If you don’t want to read about it, click here to see the solution
Once again, I seem to have found a poorly documented PC problem, funny how I always seem to be getting these…
Anyway, this page is all about how I managed to remove the unbelieveably annoying file devldr32.exe from my Windows XP box. I recently needed to move PCs as my old computer was starting to play up, doing things like not shutting down or starting up properly; you know the kinds of things that happen to Windows PCs after a while.
Since I had a spare PC knocking around, and it had a higher spec than the one I was using I decided to move onto the spare machine and turn my old PC into a proper server for my web development. This basically meant starting from scratch on the spare machine which I promptly did. To cut a long story short, I got it all up and running, got all the device drivers installed and was good to go!
Until I noticed a process running which I didn’t install, and which, quite frankly, I didn’t want running – guess which file! You got it devldr32.exe
So, like I normally do, I killed the processes, checked all the usual places that can cause files to auto start (startup folder, registry, services) and found nothing (or if I did find anything I deleted it, to be honest I can’t remember now).
Then obviously I restarted and, lo-and-behold, there’s that file running again, pretty much laughing at me. So I killed it again and carried on. Then I noticed it running again! How did that happen? I didn’t even restart my machine. So I killed it again and opened my ftp program (for no particular reason) and as I’m watching my process list, it fires itself up again.
So by now I’m starting to think this file must be a virus, so I did my usual Googling and found this:http://www.neuber.com/taskmanager/process/devldr32.exe.html. Cool, useful and everything but no solution, and no clear answer on whether this is a virus or not. But at least it mentioned Creative SoundBlaster drivers, which I thought I had.
Anyway, cutting another longish story short, I searched and searched for ways to remove the stupid thing, including searching the Creative Labs website and everything.
Ultimately though, no matter what I did, I could neither remove the file or find any information about how to remove the file. No I’m not one to let these things get away, so I figured I’d have to solve the problem myself. And, thankfully I manged to, here’s how:
Actually the trick is rather simple, if you’re reading this you’ve probably already read about deleting devldr32.exe from c:\windows\system32\ and if you’ve really been paying attention, to also remove it from c:\windows\system32\dllcache\
That is basically the technique, but since the file seems to be able to load itself from whatever driver you’ve got loaded, simply killing the process and deleting those files doesn’t get rid of the little bugger!
Instead you need to reboot Windows XP into Safe mode, then delete the files. Complete explanation follows:
Solution
- Restart your PC, as soon as it starts to come back online, start tapping the F8 key furiously, if you get it right, you’ll be presented with the option to load Windows XP in safe mode, choose it using the arrow keys and hit enter.
- Windows XP will load and look rubbish, log in if you have to and open Windows explorer.
- Go to C:\windows\system32\ and delete devldr32.exe
- Now as a precaution, lets remove it from the dll cache.
- Still in Windows Explorer, click on the ‘Tools’ menu at the top of the window, and select ‘Folder Options’
- In the window that appears, click the ‘view’ tab.
- In the advanced settings section, check ‘Show hidden files and folders’ and also uncheck ’hide protected operating system files(Recommended).(Click ok on the warning if you get one)
- Click OK to get out of the window you were in.
- You should now be looking at a much longer list in the c:\windows\system32\ folder, if you look closely you should be able to see the \dllcache\ folder.
- Click on it
- Find devldr32.exe and delete it.
- Now restart your machine (in normal mode by not pressing F8 repeatedly)
- With luck devldr32.exe is gone for good and your soundcard still works nicely (albiet only on 2 speakers).
I don’t know if there really is a virus out their calling itself devldr32.exe, I presume there is, fortunately I didn’t have the virus, I had the genuine file, as you can see even the genuine file was a pain to remove, but I imagine the virus is even harder to get rid of.
I have no idea how to remove the virus as I’ve never had it, but I can point you towards a great free virus scanner:http://www.clamwin.com/ and also a great free Rootkit remover: http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html both come highly recommended by me. But, as always, I’m not responsible if you mess your PC up.
Hi there! I’ve had this problem for about a week and have been trying (in vain) to fix it. Thankfully we have 2 computers, so I was able to use this one to do some research. I just found your page this morning and started following your instructions. It was working just fine until i got to step 3, when I tried to delete the file. I got the usual, “Are you sure you would like to delete this and send it to the recycling bin?” message, and clicked “OK.” Then I got an error message along the lines of, “The file could not be deleted. Check to see if the disk is full or write protected.” I don’t remember exactly what it was. I decided to do a Ctrl+Alt+Delete and saw that the CPU usage was at 100%. I don’t know if that has anything to do with it… Do you have any advice for me as to what I would do? I would greatly appreciate it!
Thanks!
Danny
Hi Danny,
The best advice I can give you without being there, is to make sure you have as few programs running as possible (that’s the reason why we go into safe mode). If you also use task manager to stop any other programs that are running you might be able to delete the file then.
Thanks
Chris
About How To Remove devldr32.exe
Ive been pulling my hair out trying remove this also. delet never worked.
I found and used your suggestion this morning,,,, been using my computer
all afternoon. So far I have seen no sign of the dreaded devldr32.
thanks for your perserverance, Its gone as of now. it would bring my puter to a screaching halt before.
Thanks,
Dustie
devldr32 – how to remove it:
1. Rename all copies of devldr32 to something else. ( The copy in \system32 will come back. Lord knows where from. VERY suspicious!!!). Don’t worry at this stage.
2. Create a small .txt file using notebook ( just one character of your choice will do). Save it as devldr32.txt to c:\windows\system32 for use in a minute.
3. Shut down; reboot into safe mode with command prompt.
4. At the prompt type cd c:\windows\system32 (changes directory to the one where devldr32.exe lives)
5. Type del devldr32.exe (deletes offending file)
6. Type ren devldr32.txt devldr32.exe (renames your tiny .txt file and fools whatever is recreating it into thinking it’s already there)
7 Type attrib +r devldr.exe (sets the read only attribute to prevent anything deleting it)
8. Reboot normally et voila – no more devldr probs. You might well get wierd errors about NTDVM CPU which are very irritating. Just keep clicking close when you see them. I’m working on curing this issue now so watch this space.
Keith, thanks for usefful info.
I followed both procedure but the file persisted. Then I made a search and found this one.
C:\WINDOWS\system32\ReinstallBackups003\DriverFiles\i386\devldr32.exe
I removed it along the others and problem solved!!….
But I’d like to know which process is the responsible to keep an eye on the file and restore it in case of removal.
OS: WinXP Pro
I can’t thank you enough for this solution, this process has been driving me crazy and slowing down my computer. What you suggested worked and the process is gone so thank you for all of your effort to work this out and for posting it on here for us.
I have WinPatrol on my computer to alert me to suspicious things that may be going on. I looked at the active tasks list and devldr32 is listed. I don’t think it’s a virus because I’m not experiencing any problems, but I don’t see why it should be running as I don’t know what it is. If I go through your steps to remove the file, could it backfire on me? Could this file actually be useful?
For Windows XP SP3, in addition to removing the file from winnt\system32 and from winnt\system32\dllcache you must also open the task manager under processes and stop the process devldr32.exe. Once I did all of that and rebooted, it was gone. This was all done in safe mode. To be safe, I renamed the files to baddevldr32 or similar so that if the file was not the cause of the problem, you can always rename it back later.
I have the same problem and when I go into task manager… it is there 857 times!
Will using the recovery disk or reinstalling windows just take care of the problem? I can’t get windows to load all the way because of 857 processes of the dreaded thing!
I tried to delete the files in safe mode, but i could not even get into the control panel and it was so slow it would take 20 min each time i clicked a button to open somthing.
I tried to do a system restore but would not let me.
I tried my xp cd re-install using the repair feature. it got an error and shut down, and now i get a message saying i am missing files and xp cant load.
So I though i would do a full install, but it says XP already exists. I didn’t want to delete xp and reload yet infear i will loose everything that has not been backed up yet.
Is there anything i can do in DOS to delete the files or get xp to load again.
This all started when I was trying to upgrade Roxio easy media creator.
hi there, I also found devldr32.exe inside “driver.cab” in the i386 folder.
If this works, I hope to try the same thing on other problems, like wuauclt.exe
Thanks to the OP, Keith, L-eon, and Elliott.