System32 Folder

  1. 28-04-2006  #1
    thedoc
    thedoc is offline Newbie

    System32 Folder

    I have been referred here from the malware forum. Here is my problem.

    Every time i boot my machine the system32 folder opens. I have done the following:

    Checked registry setting in HK_Current_User and HK_Local_Machine in the run section for start up entries that might cause this problem. My start up is empty. I have gone to msconfig and unchecked all start up items. I have gone to services and unchecked all non microsoft services. I have also disabled some of the other services that this machine does not require. I have done several scans for Viruses and Malware using 4 or 5 different programs such as AVG, Adaware, Panda, Spybot etc...........
    I have also gone to the website and run the .VBS file to eliminate this problem. I am at my wits end on this one. I am totally stumped.

    Here is what is in my HiJackthis start up log:
    StartupList report, 4/28/2006, 1:54:51 PM
    StartupList version: 1.52.2
    Started from : C:\Downloads\VIA\hijackthis\HijackThis.EXE
    Detected: Windows XP SP2 (WinNT 5.01.2600)
    Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    * Using default options
    * Including empty and uninteresting sections
    * Showing rarely important sections
    ==================================================

    Running processes:

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\SYSTEM32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    C:\WINDOWS\regedit.exe
    C:\WINDOWS\explorer.exe
    C:\Downloads\VIA\hijackthis\HijackThis.exe

    --------------------------------------------------

    Listing of startup folders:

    Shell folders Startup:
    [C:\Documents and Settings\Marlene\Start Menu\Programs\Startup]
    *No files*

    Your help is greatly appreciated. Thank you

  3. 29-04-2006  #2
    Tassie Devil
    Tassie Devil is offline DAL Aussie Contingent
    Have you tried this from Microsoft? http://support.microsoft.com/?kbid=170086
  4. 29-04-2006  #3
    thedoc
    thedoc is offline Newbie
    Yes i have tried the Microsoft fix. There is no entry in the registry that I can find that might cause this. I have searched for System32.exe also as well as the registry and spyware and virus searches. I am totally completely dumbfounded.
  5. 29-04-2006  #4
    jephree
    jephree is offline ¨*·.¸ «.·°·..·°·.» ¸.·*¨
    Visit http://www.kellys-korner-xp.com/xp_tweaks.htm and scroll down
    to Item No. 260. In the right column, click on "System32 Folder Opens
    Upon Boot". Download this repair file and then run the repair.


    More ideas:

    http://groups.google.com/group/micro...2+opens&qt_g=1
  6. 29-04-2006  #5
    thedoc
    thedoc is offline Newbie
    Done that too. Enty not found in registry. I have been working on this for 3 days now. Beofre I joined this forum I went through 30 search pages about this subject with no cures. This is why I am so frustrated.
  7. 29-04-2006  #6
    jephree
    jephree is offline ¨*·.¸ «.·°·..·°·.» ¸.·*¨
    Is this a new problem? Were things working OK previously? Any new hardware and or software?

    If this is a new problem try a System Restore to a point prior to the problem:

    start > All Programs > Accessories > System Tools > System Restore

    Also you could try to run sfc /scannow

    You will need your XP CD in order to do this.
  8. 29-04-2006  #7
    Tassie Devil
    Tassie Devil is offline DAL Aussie Contingent
    A couple of other suggestions I've seen. Not sure if you have the audigy card?

    Using Regedit, change the following key:
    HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENT VERSION\WINLOGON
    Change USERINIT from C:\windows\system32\userinit.exe,c:\windows\system 32\userinit.exe
    to
    C:\windows\system32\userinit.exe,

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~

    Creative Audigy sound card.
    The HKEY_CURRENT_USER\Software\Microsoft\CurrentVersio n\Run section had an SB Audigy 2 Startup Menu key with the value of /L:ENG.
    Removing the key solved the explorer startup problem.
  9. 29-04-2006  #8
    thedoc
    thedoc is offline Newbie
    That is exactly what is in WinLogOn is as stated. C:\WINDOWS\SYSTEM32\Userinit.exe, I do not have an audigy sound card. I am using on board A97 RealTek Sound Drivers. We need to go beyond the standard fixes for this issue and look deeper. Everything you have suggested so far I have already done. I did a search on Google for System32 Folder opens on boot and did everything I could find to do in 30 pages of the search engine and none of the items fixed this issue. I am about ready to re-format and start over with a fresh copy of windows as much as I don't want to do that it seems to be my only answer.
  10. 29-04-2006  #9
    thedoc
    thedoc is offline Newbie
    Okay I have given up. I am now formatting and reinstalling Windows. Thank you very much for all of your help.
  11. 30-04-2006  #10
    jephree
    jephree is offline ¨*·.¸ «.·°·..·°·.» ¸.·*¨
    Let us know how it goes/went.
+ Reply to Thread
Page 1 of 2 1 2 LastLast
« Start-up Loop | I/O device error with DVD/CD writable drive »