Scrolling Text

Blogger Tips and TricksLatest Tips And TricksBlogger Tricks

Welcome to My Blog !

By : Nirdosh Dhakal
I'm, here at this regular post Free Software, Computer Problem Solving, Tips, Tricks & Tutorial. Various stuff to change Windows look & feel. In this article, I'm going to list some of my best and most exclusive articles for you. So take your time and make sure you haven't missed any of them?

02 October 2012

Why does Task Manager, MSCONFIG, or REGEDIT disappear while opening?

When you open System Configuration Utility [MSCONFIG], Registry Editor or Task Manager, they flash for a second and quit. This symptom is caused by Viruses. These three are important system utilities which the viruses target.
A quick workaround is to rename the files and run them. Extracting new copies of these files with the same name may not help. Rename these utilities and run them or use MS-MVP Doug Knox's Emergency Msconfig, Regedit, Task Manager utility. This utility creates usable copies of MSCONFIG, REGEDIT AND TASK MANAGER by creating copies of the actual files to C:\EmergencyUtils folder.

Follow-up with complete Malware cleanup.

Useful links

More Information

These viruses terminate regedit.exe / msconfig.exe / taskmgr.exe.
The following viruses delete Regedit.exe, Regedt32.exe, Msconfig.exe, Taskmgr.exe

Another reason why Regedit can't be launched from Run

As of recent, I've seen reports of the bogus file named regedit.com in Windows systems. This file is actually a Trojan file, which is set the Hidden and System attributes. The regedit.com file may be present in %Systemroot% or %Systemroot%\System32 folders. This file should be deleted.
Normally, users type regedit in Start, Run dialog to launch the Registry Editor. But, if both Regedit.exe (legitimate) and Regedit.com (Trojan) are present in your Windows or System32 folder, the file with the .COM extension takes precedence. As a result, regedit.com process launches. When regedit.com file runs, nothing may happen. Or, the following error may be seen.
ERROR: An Extended Memory Manager is already installed. XMS Driver Not Installed.
To prevent this scenario, you must use the explicit file name and the Path to load the Registry Editor in emergencies. Examples:
  • Regedit.exe
  • %Systemroot%\Regedit.exe
Here is a trojan Win32.Alcan.C, which copies the file regedit.com (and others) to the Windows folder.

Posted by at
Labels: