System32 opens on start up after spyware removal

sabbath_dude · Jul 3, 2006

Yesterday I managed to install virtumonde along with some other nasty stuff while updating a second hand pc I just bought. I'm pretty sure I've removed all the malware (going into safe mode, system restore off and using Spybot, Vundo Fix, Ad-Aware, AVG, Trojan Remover and HJT) and everything seems to be running smoothly however everytime I switch the pc on xp boots up with system32 folder open?. I'm guessing this it to do with an invalid registry entry left over from the spyware problems although I have no idea which one or where. I'm pretty sure all spyware problems have been dealt with but I could be wrong!. Any help with this is much appreciated!. I can submit a HJT log if needed. I'm running SP2 and everything is upto date if that makes any difference.

chaslang · Jul 3, 2006

The system32 folder will typically open when there is a null terminated process trying to load at startup. Improper removal from startups can cause this.

Please run the below procedure and attach the runkeys.txt log.

Using GetRunKey

sabbath_dude · Jul 4, 2006

Thank you for replying to my post but I managed to sort it out. Thanks anyway!

chaslang · Jul 4, 2006

You're welcome! Surf Safely!

Log in or Sign up

System32 opens on start up after spyware removal

sabbath_dude Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member

sabbath_dude Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member