What is regsvc.exe? Is regsvc.exe spyware or a virus?
How to fix regsvc.exe related problems?
1. Run Security Task Manager to check your regsvc process
2. Run Windows Repair Tool to repair regsvc.exe related Windows Errors
3. Run MalwareBytes to remove persistent malware
Process name: Remote Registry Service
The Remote Registry Service allows remote registry manipulation, and is used by certain utilities. You should disable it unless you need it for your network. This file is not essential for Windows XP. If the file exists in Windows XP, you have to check if this file is from Microsoft. This service doesn't exists in Windows Vista or Windows 7! In this case "regsvc.exe" could be a virus or trojan.
Note: The regsvc.exe file is located in the folder C:\Windows\System32. In other cases, regsvc.exe is a virus, spyware, trojan or worm! Check this with Security Task Manager.
Virus with same file name:
W32/Leave.B (regsv.exe) - Symantec Corporation
Average user rating of regsvc.exe: based on 45 votes. Read also the 29 reviews.
325 users ask for this file. 16 users rated it as not dangerous. 2 users rated it as not so dangerous. 4 users rated it as neutral. 5 users rated it as little bit dangerous. 18 users rated it as dangerous. 2 users didn't rate it ("don't know").
|All comments about regsvc.exe:|
|Windows Remote Registry Service Alex|
|A service that allows access to the Windows registry from remote computers. Carola T|
|CHECK: Should be in the c:\windows\System32 folder rob|
|It seems to disable internet access, no fix yet in our McAfee Mark W. Eversole|
|It can be used as part of a program being used to take accounts from people using Yahoo Messenger 6.0. Leslie|
|its' attacked entry for PC evan|
|Discovered this file was placed in a directory other tank system32. This particular version of the file is used to exploit Yahoo IM id's and passwords. Mike|
|regsvc.exe is a remote regestry service app..if there is no c then kindly have a attention at that file|
|it is being used to extract Yahoo id's and passwords used on the infected computer Ashok|
|Corporate user, regsvc.exe is necessary for your IT department to maintain your PC. Your IT people should protect against ‘outside’ use. Home user, it can be EXTREAMLY harmful. Some apps and services may require it for proper operation. It gives access to your PC allowing all sorts of damage, AND allows access to any personal information. If you must allow remote access, I recommend not using ANY personal information on the PC, EVER. Unless you are VERY knowledgeable about your PC, you can leave ‘hidden’ info an identity thief can obtain just from you using an On-Line buying service. James Ruboyianes|
|Windows Remote Registry Service Kyaa|
|If it is in c:\windows\system32 then it is OK, but if you have it in c:\windows\system then this is TROJAN, and you must disable this in regedit by clearing coresponding lines (usually 2 keys) and after restart it can be deleted! (that is for Windows XP) DISORDER|
|W2K. Starter utility sees this file in c:\winnt\system\regsvc.exe. Should not be there. Runs in hidden mode. dtorres|
|if the file is located in the system32 directory: LEAVE IT THERE. it is neccesary for the stable running of your pc. if it's located anywhere else: make a backup, then quarantine it. Knows more than the rest of you|
|When i try to delete it it says its being used, but when i try to end the proccess it says access denied, just tell me how to get rid of it!!! bob heinbokel|
|trojan when in \system instead of \system32 Walter|
|Windows Remote Registry Service Volú|
|It Prevents acess to my LAN! Barrington|
|it seems a virus Sharan Patil|
|it exists in both system , system 32 files / gives a access violation warning message while using yahoo messenger raj|
|Look, removed unused services that are hacker targets. This is required only if you must (with Admin permissions) modify registries remotely, use NetDaig, or use Dcdiag. Most admins use RDP or some other remote access tool when manipulating registries on other machines. As always, disable and test for side-effects from some unexpected (possibly custom) user. MM|
|The Remote Registry Service is utilized by a number of different native Windows utilities. Disabling it on a server would renender the server pretty much useless when it came to remote management. As for the desktop, while you could safely disable it, you would definitely want to test it, especially in an enterprise environment. Mark Kroehler|
|Just disable it. See what happens. If nothing happens delete it. Dennis Colbath|
|Its a useful service for managing more machines. PSTools needs this service. See also: Link Marc|
|Remote Registry Service. Not needed for home use. Better to disable it from services menu. SupMA5TER|
|Not needed for normal use, helps to enter in your PC ivanzb|
|Not a Standard Windows Service. The Remote-Registry Service of Windows is activated by the exe "C:\Windows\system32\svchost.exe -k LocalService" Jhon_Snow|
|I have a system with XP/SP3 on. I started to receive many Generic Host Process for Win32 Services error messages, and memory errors as well. A malware remover destroyed both c:\windows\repsvc.exe and c:\windows\nigzss.txt. Carlo|
|it disables task manager, command prompt, and other registry editors, and it does not allow to open explorer like example my computer, internet explorer and so on. It also creates more than 30 user accounts every time and not allowing access to control panel.. Hatwin Libins|
More process information
Is regsvc.exe spyware or a virus, trojans, adware or worm? Is there a known regsvc.exe error?
dllhost.exe hiberfil.sys kernel32.dll lsass.exe lsm.exe mdm.exe mobsync.exe mstask.exe pagefile.sys regsvc.exe slwinact.exe winmgmt.exe wmiprvse.exe wpcumi.exe wuauclt.exe
[regsvc.exe in German] [all processes]