Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.


Unable to remove regedit.exe

  • Please log in to reply
2 replies to this topic

#1 NyCb0i


  • Members
  • 3 posts
  • Local time:05:15 AM

Posted 19 July 2005 - 08:26 PM

Not sure if I posted in the right forum, if not please move thanks

And also thank you for the warm welcome, I like it here more than other
computer forums. ^^

Well I used the StartUp Database and searched for many exe(s) in my task manager.
I came along many searches but I'm not sure if they are good or bad.

I came across regedit.exe that runs in my task manager, I already knew that file is up to no good. I follow many tutorials on how to remove it and such but it didn't work. I can't find the file and delete it. (yes, I also followed "How to show hidden files tutorial")

Posted Image

This is what I don't get also...
You see that blank line? I dunno what is that got any ideas?

Posted Image

This is how I found out regedit is a bad one.
The real one suppose to be in the Windows folder, not system32
And it is connect to some place I don't know, and I knew from that point
clickspring is no good.

Posted Image

See that regedit? It just runs after I end process it. And it keeps coming back.
Yea uses a lot ...28000+K

I tried to search for the file but I can't seem to find it in the system32 folder.
Any ideas how to get rid of it? Thanks in advance.

BC AdBot (Login to Remove)


#2 unrepper


  • Members
  • 205 posts
  • Local time:04:15 AM

Posted 19 July 2005 - 11:07 PM

Read this http://sarc.com/avcenter/venc/data/adware.purityscan.html then go to this sites tutorials page and read up on Hijackthis download it run it and post your saved scan file to the hijackthis forum on this site. You may have more severe malicious issues.
Posted Image

#3 stidyup


  • Members
  • 641 posts
  • Gender:Male
  • Local time:04:15 AM

Posted 20 July 2005 - 02:27 AM

If you think you are infected submit a hijackthis log here.

How to submit a hijackthis log

Download Hijackthis

Try running Sysclean you'll also need the virus template file from here lpt***.zip


DrWeb CureIT

If your good with the command line also try Sophos Command Line scanner

Also try installing and running A2 Free and Ewido

I'd also run Spybot and Adaware

If your using Win2K/XP run adaware/spybot from "safe mode with command prompt"

At the C:\ prompt type the following:-

C:\progra~1\spybot~1\spybotsd.exe /autocheck /autofix

Edited by stidyup, 20 July 2005 - 02:38 AM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users