The registry editor window opens on every startup. How do
I stop it openning? Many thanks Mark

Look in MSConfig for an entry that is launching regedit. Start | Run, enter
MSConfig in the box and click OK. Open the Startup tab and look for an entry
that refers to regedit.exe. Uncheck this entry and reboot. Look also for
entries including files with a REG extension.

Please post back full details of any entry you find one as it is highly likely
that they were originally of malicious intent and that you may well need to
thoroughly cleanse your PC.
--
Mike Maltby MS-MVP



Mark > wrote:

> The registry editor window opens on every startup. How do
> I stop it openning? Many thanks Mark

Many thanks

Computer was used without antivirus software and hence
NortonSystem Works used to cleanse. For your information
following was found in startup tab.

1) DELETE ME Registry (Per-User Run) Worm.exe
2) NeroCheck Registry (Machine Run)
C:\WINDOWS\OPTIONS\CABS\REGEDIT.EXE

The 1st entry was removed on cleanup and I unchecked the
2nd entry as per your advice.

Mike thanks again

Mark

>-----Original Message-----
>Look in MSConfig for an entry that is launching regedit.
Start | Run, enter
>MSConfig in the box and click OK. Open the Startup tab
and look for an entry
>that refers to regedit.exe. Uncheck this entry and
reboot. Look also for
>entries including files with a REG extension.
>
>Please post back full details of any entry you find one
as it is highly likely
>that they were originally of malicious intent and that
you may well need to
>thoroughly cleanse your PC.
>--
>Mike Maltby MS-MVP

>
>
>Mark > wrote:
>
>> The registry editor window opens on every startup. How
do
>> I stop it openning? Many thanks Mark
>
>.
>

Mark,

Something's very wrong there, perhaps as a result of the worm you removed or
the malware you installed - NSW. I'm sorry but IMO few other programs are so
ill suited to running on Win Me and cause so many problems.

If you have Nero installed the NeroCheck entry should read something like
"C:\Windows\System\NeroCheck.exe". If not then the entry should also be
removed.

I'm also just a little intrigued as to how you come to have a copy of
REGEDIT.EXE in the Windows\Options\Cabs folder. That is other than as in the
file WIN_17.CAB. I wonder how it got there?
--
Mike Maltby MS-MVP



Mark > wrote:

> Computer was used without antivirus software and hence
> NortonSystem Works used to cleanse. For your information
> following was found in startup tab.
>
> 1) DELETE ME Registry (Per-User Run) Worm.exe
> 2) NeroCheck Registry (Machine Run)
> C:\WINDOWS\OPTIONS\CABS\REGEDIT.EXE
>
> The 1st entry was removed on cleanup and I unchecked the
> 2nd entry as per your advice.