What is regsvc.exe? Is regsvc.exe spyware or a virus?

How to fix regsvc.exe related problems?
1. Run Security Task Manager to check your regsvc process
2. Run Windows Repair Tool to repair regsvc.exe related Windows Errors
3. Run MalwareBytes to remove persistent malware

Process name: Remote Registry Service

Product: Windows

Company: Microsoft

File: regsvc.exe

Security Rating:

The Remote Registry Service allows remote registry manipulation, and is used by certain utilities. You should disable it unless you need it for your network. This file is not essential for Windows XP. If the file exists in Windows XP, you have to check if this file is from Microsoft. This service doesn't exists in Windows Vista or Windows 7! In this case "regsvc.exe" could be a virus or trojan. http://www.neuber.com/taskmanager/process/regsvc.exe.html 

Note: The regsvc.exe file is located in the folder C:\Windows\System32. In other cases, regsvc.exe is a virus, spyware, trojan or worm! Check this with Security Task Manager.

Virus with same file name:
W32/Leave.B (regsv.exe) - Symantec Corporation

Click to Run a Free Scan for regsvc.exe related errors

Users Opinions

Average user rating of regsvc.exe: based on 45 votes. Read also the 29 reviews.

325 users ask for this file. 16 users rated it as not dangerous. 2 users rated it as not so dangerous. 4 users rated it as neutral. 5 users rated it as little bit dangerous. 18 users rated it as dangerous. 2 users didn't rate it ("don't know").

All comments about regsvc.exe:
Windows Remote Registry Service   Alex
A service that allows access to the Windows registry from remote computers.   Carola T
CHECK: Should be in the c:\windows\System32 folder   rob
It seems to disable internet access, no fix yet in our McAfee   Mark W. Eversole
It can be used as part of a program being used to take accounts from people using Yahoo Messenger 6.0.   Leslie
its' attacked entry for PC   evan
Discovered this file was placed in a directory other tank system32. This particular version of the file is used to exploit Yahoo IM id's and passwords.   Mike
regsvc.exe is a remote regestry service app..if there is no c then kindly have a attention at that file  
it is being used to extract Yahoo id's and passwords used on the infected computer   Ashok
Corporate user, regsvc.exe is necessary for your IT department to maintain your PC. Your IT people should protect against ‘outside’ use. Home user, it can be EXTREAMLY harmful. Some apps and services may require it for proper operation. It gives access to your PC allowing all sorts of damage, AND allows access to any personal information. If you must allow remote access, I recommend not using ANY personal information on the PC, EVER. Unless you are VERY knowledgeable about your PC, you can leave ‘hidden’ info an identity thief can obtain just from you using an On-Line buying service.   James Ruboyianes
Windows Remote Registry Service   Kyaa
If it is in c:\windows\system32 then it is OK, but if you have it in c:\windows\system then this is TROJAN, and you must disable this in regedit by clearing coresponding lines (usually 2 keys) and after restart it can be deleted! (that is for Windows XP)   DISORDER
W2K. Starter utility sees this file in c:\winnt\system\regsvc.exe. Should not be there. Runs in hidden mode.   dtorres
if the file is located in the system32 directory: LEAVE IT THERE. it is neccesary for the stable running of your pc. if it's located anywhere else: make a backup, then quarantine it.   Knows more than the rest of you
When i try to delete it it says its being used, but when i try to end the proccess it says access denied, just tell me how to get rid of it!!!   bob heinbokel
trojan when in \system instead of \system32   Walter
Windows Remote Registry Service   Volú
It Prevents acess to my LAN!   Barrington
it seems a virus   Sharan Patil
it exists in both system , system 32 files / gives a access violation warning message while using yahoo messenger   raj
Look, removed unused services that are hacker targets. This is required only if you must (with Admin permissions) modify registries remotely, use NetDaig, or use Dcdiag. Most admins use RDP or some other remote access tool when manipulating registries on other machines. As always, disable and test for side-effects from some unexpected (possibly custom) user.   MM
The Remote Registry Service is utilized by a number of different native Windows utilities. Disabling it on a server would renender the server pretty much useless when it came to remote management. As for the desktop, while you could safely disable it, you would definitely want to test it, especially in an enterprise environment.   Mark Kroehler
Just disable it. See what happens. If nothing happens delete it.   Dennis Colbath
Its a useful service for managing more machines. PSTools needs this service.  See also: Link   Marc
Remote Registry Service. Not needed for home use. Better to disable it from services menu.   SupMA5TER
Not needed for normal use, helps to enter in your PC   ivanzb
Not a Standard Windows Service. The Remote-Registry Service of Windows is activated by the exe "C:\Windows\system32\svchost.exe -k LocalService"   Jhon_Snow
I have a system with XP/SP3 on. I started to receive many Generic Host Process for Win32 Services error messages, and memory errors as well. A malware remover destroyed both c:\windows\repsvc.exe and c:\windows\nigzss.txt.   Carlo
it disables task manager, command prompt, and other registry editors, and it does not allow to open explorer like example my computer, internet explorer and so on. It also creates more than 30 user accounts every time and not allowing access to control panel..   Hatwin Libins

If you know more about regsvc.exe, share your knowledge and help other users.

Security Rating:
Your opinion
about this file:
Web page with more details:
Your first name:

More process information

Is regsvc.exe spyware or a virus, trojans, adware or worm? Is there a known regsvc.exe error?

Other Processes

[regsvc.exe in German] [all processes]