URGENT: Registry Editor starts with Windows - Why?

I have a Windows 98 PC that starts RegEdit when Windows starts. There are no programs in the StartUp folder that would do this, nor are there any that I can see in the Run or RunOnce portions of the Registry. There are no viruses on the computer (Norton AntiVirus scan earlier today) and Norton SystemsWorks did not find and fix this problem (which it has fixed in the past for me on a different PC). Any suggestions? I need them in the next two hours.
bhlangAsked:
Who is Participating?
 
stevenlewisConnect With a Mentor Commented:
uncheck it in start -->run type msconfig, go to the startup tab and uncheck it (reboot) and see
did msinfo32 have any mention of regedit?
0
 
vinnyd79Commented:
If you run msconfig and look under the startup tab,is there anything listed that could be launching regedit?
0
 
bhlangAuthor Commented:
I don't see anything that says regedit. Here's what the Startup Tab shows:

ScanRegistry   c:\windows\system\scanregw.exe /autorun
TaskMonitor    c:\windows\taskmon.exe
SystemTray     systray.exe
0
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

 
SysExpertCommented:
I would disable them one at a time and see if this resolves the problem.

Also check for a wininit.* file anywhere on your machine.

Also if this is new,

 You may try doing a scanreg /fix from a DOS prompt.
Scanreg /opt  also.


You may try doing a scanreg /restore from a DOS prompt
and select a registry date from before the problem started.

I hope this helps !
0
 
hendrik999Commented:
Look in the registry at:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
File c:\windows\win.ini
  section   run=....
File c:\winstart.bat

Hope this helps.
0
 
bhlangAuthor Commented:
Continued....

LoadPowerProfile   Rundll32.exe powerprof.dll,LoadCurrentPwrScheme
ConfigSafe         c:\csafe\autochk.exe  <- This is an IBM program
AEZBProc           c:\ibmtools\aptezbtn\aptezbtn.exe
StillImageMonitor  c:\windows\system\stimon.exe
bpcpost.exe        c:\windows\system\bpcpost.exe
EM_EXEC            c:\progra~1\logitech\mousew~1\system\EM_EXEC.exe
Request            c:\windows\options\cabs\request.exe
CriticalUpdate     c:\windows\system\wucrtupd.exe -startup
NAV Agent          c:\progra~1\Norton~1\Norton~2\Navapw32.exe
NProtect           c:\program files\Norton Systemworks\Norton Utilities\Nprotect.exe
LoadPowerProfile   Rundll32.exe powerprof.dll,LoadCurrentPwrScheme
SchedulingAgent    mstask.exe
ScriptBlocking     "C:\program files\common files\symantec shared\Script blocking\sbserv.exe" -reg
CSINJECT.EXE       c:\program files\norton systemworks\norton cleansweep\CSINJECT.EXE
NPROTECT           c:\program files\norton systemworks\norton utilities\NPROTECT.EXE
SymTray - Norton SystemWorks c:\program files\common files\symantec shared\symtray.exe "Norton SystemWorks"
Webshots           c:\progra~1\webshots\websho~1.exe
Lotus Smartcenter  c:\lotus\smartctr\smartctr.exe
CleanSweep SmartSweep-Internet Sweep C:\progra~1\norton~1\norton~3\csinsm32.exe
0
 
LeeTutorretiredCommented:
This line that you quoted above looks suspicious to me:

ScriptBlocking     "C:\program files\common files\symantec shared\Script blocking\sbserv.exe" -reg
0
 
bhlangAuthor Commented:
That is part of Norton AntiVirus. Some virus' are vbs scripts and that blocks them from doing any damage.
0
 
stevenlewisCommented:
what is this one
Request            c:\windows\options\cabs\request.exe

go to start --> run and type msinfo32
go to software environment, startup and see where it is being loaded from
0
 
bhlangAuthor Commented:
It is loaded from Registry (Machine Run)
0
 
bhlangAuthor Commented:
Removed the REQUEST line and it rebooted without bringing up RegEdit.

Thanks everyone for your help.
0
 
stevenlewisCommented:
bhlang Glad we could help
That request line looked suspicious to me, I've never seen it before, and know it isn't a normal startup item
0
 
pleasenospamCommented:
But, you haven't answered the implied question: "Why was it there -- what put it there"?
0
 
stevenlewisCommented:
I don't know what put it there, and frankly I don't care. I don't pretend to know, every piece of software on the planet, and what they all install or not. I do know that request.exe is not a normal startup item, and suspected it was where regedit was being loaded from. My goal here was to stop regedit from being loaded on startup, and we accomplished this. If I chased down every implied question here, I would not have time to do anything else
0
 
Computer101Commented:
Listening

Seems the question was answered as requested.

Computer101
E-E Moderator
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.