PDA

View Full Version : winsys32



kitty
02-Nov-06, 23:40
I've got a virus in system 32 and can't seem to get rid of it, when i try to put it in the vault it tells me that it isn't such a good idea.
Can anyone help please :confused

Ann
02-Nov-06, 23:57
I've lost system 32 altogether! I don't even know what it is for! Everytime I switch on my computer it tells me system 32/exec can't be found. I look forward to someone telling us more.

blueivy
03-Nov-06, 00:11
I've lost system 32 altogether! I don't even know what it is for! Everytime I switch on my computer it tells me system 32/exec can't be found. I look forward to someone telling us more.

System32 is the main folder within the Windows directory holding critical operating system files.

If the PC you're getting your error on is the one you are writing this mesage from then it's not missing - if it was, your system would not boot. If your PC is working and you get this error then it will probably be looking for a file to run at startup that no longer exists - nothing to worry about and can be easily removed. Let me know exactly what the error is.

If your System32 folder is missing then if you have a genuine Windows disk (ie. not a recovery disk), pop it into the drive, boot from it and Repair Windows. It should then put the missing files back. I say should as I don't know exactly what's wrong with your machine so can't say it will make any difference.

If you only have a recovery disk then you either use it to wipe yoru machine and start again (as most recovery disks do) or you get a hold of a genuine Windows disk and follow the option above.

blueivy
03-Nov-06, 00:15
I've got a virus in system 32 and can't seem to get rid of it, when i try to put it in the vault it tells me that it isn't such a good idea.
Can anyone help please :confused

What file in System32 is the virus attached to?

What anti-virus software are you using?

System32 is a folder and therefore can't have a virus itself. Putting it into the vault would cause quite a lot of problems (assuming it can even be done).

kitty
03-Nov-06, 00:22
I'm using avg just now, it seems to be attached to quite alot so the next time it gives me the option i will write the details down and pm you if that ok :D

p.s thanx for the help

blueivy
03-Nov-06, 00:24
I'm using avg just now, it seems to be attached to quite alot so the next time it gives me the option i will write the details down and pm you if that ok :D

Hi Kitty,

That's no problem. You can start a manual scan just now which should find the virus and tell you what it's attached to.

Note down the name of the virus also and I can look at that too.

kitty
03-Nov-06, 00:30
Hi blueivy

the first one i've found is C:\WINDOWS\SYSTEM32\klvpfb.exe and it just says Virus found Win32/CryptExe :D

oops, sorry was meant to pm it to you

Ann
03-Nov-06, 10:19
"Windows cannot find C:\WINDOWS\System32\winserve.exe. Make sure you typed the name correctly and then try again. To search for a file, click the start button, and then cllick Search."

Please use idiot proof phrases BlueIvy as I am brain dead where computers are concerned. Most of what I know is learned by pressing buttons and seeing what happens. I've probably "tidied" up some day and misplaced some files.

It is XP Professional that I am using.

Bobinovich
03-Nov-06, 11:21
Hi blueivy

the first one i've found is C:\WINDOWS\SYSTEM32\klvpfb.exe and it just says Virus found Win32/CryptExe :D

oops, sorry was meant to pm it to you

That one is safe to move to the vault.

j4bberw0ck
03-Nov-06, 11:24
Googling for win32/crypt.exeproduced this (sponsored) link to a removal tool. Can't vouch for it myself, I'm afraid.

Ann, is the filename winserv.exe or winserve.exe? Winserv is a trojan which gives an intruder access to your pc (take a look at Google for information). After you remove it or remove the reason why it reports it can't be found you should change ALL your passwords.........

I was going to recommend ewido malware removal tool to sweep your pc but it's now part of Grisoft (who do AVG antivirus) - take a look at http://www.ewido.net/en/ and consider downloading the AVG 7.5 version.

blueivy
03-Nov-06, 12:05
"Windows cannot find C:\WINDOWS\System32\winserve.exe. Make sure you typed the name correctly and then try again. To search for a file, click the start button, and then cllick Search."

