C:/WINDOWS/system32/plgduvwy/ ERROR! (and another problem)

[USAhq283]

There is an error that whenever I start up Windows, it will open and
everything (it will do what it always does when it starts). But when I am on
my desktop, it will load all the shortcuts, the taskbar, the time, etc.. Then
an error message saying something about it unable to load
C:/WINDOWS/system32/plgduvwy/.

Now the second error comes in (its a real bugger). After about 8 seconds of
time im on my desktop, everything suddenly disappears, yet windows like
Firefox, AVG, etc. still stays there. But when I open My Computer, Run, etc.
they disappear too. Then about after 3 seconds after it all disappears, it
all returns, yet, Run, My Computer, etc. don't return, and Firefox, AVG,
services.mgn etc. do return. And this keep doing this, over, and over, again.

Whenever I click the start menu, and its still showing, and everything
disappears, they STAY hidden, thus, giving me access to other programs
and games, and my shortcuts. Right now (10:04 4th of May 55 seconds EST)
It is all gone.

Please help this, I do not know how to fix this.

 

[Jim]

There is an error that whenever I start up Windows, it will open and
everything (it will do what it always does when it starts). But when I am
on
my desktop, it will load all the shortcuts, the taskbar, the time, etc..
Then
an error message saying something about it unable to load
C:/WINDOWS/system32/plgduvwy/.

Now the second error comes in (its a real bugger). After about 8 seconds
of
time im on my desktop, everything suddenly disappears, yet windows like
Firefox, AVG, etc. still stays there. But when I open My Computer, Run,
etc.
they disappear too. Then about after 3 seconds after it all disappears, it
all returns, yet, Run, My Computer, etc. don't return, and Firefox, AVG,
services.mgn etc. do return. And this keep doing this, over, and over,
again.

Whenever I click the start menu, and its still showing, and everything
disappears, they STAY hidden, thus, giving me access to other
programs
and games, and my shortcuts. Right now (10:04 4th of May 55 seconds
EST)
It is all gone.

Please help this, I do not know how to fix this.

This certainly sounds like malware..
My system does not have a file with that name either.
A search on Yahoo reveals nothing.

What is the malware status of your machine? You might have better luck
doing the scans in Safe Mode.

Jim

 

[PA Bear [MS MVP]]

Most likely, you've got a ZLOB infection, accompanied by its friends Vundo,
SDBot and some sort of rootkit "protecting" them all.

Unexplained computer behavior may be caused by deceptive software
http://support.microsoft.com/kb/827315

Run a thorough check for hijackware, including posting your hijackthis log
to an appropriate forum.

Checking for/Help with Hijackware
http://aumha.org/a/parasite.htm
http://aumha.org/a/quickfix.htm
http://aumha.net/viewtopic.php?t=5878
http://wiki.castlecops.com/Malware_Removal_and_Prevention:_Introduction
http://mvps.org/winhelp2002/unwanted.htm
http://inetexplorer.mvps.org/data/prevention.htm
http://inetexplorer.mvps.org/tshoot.html
http://www.mvps.org/sramesh2k/Malware_Defence.htm
http://defendingyourmachine2.blogspot.com/
http://www.elephantboycomputers.com/page2.html#Removing_Malware

When all else fails, HijackThis v2.0.2
(http://aumha.org/downloads/hijackthis.exe) is the preferred tool to use.
It will help you to both identify and remove any hijackware/spyware with
assistance from an expert. **Post your log to
http://forums.spybot.info/forumdisplay.php?f=22,
http://castlecops.com/forum67.html,
http://forums.subratam.org/index.php?showforum=7,
http://aumha.net/viewforum.php?f=30, or other appropriate forums for review
by an expert in such matters, not here.**

If the procedures look too complex - and there is no shame in admitting this
isn't your cup of tea - take the machine to a local, reputable and
independent (i.e., not BigBoxStoreUSA) computer repair shop.
--
~Robear Dyer (PA Bear)
MS MVP-IE, Mail, Security, Windows Desktop Experience - since 2002
AumHa VSOP & Admin http://aumha.net
DTS-L http://dts-l.net/

There is an error that whenever I start up Windows, it will open and
everything (it will do what it always does when it starts). But when I am
on
my desktop, it will load all the shortcuts, the taskbar, the time, etc..
Then an error message saying something about it unable to load
C:/WINDOWS/system32/plgduvwy/.

Now the second error comes in (its a real bugger). After about 8 seconds
of
time im on my desktop, everything suddenly disappears, yet windows like
Firefox, AVG, etc. still stays there. But when I open My Computer, Run,
etc.
they disappear too. Then about after 3 seconds after it all disappears, it
all returns, yet, Run, My Computer, etc. don't return, and Firefox, AVG,
services.mgn etc. do return. And this keep doing this, over, and over,
again.

