System32 – a brief description

Current Microsoft Windows operating systems store system files in the “system32” and the “system” folders.  Both are required system directories.  System32 is likely named due to 32-bit capability; a 32-bit application can run in a 32-bit (4 octets) address space.  The first 32-bit operating system did not come about until the introduction of Windows NT in 1993.  The following operating systems have a system32 folder: Windows NT, 98, ME, 2000, and XP.

The system32 folder itself cannot be the cause of errors unless it is missing or named improperly.  There are numerous system files that are critical to the functioning of your computer that are stored in the system32 folder.  Modification, corruption, or deletion of these files can lead to performance issues or system failure.  There are many instances when users face errors related to files stored in the system32 folder.  For example:

Windows could not start because the following files is missing or corrupt \WINDOWS\SYSTEM32\CONFIG\SYSTEM or WINDOWS\SYSTEM32\CONFIG\SOFTWARE

Or:

“C:\WINT\SYSTEM32\AUTOEXEC.NT. The system file is not suitable for running MS-DOS and Microsoft Windows applications. Choose 'Close' to terminate the application.”

Other Related Issues

While there is a system32 folder which is necessary for proper functioning of certain Microsoft systems, there is not a Microsoft file with the prefix “system32” that is a required system file.  There is however, known malware (malicious software) called “system32.exe” that has been referenced as the MARI virus.  Internet sources offer varying reports on this virus Risks.  One source mentions that it spreads via emails and displays messages related to legalization of marijuana.  Another report states that it is a Trojan virus that allows remote access to your computer and proceeds in the theft personal and financial data. 

What is for certain - today’s malware technology uses both deceptive and sophisticated methods to be downloaded to your system and to remain there.  One sneaky little trick is to use a filename that appears to be required by your computer system. 

Solutions and repairs

If you are missing a system file or if it has been corrupted, restoring your system to a previous working state is a solution.  With Windows XP you can use the system restore function by doing the following:

1. Click the Start button and select Programs | Accessories | System Tools | System Restore.
2. Select the Restore my computer to an earlier time option.
3. Follow the steps to restore your computer.

With Windows 2000 you can use the Windows XP SFC command tool.  Here’s how:

1. Have your Windows installation CD’s on hand.
2. Click the Start button and select Run.
3. Type: “sfc /scannow” and click OK.

Windows File Protection opens and verifies that all the necessary system files are intact and reside in their original versions.  You may be prompted to insert your Windows CD’s.

If problems continue or if you are looking for another solution you can search for one by going online using web resources.  We suggest using information from the manufacturers of the applications (that is, from one recently installed) or the system.  To find information on issues related to Microsoft system files refer to the Microsoft Support Knowledge Base.  The web site address is: http://support.microsoft.com/search/.  From here you can select the operating system of your computer and enter your search.

There are many who look for online solutions when experiencing issues related to malware.  Finding useful information is a good start.  However, spending time scouring the Internet has its limitations.  For example:

-   There is no guarantee that the solution will work or, worse yet, it could result in other harmful system effects.  This can occur regardless of good intentions from the source.  It is not always safe to assume that what worked in one scenario will work for you.

-   There is no guarantee that you will remove all the items related to the malware (for example, registry entries or hidden files).

-   There is no standardization with respect to malware.  Different creators of malware could use the same filenames and the actual solution would rely on different removal techniques.

There is one other item to consider – there may in fact be legitimate software that uses that name “system32.exe”.  The best solution is to use a good, professional software tool designed to remove malware.  Good anti-malware tools and solution providers will have done the following:

-   Provided the means to detect and remove items that are in fact identified as malware; items that have a negative system impact or pose a security threat.

-   Performed adequate testing behind the scenes; removed the malware items in a test environment and ensured that the system still runs as expected.

-   Provided a tool that removes all items associated with the malware (if you try this manually you are likely to get only bits and pieces); good anti-malware tools will remove all the items including registry entries.

In short, having a solution provider that is dedicated to accurate detection, removal, and ensuring ongoing system stability is crucial.  Having access to a customer support team is also beneficial in these instances as well.  Working together with the solution provider ensures that you will have your computer system working correctly.  One such solution provider is ParetoLogic.  The solutions: XoftSpySE Anti-Spyware and RegCure Registry Cleaner.