590.0 built by: NETFXREL2	4.6.1590.0	10.224.25.207/32
35	Microsoft Corporation	Executable	e72fbce820c91259 c5655f80beb5a932 73858e54	c81b13080b366bf8 68db9c6ffdf7c8cb	Yes	4.8.9032.0 built by: NET481REL1	4.8.9032.0	United States
36	MONO development team	Executable	866ef7b4900b3e43 50f6e56947457e65 50784f33	22e4720728d5dfb8 2d6e12f963605882	No	4.6.57.0	4.6.57.0	United States
37	NULL	Executable	c220dfa44658cea7 4f25f793d5655ed0 3b82dd98	23a70e37818760db 3ac1fa4d0e7b3a46	No	2.0.0.0	NULL	10.224.27.193/32
38	N/A	Executable	9a3a62b3267f8624 fb647313845d46d5 ff328c2f	2ba298a36210a2ef 45975de654a55d1d	No	N/A	N/A	10.224.27.193/32
39	N/A	Executable	9dd4be9021ca350b a1f231d6354ee588 318d39f6	f3884ef238dd6a7a a1c84d5c82310c02	No	N/A	N/A	10.224.27.193/32
40	Microsoft Corporation	Executable	10165bc61ab90803 2b6ee6a1eb7f131b 8a25d204	7295bdb582edc09d ed14b9cea8532232	Yes	4.0.30319. 33440 built by: FX45W81RTM REL	4.0.30319. 33440	10.224.25.96/32
41	N/A	Executable	78e02c5650ac0a06 3e9f96bb801784c6 8171b348	dd630a4e756c27b9 62c8d019dbaabef9	No	N/A	N/A	10.224.27.193/32
42	Microsoft Corporation	Executable	9640623aabcc847b 215a4ce54c3915fa 84d6c3c8	e5a844bf95b36245 01e5a58b692d9fd5	Yes	3.5.30729. 4507 (QFE.03072 9-4500)	3.5.30729. 4507	Internal Submission
43	MONO development team	Executable	fca2b65d27e18cdf ed85fc7b77f85387 00659d8f	2d7255e47f80ccbf 6816d8f9beb11d6a	No	4.6.57.0	4.6.57.0	United States

Prev 1 2 3...11 Next

Display 4 items per page

4 items per page
8 items per page
16 items per page
32 items per page

Malware Search Engine

How to Remove “resgen.exe”

What is resgen.exe?

How to check if your computer is infected with resgen.exe malware?