Whenever I click the start menu, and its still showing, and everything
disappears, they STAY hidden, thus, giving me access to other
programs and games, and my shortcuts. Right now (10:04 4th of May 55
seconds EST) It is all gone.

Please help this, I do not know how to fix this.

 

[nass]

There is an error that whenever I start up Windows, it will open and
everything (it will do what it always does when it starts). But when I am on
my desktop, it will load all the shortcuts, the taskbar, the time, etc.. Then
an error message saying something about it unable to load
C:/WINDOWS/system32/plgduvwy/.

Now the second error comes in (its a real bugger). After about 8 seconds of
time im on my desktop, everything suddenly disappears, yet windows like
Firefox, AVG, etc. still stays there. But when I open My Computer, Run, etc.
they disappear too. Then about after 3 seconds after it all disappears, it
all returns, yet, Run, My Computer, etc. don't return, and Firefox, AVG,
services.mgn etc. do return. And this keep doing this, over, and over, again.

Whenever I click the start menu, and its still showing, and everything
disappears, they STAY hidden, thus, giving me access to other programs
and games, and my shortcuts. Right now (10:04 4th of May 55 seconds EST)
It is all gone.

Please help this, I do not know how to fix this.

Open windows explorer and locate this directory:
C:\WINDOWS\system32\plgduvwy.dll or the one with
C:\WINDOWS\system32\plgduvwy.sys
Also you can use this tool (Autoruns.exe) to remove it:
By Bryce Cogswell and Mark Russinovich
http://www.microsoft.com/technet/sysinternals/Security/RootkitRevealer.mspx

Your Anti-virus may be removed the viral infection but still in the Root
system and on the Registry, please perform the cleaning steps to make sure
nothing lurking in the background to revive the infestation back to action!.

Unexplained computer behaviour may be caused by deceptive software
http://support.microsoft.com/kb/827315

Go through these Cleaning steps:
1... First, try to clean up your caches, Internet files and delete cookies
by doing this:
Click Start >> Control Panel >> Double click Network and Internet
Connections >> Double click Internet Options.
On the IE properties windows you will see these Tabs:
General | Security | Privacy | Content | Connections | Programs |
Advanced
Under General Tab clear your History, Internet Files and Cookies.
Then click on Advanced tab and scroll down to under the Browsing Option:
[&] Browsing
[ ] Enable Third-Party browser extensions (Req Rest) uncheck this box.
Then click on Programs Tab and click Manage Add-Ons and Disable all non
Verified Add-Ons (You should Renable them later one-by-one and see the
culprit and update it or remove it.
How to manage Add-Ons:
http://support.microsoft.com/kb/883256
Scan for malware from here:
http://onecare.live.com/site/en-gb/default.htm?s_cid=sah
http://onecare.live.com/standard/en-gb/default.htm
RootkitRevealer v1.71

You can download this tool "AutoRuns for Windows"
http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx
And remove the entry from here:

Locate this key:
[-]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run = look in
the right pane/window and remove the entry for it
"C:\WINDOWS\system32\plgduvwy.dll " or if it was with .sys
"C:\WINDOWS\system32\plgduvwy.sys"

Run disk cleanup and defrag in safe mode.

HTH.
nass

 

[Robert Pendell]

There is an error that whenever I start up Windows, it will open and
everything (it will do what it always does when it starts). But when I am on
my desktop, it will load all the shortcuts, the taskbar, the time, etc.. Then
an error message saying something about it unable to load
C:/WINDOWS/system32/plgduvwy/.

Now the second error comes in (its a real bugger). After about 8 seconds of
time im on my desktop, everything suddenly disappears, yet windows like
Firefox, AVG, etc. still stays there. But when I open My Computer, Run, etc.
they disappear too. Then about after 3 seconds after it all disappears, it
all returns, yet, Run, My Computer, etc. don't return, and Firefox, AVG,
services.mgn etc. do return. And this keep doing this, over, and over, again.

Whenever I click the start menu, and its still showing, and everything
disappears, they STAY hidden, thus, giving me access to other programs
and games, and my shortcuts. Right now (10:04 4th of May 55 seconds EST)
It is all gone.

Please help this, I do not know how to fix this.

Looks like my friend that I hit with my best friends mother's computer.
I would take up the tips that both PA Bear and nass have already
suggested but it will take a bit of work. For me the malware was posing
as a non plug and play driver.

--
Robert Pendell
(e-mail address removed)

"A perfect world is one of chaos."

Thawte Web of Trust Notary
CAcert Assurer