How to remove RegistrySvc.exe

RegistrySvc.exe

The module RegistrySvc.exe has been detected as Ransom.Sabsik

RegistrySvc.exe
Remove RegistrySvc.exe

File Details

Product Name:

RegSvc
Company Name:

Microsoft® Windows® Operating System
MD5: 1153616807303f3aca307df3f0641a07
Size: 62 KB
First Published: 2022-03-24 23:29:41 (3 years ago)
Latest Published: 2022-03-24 23:29:41 (3 years ago)
Status: Ransom.Sabsik (on last analysis)
Analysis Date: 2022-03-24 23:29:41 (3 years ago)

Common Places:

%commonappdata%

Geography:

100.0%

OS Version:

Windows 10 100.0%

Analysis

Subsystem: Windows GUI
PE Type: pe
OS Bitness: 32
Image Base: 0x00400000
Entry Address: 0x0001400a

.NET Info:

MVID: 372affff-aafe-4002-a082-84c70e0b3398
Typelib ID: 1431f9a8-5019-47ed-8c4a-8704637f4f90

PE Sections:

Name Size of data MD5
q(|&S 28672 678e2cb8235aad898f28b2fb3378c00b
.text 31232 fc35e79dfad2156ed0e50395387d2334
.rsrc 2048 6bd3b9e41f8dcca9505700f283b82d0b
512 54b49375bd875a088fbbf630108a6d26
.reloc 512 a23f334f2c52d48429a139e7f856b320

More information:

Search on Virustotal
Download GridinSoft Anti-Malware - Removal tool for RegistrySvc.exe
copyright for information about RegistrySvc.exe