Should I block it?

No, this file is 100% safe to run.

VersionsAdditional versions

6.1.7600.16385 (win7_rtm.090713-1255) 1.96%
5.2.3790.3959 (srv03_sp2_rtm.070216-1710) 0.65%
5.1.2600.5512 (xpsp.080413-2111) 58.82%
5.1.2600.5512 (xpsp.080413-2111) 1.96%
5.1.2600.5512 (xpsp.080413-2111) 2.61%
5.1.2600.5512 (xpsp.080413-2111) 3.92%
5.1.2600.5512 (xpsp.080413-2111) 3.27%
5.1.2600.5512 (xpsp.080413-2111) 0.65%
5.1.2600.5512 (xpsp.080413-2111) 1.31%
5.1.2600.5512 (xpsp.080413-2111) 0.65%
5.1.2600.5512 (xpsp.080413-2111) 0.65%
5.1.2600.3311 (xpsp.080212-0005) 0.65%
5.1.2600.3300 (xpsp.080125-2028) 0.65%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 18.30%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 1.31%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.65%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.65%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.65%
5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) 0.65%

Relationships


PE structurePE file structure

Show functions
Import table
advapi32.dll
ReportEventA, RegisterEventSourceW, OpenThreadToken, SetThreadToken, OpenProcessToken, SetServiceStatus, RegisterServiceCtrlHandlerA, SetSecurityDescriptorDacl, InitializeSecurityDescriptor, GetLengthSid, RevertToSelf, StartTraceW, QueryTraceW, RegOpenKeyExW, TraceEvent, ReportEventW, GetUserNameW, RegCloseKey, DeregisterEventSource, RegSetValueExW, RegDeleteValueW, AddAccessAllowedAceEx, InitializeAcl, GetTokenInformation
api-ms-win-core-errorhandling-l1-1-0.dll
SetUnhandledExceptionFilter, UnhandledExceptionFilter, GetLastError
api-ms-win-core-handle-l1-1-0.dll
CloseHandle
api-ms-win-core-interlocked-l1-1-0.dll
InterlockedCompareExchange, InterlockedExchange
api-ms-win-core-libraryloader-l1-1-0.dll
LoadLibraryExA, GetProcAddress, FreeLibrary
api-ms-win-core-misc-l1-1-0.dll
Sleep
api-ms-win-core-processthreads-l1-1-0.dll
GetCurrentProcessId, GetCurrentThreadId, TerminateProcess, GetCurrentProcess
api-ms-win-core-profile-l1-1-0.dll
QueryPerformanceCounter
api-ms-win-core-synch-l1-1-0.dll
SetEvent, CreateEventA
api-ms-win-core-sysinfo-l1-1-0.dll
GetTickCount, GetSystemTimeAsFileTime
api-ms-win-core-threadpool-l1-1-0.dll
UnregisterWaitEx
api-ms-win-security-base-l1-1-0.dll
InitializeSecurityDescriptor, SetSecurityDescriptorDacl
api-ms-win-service-core-l1-1-0.dll
SetServiceStatus
api-ms-win-service-winsvc-l1-1-0.dll
RegisterServiceCtrlHandlerA
kernel32.dll
SetUnhandledExceptionFilter, TerminateProcess, UnhandledExceptionFilter, CreateEventA, GetLastError, DisableThreadLibraryCalls, QueryPerformanceCounter, GetTickCount, GetCurrentThreadId, GetCurrentProcessId, GetSystemTimeAsFileTime, GetSystemWindowsDirectoryW, CloseHandle, GetPrivateProfileIntW, lstrcatW, GetSystemDirectoryW, InterlockedCompareExchange, SetLastError, SetEvent, MapViewOfFile, CreateFileMappingW, CreateFileW, ExpandEnvironmentStringsW, lstrcpyW, CreateEventW, GetComputerNameW, ReleaseMutex, InterlockedDecrement, CreateMutexW, GetUserDefaultUILanguage, WaitForSingleObject, GetModuleFileNameW, UnmapViewOfFile, InterlockedIncrement, lstrlenW, GetSystemTime, ResetEvent, GetFileSize, GetFileTime, SearchPathW, CreateThread, GetCurrentProcess, lstrcpynW, GetCurrentThread, lstrlenA, lstrcpyA, FindClose, FindNextFileW, lstrcmpiW, FindFirstFileExW, MoveFileW, DeleteFileW, CopyFileW, FreeLibrary, GetProcAddress, LoadLibraryExW, SetErrorMode, LocalAlloc, LocalFree, lstrcmpiA, SetFileInformationByHandle, RegKrnGetGlobalState, UnregisterWait, DelayLoadFailureHook, HeapFree, HeapSize, GetProcessHeap, HeapAlloc, RegCloseKey, RegOpenKeyExW, InitializeCriticalSection, RegSetValueExW, CreateMutexA, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, Wow64RevertWow64FsRedirection, LockResource, LoadResource, SizeofResource, FindResourceExW, Wow64DisableWow64FsRedirection, IsWow64Process, HeapReAlloc, DosDateTimeToFileTime, FileTimeToDosDateTime
msvcrt.dll
DllMain
ntdll.dll
RtlFreeHeap, RtlSetGroupSecurityDescriptor, RtlGetGroupSecurityDescriptor, RtlSetOwnerSecurityDescriptor, RtlLengthSid, RtlGetOwnerSecurityDescriptor, RtlGetAce, RtlQueryInformationAcl, RtlGetDaclSecurityDescriptor, RtlAllocateHeap, NtQuerySecurityObject, NtQueryKey, RtlReleaseResource, RtlAcquireResourceExclusive, NtClose, NtOpenKey, NtSetInformationThread, NtOpenThreadToken, RtlInitUnicodeStringEx, NtQueryValueKey, RtlInitializeResource, NtAccessCheck, RtlAcquireResourceShared, RtlCompareUnicodeString, RtlNtStatusToDosError, NtCreateKey, RtlAllocateAndInitializeSid, RtlValidRelativeSecurityDescriptor, RtlCreateSecurityDescriptor, RtlOpenCurrentUser, RtlLengthRequiredSid, NtOpenFile, RtlDosPathNameToNtPathName_U, NtSaveKey, NtCreateFile, NtSaveKeyEx, NtQueryMultipleValueKey, NtLoadKey, NtUnloadKey, NtReplaceKey, NtSetValueKey, RtlInitUnicodeString, NtSetSecurityObject, NtEnumerateValueKey, NtEnumerateKey, NtDeleteValueKey, NtDeleteKey, RtlGetVersion, NtWaitForSingleObject, RtlFreeUnicodeString, NtQueryInformationThread, RtlCreateUnicodeString, RtlCopyUnicodeString, RtlReAllocateHeap, NtQueryPerformanceCounter, RtlUnicodeToMultiByteN, RtlCreateUnicodeStringFromAsciiz, NtWaitForMultipleObjects, RtlAppendUnicodeStringToString, NtReadFile, NtQueryInformationFile, NtWriteFile, RtlMakeSelfRelativeSD, RtlLengthSecurityDescriptor, RtlValidSecurityDescriptor, RtlCreateAcl, RtlAddAccessAllowedAce, RtlSetDaclSecurityDescriptor, RtlFreeSid, NtRestoreKey, NtFlushKey, DbgPrint, RtlDeleteResource, NtCreateKeyTransacted, NtOpenKeyEx, NtOpenKeyTransactedEx, NtOpenKeyTransacted, RtlReleaseRelativeName, RtlDosPathNameToRelativeNtPathName_U, EtwLogTraceEvent, RtlGetThreadPreferredUILanguages, RtlInitializeCriticalSection, RtlDeleteCriticalSection, RtlLeaveCriticalSection, RtlEnterCriticalSection, RtlIntegerToUnicodeString, RtlDllShutdownInProgress, NtQueryInformationProcess, RtlAddAccessAllowedAceEx, NtQueryInformationToken, NtOpenProcessToken
rpcrt4.dll
RpcImpersonateClient, RpcRevertToSelf, NdrServerCall2, NdrClientCall2, RpcBindingFree, RpcStringBindingComposeW, RpcBindingFromStringBindingW, RpcStringFreeW, RpcServerRegisterAuthInfoA, RpcServerUnregisterIf, RpcServerUseProtseqEpW, RpcServerRegisterIfEx
Export table
ServiceMain
SvchostPushServiceGlobals

