Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can only run in Safe Mode, system hangs after total cleaning


  • Please log in to reply
2 replies to this topic

#1 heynowjerry

heynowjerry

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 27 January 2009 - 04:23 PM

Thanks for providing this great forum.
  • Executed MBAM
  • Executed BitDefender
  • Executed SUPERAntiSpyWare
Found bdon.bin in the System 32 dir, and deleted with HijackThis on Reboot.

All services shutdown. Startup turned off.

Cannot figure where this is going.

In Task mgr, the Explore.exe is growing slowly over time, up to 32000k in 10 minutes. If i kill it, i can't get the desktop back.

Any help appreciated.

BC AdBot (Login to Remove)

 


#2 heynowjerry

heynowjerry
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 28 January 2009 - 08:40 AM

Ran Dr. Web-Cureit based on other posts.
On Quick scan, it found a BitDefender livesvr.exe which was Dloader.Trojan. Moved Incurable.

Then ran full scan as per other post.

psexec.exe;C:\Documents and Settings\Jerry Sheer\My Documents\jsheer\PsTools;Program.PsExec.180;Incurable.Moved.;
pskill.exe;C:\Documents and Settings\Jerry Sheer\My Documents\jsheer\PsTools;Tool.ProcessKill.12;Incurable.Moved.;


Any suggestions on next steps please?

Last week, i also ran ATF-Cleaner.

#3 heynowjerry

heynowjerry
  • Topic Starter

  • Members
  • 5 posts
  • OFFLINE
  •  
  • Local time:09:22 PM

Posted 28 January 2009 - 09:19 AM

MOre:

Upon restart of the system in NORMAL mode, a file appears in System32.

bdod.bin

I have deleted but it reappears only in NORMAL mode, not in SAFE MODE.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users