What is regsvr.exe, How to remove regsvr.exe

regsvr.exe is a harmful program.

It is a component of malware or spyware, you should immediately remove it using an antivirus and antispyware program.
If that does not help, then ask us for help in the Spyware removal forum.

Name: regsvr
Filename: regsvr.exe
Registry key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | Msn Messsenger

Command: C:\Windows\System32
Startup Type: HKCU->Run
HijackThis Category: O4
HijackThis Line:

O4 – HKCU\..\Run: [Msn Messsenger] C:\Windows\System32\regsvr.exe

DDS Line:

uRun: [Msn Messsenger] C:\Windows\System32regsvr.exe

Combofix/RSIT Line:

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
“Msn Messsenger”=C:\Windows\System32regsvr.exe

Description: trojan also known as W32.Imaut [Symantec], Worm.Win32.AutoIt.x, not-a-virus:Monitor.Win32.Ardamax.ae [Kaspersky Lab], W32/Autorun.worm.bm [McAfee], Mal/Generic-A [Sophos], VirTool:Win32/ModTool.A [Microsoft]

How to remove: use HijackThis + Kaspersky virus removal tool

This entry was posted on Friday, December 4th, 2009 at 12:57 am and is filed under O4, Run, Trojan. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

HT Logs. Tips, FAQs, Analyze.

Categories

Archives

What is regsvr.exe, How to remove regsvr.exe

regsvr.exe is a harmful program.

Leave a Reply