Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works

System32 Folder Disapearred

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 4 posts
Hi, new to the forums, hoping someone here can help.

A family member recently installed Limewire on my PC. When I closed Limwire so I could uninstall it, Limewire would re-open itself several times. I checked the downloads folder out of curiosity, and saw several *.rar archives all 82KB but having the names of popular new programs and games.

Said family member told me they had extracted a few of these, and of course the PC (home built) began to have serious issues. I was getting tons of pop-ups etc. Booted into safemode ran Lavasoft, Spybot S&D, Trend Micro, etc. Managed to minimalize the pop-ups to one or two in IE and none in Firefox (Primary Browser). Assumed problem was fixed, but just to be sure decided to install the trial version of Panda's Titanium Antivirus 2006. When I tried to install it, however, I had several errors when Panda tried to put any *.dlls in the System32 folder. I decided to go and take a look, and upon opening the Windows folder, lo and behold there was no System32. (all folder and file viewing options are enabled) The only way I can get to the System32 folder is to type it in manually in the Adress Bar. On top of this, I have also begun to get the infamous IRQL_NOT_LESS_OR_EQUAL error message if I attempt to play any games. I have checked my IRQ addresses, none of the critical components share an address. (I have a nic and my HPT RAID controller sharing one, and four USBs sharing another....still, I have never had this BSoD before)

I suspect that there is some type of malware etc. that is blocking access to System32 or some such thing, and hopefully that is what is causes the other problems. Don't know if anyone can help, but if there is any way I can get around this without having to format, it would be a total life saver. Thanks again.



Logfile of HijackThis v1.99.1
Scan saved at 9:33:32 AM, on 10/27/2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
F:\Program Files\TrojanHunter 4.2\THGuard.exe
F:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
C:\United Devices\UD.EXE
F:\Program Files\ewido\security suite\ewidoctrl.exe
C:\United Devices\ud_7657531.exe
F:\Program Files\ewido\security suite\ewidoguard.exe
F:\Program Files\Entropia\Entropia Client\Bin\LogServerShell.exe
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\Program Files\Entropia\Entropia Client\Bin\TaskManagerShell.exe
C:\United Devices\ud_7657531_0.dir\WCGrid_Rosetta.exe
F:\Documents and Settings\David\Desktop\FxIstbar.exe
F:\Documents and Settings\David\Desktop\Hijack This\HijackThis.exe

R3 - Default URLSearchHook is missing
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [WinPatrol] F:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [THGuard] "F:\Program Files\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\System32\ctfmon.exe
O4 - Startup: UD Agent.lnk = C:\United Devices\UD.EXE
O4 - Global Startup: NETGEAR WG311v2 Smart Configuration.lnk = F:\Program Files\NETGEAR WG311v2 Adapter\wlancfg5.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.t...all/xscan60.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.syma...bin/AvSniff.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefend...can8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.syma...n/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai...all/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsec...scan/axscan.cab
O20 - Winlogon Notify: avldr - F:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: WindowsUpdate - F:\WINDOWS\system32\n08olal31dq.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - F:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Atepumt - Unknown owner - F:\WINDOWS\System32\debug.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Unknown owner - F:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe (file missing)
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - F:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe (file missing)
O23 - Service: AVG E-mail Scanner (AVGEMS) - Unknown owner - F:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe (file missing)
O23 - Service: CWShredder Service - Unknown owner - F:\Documents and Settings\David\Local Settings\Temporary Internet Files\Content.IE5\P49C4IG2\cwshredder[1].exe (file missing)
O23 - Service: ewido security suite control - ewido networks - F:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - F:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogServerShell - Unknown owner - F:\Program Files\Entropia\Entropia Client\Bin\LogServerShell.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PavPrSrv - Unknown owner - (no file)
O23 - Service: TaskManagerShell - Unknown owner - F:\Program Files\Entropia\Entropia Client\Bin\TaskManagerShell.exe
  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP