If you don’t want to read about it, click here to see the solution
Once again, I seem to have found a poorly documented PC problem, funny how I always seem to be getting these…
Anyway, this page is all about how I managed to remove the unbelieveably annoying file devldr32.exe from my Windows XP box. I recently needed to move PCs as my old computer was starting to play up, doing things like not shutting down or starting up properly; you know the kinds of things that happen to Windows PCs after a while.
Since I had a spare PC knocking around, and it had a higher spec than the one I was using I decided to move onto the spare machine and turn my old PC into a proper server for my web development. This basically meant starting from scratch on the spare machine which I promptly did. To cut a long story short, I got it all up and running, got all the device drivers installed and was good to go!
Until I noticed a process running which I didn’t install, and which, quite frankly, I didn’t want running – guess which file! You got it devldr32.exe
So, like I normally do, I killed the processes, checked all the usual places that can cause files to auto start (startup folder, registry, services) and found nothing (or if I did find anything I deleted it, to be honest I can’t remember now).
Then obviously I restarted and, lo-and-behold, there’s that file running again, pretty much laughing at me. So I killed it again and carried on. Then I noticed it running again! How did that happen? I didn’t even restart my machine. So I killed it again and opened my ftp program (for no particular reason) and as I’m watching my process list, it fires itself up again.
So by now I’m starting to think this file must be a virus, so I did my usual Googling and found this:http://www.neuber.com/taskmanager/process/devldr32.exe.html. Cool, useful and everything but no solution, and no clear answer on whether this is a virus or not. But at least it mentioned Creative SoundBlaster drivers, which I thought I had.
Anyway, cutting another longish story short, I searched and searched for ways to remove the stupid thing, including searching the Creative Labs website and everything.
Ultimately though, no matter what I did, I could neither remove the file or find any information about how to remove the file. No I’m not one to let these things get away, so I figured I’d have to solve the problem myself. And, thankfully I manged to, here’s how:
Actually the trick is rather simple, if you’re reading this you’ve probably already read about deleting devldr32.exe from c:\windows\system32\ and if you’ve really been paying attention, to also remove it from c:\windows\system32\dllcache\
That is basically the technique, but since the file seems to be able to load itself from whatever driver you’ve got loaded, simply killing the process and deleting those files doesn’t get rid of the little bugger!
Instead you need to reboot Windows XP into Safe mode, then delete the files. Complete explanation follows:
Solution
- Restart your PC, as soon as it starts to come back online, start tapping the F8 key furiously, if you get it right, you’ll be presented with the option to load Windows XP in safe mode, choose it using the arrow keys and hit enter.
- Windows XP will load and look rubbish, log in if you have to and open Windows explorer.
- Go to C:\windows\system32\ and delete devldr32.exe
- Now as a precaution, lets remove it from the dll cache.
- Still in Windows Explorer, click on the ‘Tools’ menu at the top of the window, and select ‘Folder Options’
- In the window that appears, click the ‘view’ tab.
- In the advanced settings section, check ‘Show hidden files and folders’ and also uncheck ’hide protected operating system files(Recommended).(Click ok on the warning if you get one)
- Click OK to get out of the window you were in.
- You should now be looking at a much longer list in the c:\windows\system32\ folder, if you look closely you should be able to see the \dllcache\ folder.
- Click on it
- Find devldr32.exe and delete it.
- Now restart your machine (in normal mode by not pressing F8 repeatedly)
- With luck devldr32.exe is gone for good and your soundcard still works nicely (albiet only on 2 speakers).
I don’t know if there really is a virus out their calling itself devldr32.exe, I presume there is, fortunately I didn’t have the virus, I had the genuine file, as you can see even the genuine file was a pain to remove, but I imagine the virus is even harder to get rid of.
I have no idea how to remove the virus as I’ve never had it, but I can point you towards a great free virus scanner:http://www.clamwin.com/ and also a great free Rootkit remover: http://www.sophos.com/products/free-tools/sophos-anti-rootkit.html both come highly recommended by me. But, as always, I’m not responsible if you mess your PC up.
5 Comments
Hi there! I’ve had this problem for about a week and have been trying (in vain) to fix it. Thankfully we have 2 computers, so I was able to use this one to do some research. I just found your page this morning and started following your instructions. It was working just fine until i got to step 3, when I tried to delete the file. I got the usual, “Are you sure you would like to delete this and send it to the recycling bin?” message, and clicked “OK.” Then I got an error message along the lines of, “The file could not be deleted. Check to see if the disk is full or write protected.” I don’t remember exactly what it was. I decided to do a Ctrl+Alt+Delete and saw that the CPU usage was at 100%. I don’t know if that has anything to do with it… Do you have any advice for me as to what I would do? I would greatly appreciate it!
Thanks!
Danny
Hi Danny,
The best advice I can give you without being there, is to make sure you have as few programs running as possible (that’s the reason why we go into safe mode). If you also use task manager to stop any other programs that are running you might be able to delete the file then.
Thanks
Chris
About How To Remove devldr32.exe
Ive been pulling my hair out trying remove this also. delet never worked.
I found and used your suggestion this morning,,,, been using my computer
all afternoon. So far I have seen no sign of the dreaded devldr32.
thanks for your perserverance, Its gone as of now. it would bring my puter to a screaching halt before.
Thanks,
Dustie
devldr32 – how to remove it:
1. Rename all copies of devldr32 to something else. ( The copy in \system32 will come back. Lord knows where from. VERY suspicious!!!). Don’t worry at this stage.
2. Create a small .txt file using notebook ( just one character of your choice will do). Save it as devldr32.txt to c:\windows\system32 for use in a minute.
3. Shut down; reboot into safe mode with command prompt.
4. At the prompt type cd c:\windows\system32 (changes directory to the one where devldr32.exe lives)
5. Type del devldr32.exe (deletes offending file)
6. Type ren devldr32.txt devldr32.exe (renames your tiny .txt file and fools whatever is recreating it into thinking it’s already there)
7 Type attrib +r devldr.exe (sets the read only attribute to prevent anything deleting it)
8. Reboot normally et voila – no more devldr probs. You might well get wierd errors about NTDVM CPU which are very irritating. Just keep clicking close when you see them. I’m working on curing this issue now so watch this space.
Keith, thanks for usefful info.