REGSVC.dll

Remote Registry Service by Microsoft

Remove REGSVC.dll
Version:   5.2.3790.3959 (srv03_sp2_rtm.070216-1710)
MD5:   b2d55ce8c7c946c625b687f75040ad3f
SHA1:   23386fda4ee71838b9a95b1fc10f30a618020a4d
SHA256:   8bbcfb5765e42da638681a659fec67c3c5be784575fafea9d729f7908df3b120
This is a Windows system installed file with Windows File Protection (WFP) enabled.

What is REGSVC.dll?

Windows Remote Registry service gives you the ability to modify a PC's settings without being physically present. Disabling the RemoteRegistry service will break most patch management solutions including the Software Update Service and Windows Automated Update. If you disable this service, you will have to perform patch management manually.

Overview

regsvc.dll is loaded as dynamic link library that runs in the context of a process. .

DetailsDetails

File name:regsvc.dll
Publisher:Microsoft Corporation
Product name:Remote Registry Service
Description:Microsoft® Windows® Operating System
Typical file path:C:\Windows\System32\regsvc.dll
File version:5.2.3790.3959 (srv03_sp2_rtm.070216-1710)
Product version:5.2.3790.3959
Size:152 KB (155,648 bytes)
Build date:2/17/2007 11:36 AM
Digital DNA
PE subsystem:Windows Console
File packed:No
Code language:Microsoft Visual C++
.NET CLR:No
More details

BehaviorsBehaviors

Hosted services
Runs as a shared service under the Windows svcHost
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'
  • Shared name is 'RemoteRegistry'

Windows OS versionsDistribution by Windows OS

OS versiondistribution
Microsoft Windows XP 96.08%
Windows 7 Home Premium 1.96%
Windows 7 Ultimate 1.31%
Windows 7 Professional 0.65%

Distribution by countryDistribution by country

United States installs about 29.73% of Remote Registry Service.

OEM distributionDistribution by PC manufacturer

PC Manufacturerdistribution
Dell 40.35%
Intel 10.53%
Toshiba 8.77%
GIGABYTE 8.77%
American Megatrends 7.02%
Hewlett-Packard 4.39%
Sahara 3.51%
Compaq 3.51%
Lenovo 3.51%
ASUS 3.51%
Acer 2.63%
Gateway 1.75%
Sony 1.75%
Should I remove It? Clean your PC of unwanted adware, toolbars and bloatware.

Download it for FREE