Regedit starts and immediately quits

P

per

Hi there,
I have a Windows 2000 professional machine. I need to remove two items from
the registry but when I start regedit, the program opens then immediately
closes before I can do anything.

After login it displays 2 error messages saying it can't find file
yhvfgeoia.exe or qievafoyaxi.exe. Windows says to remove these entries from
the registry but I can't.

Could this be virus related? I've scanned the system with Norton Antivirus
2003 and found 12 infected files. The files have been quarantined or deleted
but the problem still exists.

How can I get my regedit to work? Thanks in advance for your help.
 
X

Xitch13

I am alos experiencing something along the same lines. I
attempt to open my registry and it immediately shuts
down. Also, Task Manager is acting in the same manner. I
am sure this is malware of some type, but I can't find any
listings on the web.

Not being able to see which processes or my registry is
really hamstringing me. Any help would be appreciated.

BTW I've run McAfee's virus scan, Ad-Aware 6, and
SPyHunter, with no real help.
 
B

Bruce Chambers

Greetings --

This behavior is a common symptom of more than one virus/worm, the
three below being the most common:

W32.Klez
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Yaha
http://securityresponse.symantec.com/avcenter/venc/data/[email protected]

W32.Spybot.Worm
http://securityresponse.symantec.com/avcenter/venc/data/w32.spybot.worm.html


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
X

Xitch13

I find a file name 'Wincfg.scr' by running Norton Scan (it
was the third time I ran it, the other two times it didn't
come up) Norton wasn't able to remove it, but once I
found it I deleted it by hand.

That allowed me back into Task Manager and my registry on
reboot. I obviously removed the listing to run it on boot
from the registry.
(HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersi
on\Run)

One thing I thought of at work, but didn't try since I had
already fixed the problem, was to rename regedit.exe.
Actually, make a copy of a different name, and trying to
run that. That way, if the malware is just looking for
the 'regedit' process and killing that, you may spoof it.
However, it could be looking at who is accessing classes
and in that case this wouldn't work.

Good luck to ya
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

regedit won't run in windows folder 5
Can not run "regedit" 2
missing regedit 4
regedit /s opens regedit? 3
MacWord 2001 immediately quits when software opens 1
Unable to open task mgr regedit msconfig 4
Outlook starts and immediately quits 3
Windows 2000 Registry 2

Top