Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Virus possible BVD32.exe

Posted on 2009-04-30
Medium Priority
Last Modified: 2013-12-09
I have an  issue on a couple of networks with the home directories of users getting a file put into them called bvd32.exe and when the users log in to infected machines it comes up with 2 error windows (dos windows) saying that ntvdm running bvd32.exe has had an error it asks you to ignore or close. has anybody else come across this file and how it infects checking virustotal none of the leading antivirus manufacturers seem to pick it up

Question by:asrats
  • 2
  • 2
LVL 47

Expert Comment

ID: 24276762
Download and run both of these tools and show us the logfiles. If they won't run, then redownload and rename before saving to your desktop.

1.  Download Malwarebytes' Anti-Malware to your desktop, check for the tool's Updates before running a scan.

2.  Please download ComboFix by sUBs:
You must download it to and run it from your Desktop
Now STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply by pasting it in the "Code Snippet" or "Attach File" window.
Re-enable all the programs that were disabled during the running of ComboFix..

Do not mouse-click combofix's window while it is running. That may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

If needed, here's the Combofix tutorial which includes the installation of the Recovery Console:

Author Comment

ID: 24405456
i ended up reinstaling machine thanks for assistance

they didnt have many programs on it

Author Comment

ID: 24510889
running combofix on machine then manualy deleting files fixed issue on another machine
LVL 47

Accepted Solution

rpggamergirl earned 2000 total points
ID: 24510937
Reformatting and reinstalling is always the safest solution and with not so many programs to put back that's the best solution.
<<<"running combofix on machine then manualy deleting files fixed issue on another machine">>>

Combofix has a script function to delete bad files that weren't deleted in the first run that's why we always ask to look at the CF log to make sure it's clean.
Glad to know the issue on another pc is fixed.

To uninstall Combofix:
Go to Start > Run and 'copy and paste' next command in the field:

ComboFix /u

You can then close this question please.


Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Suggested Courses

581 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question