Please use idiot proof phrases BlueIvy as I am brain dead where computers are concerned. Most of what I know is learned by pressing buttons and seeing what happens. I've probably "tidied" up some day and misplaced some files.

It is XP Professional that I am using.

Hi Ann,

As J4bberwock says, winserve.exe is a trojan. The reason Windows is reporting that it cannot be found is you (or your anti-virus software) probably removed it either by deleting it or quarantining it. Windows is now trying to load it every time it starts but as it's not there, it reports the error to you.

Depending on how it was being started in your system, you may be able to remove the message by following these steps:

Go to Start->Run
Type msconfig and press Enter.
Go to the Startup tab of the program that starts.
Look for C:\WINDOWS\SYSTEM32\WINSERVE.EXE in the Command column. When you see it there, untick the box in the Startup column next to it.
Click OK and either Restart when prompted to wait until later.
When you restart the message shouldn't reappear.If you have any problems let me know.

blueivy
03-Nov-06, 12:11
Googling for win32/crypt.exeproduced this (sponsored) link to a removal tool. Can't vouch for it myself, I'm afraid.

Ann, is the filename winserv.exe or winserve.exe? Winserv is a trojan which gives an intruder access to your pc (take a look at Google for information). After you remove it or remove the reason why it reports it can't be found you should change ALL your passwords.........

I was going to recommend ewido malware removal tool to sweep your pc but it's now part of Grisoft (who do AVG antivirus) - take a look at http://www.ewido.net/en/ and consider downloading the AVG 7.5 version.

Hi j4bberwock,

AVG Anti-Spyware is priced at 24.95 which is a little steep for a product that's quite a new addition to the anti-spyware market! I couldn't find any comparisons of it on Google. Do you have or know where there is a review of it?

j4bberw0ck
03-Nov-06, 12:25
Hi Paul

Yes, the cost is why I said "consider"! :lol: Don't know of any comparative information; it's a shame the free Ewido doesn't seem to be available any longer, though they're still doing updates. If anyone wants a copy of the free one I kept the executable and can email it, but it runs to just over 5MB so some ISP mailboxes will refuse it :roll:. Yahoo / gmail 'boxes will be OK though.

If you want / haven't got a copy, you'd be most welcome to a copy of mine; as it was free in the first place and is now defunct, I can't think the EULA issues are too bad.

Cheers! J

blueivy
03-Nov-06, 13:27
Hi Paul

Yes, the cost is why I said "consider"! :lol: Don't know of any comparative information; it's a shame the free Ewido doesn't seem to be available any longer, though they're still doing updates. If anyone wants a copy of the free one I kept the executable and can email it, but it runs to just over 5MB so some ISP mailboxes will refuse it :roll:. Yahoo / gmail 'boxes will be OK though.

If you want / haven't got a copy, you'd be most welcome to a copy of mine; as it was free in the first place and is now defunct, I can't think the EULA issues are too bad.

Cheers! J

Hi J4bberwock,

If the EULA allows it, I'll happily host it for you on my web space and you can simply provide a link in here for it.

The only thing I would mention about using an older anti-spyware application (or anti-virus) is that while you said they will update the signatures they will not update the engine so it will eventually become less able to detect newer threats. Having said that though it will be better than no anti-spyware which is what most people have!

If you send me the file by email (the file limit on my Exchange server is 10Mb) I'll upload it and provide you with the link.

DocStone
03-Nov-06, 14:47
Hi j4bberwock,

AVG Anti-Spyware is priced at 24.95 which is a little steep for a product that's quite a new addition to the anti-spyware market! I couldn't find any comparisons of it on Google. Do you have or know where there is a review of it?


AVG Anti-Spyware is the new name for Ewido, and is a very powerful anti-xware scanner. You get it on a trial basis, free for the first 30 days, after which it still works, but you do not get real time protection and auto-updates, but you can still manually scan your system and update the libraries. It works, and it works well.

As with all anti-virus, I reccomend you run them in safe mode.


Hi Paul

Yes, the cost is why I said "consider"! :lol: Don't know of any comparative information; it's a shame the free Ewido doesn't seem to be available any longer, though they're still doing updates. If anyone wants a copy of the free one I kept the executable and can email it, but it runs to just over 5MB so some ISP mailboxes will refuse it :roll:. Yahoo / gmail 'boxes will be OK though.

If you want / haven't got a copy, you'd be most welcome to a copy of mine; as it was free in the first place and is now defunct, I can't think the EULA issues are too bad.

Cheers! J

As above, Ewido was bought over by AVG, hence the name change, the engine is still the same though. So, to clear any confusion, Ewido=AVG Anti-Spyware.

blueivy
03-Nov-06, 14:54
AVG Anti-Spyware is the new name for Ewido, and is a very powerful anti-xware scanner. You get it on a trial basis, free for the first 30 days, after which it still works, but you do not get real time protection and auto-updates, but you can still manually scan your system and update the libraries. It works, and it works well.

As with all anti-virus, I reccomend you run them in safe mode.

Hi DocStone,

I'm not sure what you mean by running anti-virus in Safe Mode?

Ewido / AVG Anti-Spyware has no reviews (that I could at least find, I'd be grateful if somebody could point me in the direction of one) so nobody can confirm how effective it actually is. It may be the best anti-spyware software on the market, but it also ma be very poor. If you have a review of it, comparison, etc please let me know.

Running anti-spyware that does not provide active protection is just a waste of time in my opinion - closing the door after the horse has bolted springs to mind. With spyware rapidly overtaking viruses as the number one threat to computer owners, scanning your PC once a week gives the spyware 7 days to steal your information, send spam, show you pop-ups and much worse. If you want to use an anti-spyware application, use one that monitors your PC continuously for problems.

It's widely accepted that everybody needs active anti-virus on their PC. It's time it was widely accepted that they also need good active anti-spyware.

DocStone
03-Nov-06, 15:00
Hi DocStone,

I'm not sure what you mean by running anti-virus in Safe Mode?

Ewido / AVG Anti-Spyware has no reviews (that I could at least find, I'd be grateful if somebody could point me in the direction of one) so nobody can confirm how effective it actually is. It may be the best anti-spyware software on the market, but it also ma be very poor. If you have a review of it, comparison, etc please let me know.

Running anti-spyware that does not provide active protection is just a waste of time in my opinion - closing the door after the horse has bolted springs to mind. With spyware rapidly overtaking viruses as the number one threat to computer owners, scanning your PC once a week gives the spyware 7 days to steal your information, send spam, show you pop-ups and much worse. If you want to use an anti-spyware application, use one that monitors your PC continuously for problems.

It's widely accepted that everybody needs active anti-virus on their PC. It's time it was widely accepted that they also need good active anti-spyware.

Trust me on this one, Ewido is good.

As for the safe mode, if you are running a system scan and you know you have a problem, it is best to run the scan whilst windows is in safe mode.

As for the anti-spyware mantra, agree %110. Most of the problems I encounter with systems are caused by xware.

blueivy
03-Nov-06, 15:12
Trust me on this one, Ewido is good.

As for the safe mode, if you are running a system scan and you know you have a problem, it is best to run the scan whilst windows is in safe mode.

As for the anti-spyware mantra, agree %110. Most of the problems I encounter with systems are caused by xware.

Hi DocStone,

I do trust what you say! The reason I was asking for reviews, comaprisons and comments was because we are all biased to what works for us. I have used Ewido and didn't like it but I didn't use it long enough to be confident on giving an a fully formed opinion on it.

I could sing the praises of the anti-spyware I use, CounterSpy Anti-Spyware, but that's only my view on it. If you have 10,100 or 1000 people singing or knocking the praises in reviews, user forums and other groups, then I would tend to trust it more. It's human nature.

I can't find anything on Ewido which is probably due to it being relatively new to the market rather than it being bad. It's a pity though.

Some anti-virus software may not run in Safe Mode so booting into Safe Mode to do a scan may not be applicable to every application. It is a good place to manually remove viruses and spyware though as the files will generally not be locked as they would be in a standard Windows boot.