Please Help!!

Question

ollieb2008 0 Newbie Poster

16 Years Ago

I have had this really annoying red circle with a white cross in mhy system tray which every so often, flashes up with a message saying viruses detected. If i click on the message it takes me to a companies website to buy there anti-virus product.

I have tried to download AVG but it wont open, ive tried to download spybot, but that wont open. Ive read a few of your other threads but HijackThis wont open either. Im really stuck for ideas and its REALLY frustrating ha.

Hope to hear from someone soon.

Thanks

windows-virus

2 Contributors
9 Replies
99 Views
5 Days Discussion Span
Latest Post 16 Years Ago Latest Post by crunchie

All 9 Replies

crunchie 990 Most Valuable Poster

16 Years Ago

Hi and welcome to the Daniweb forums :).

==========

Download Itty Bitty Process Manager (IBProcMan.zip)(direct download) http://www.merijn.org/files/ibprocman.zip
Run the process manager. Near the top right there are a couple of icons. Select the one to the left to copy to the clipboard. Paste the results back here.

crunchie 990 Most Valuable Poster

16 Years Ago

Delete the following file; C:\WINDOWS\system32\nod32se.exe If you cannot delete it in normal mode, try it in safe mode.
Once done. post an hijackthis log.

crunchie 990 Most Valuable Poster

16 Years Ago

Try it in safe mode.

Reply to this topic

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.

ollieb2008 0 Newbie Poster · Answer 1 · 2008-03-30T23:18:52+00:00

Process list saved on 17:18:19, on 30/03/2008
Platform: WinNT 5.01.2600 SP2

[pid] [full path to filename] [file version] [company name]
1156 C:\WINDOWS\System32\smss.exe 5.1.2600.2180 Microsoft Corporation
1296 C:\WINDOWS\system32\winlogon.exe 5.1.2600.2508 Microsoft Corporation
1340 C:\WINDOWS\system32\services.exe 5.1.2600.2180 Microsoft Corporation
1352 C:\WINDOWS\system32\lsass.exe 5.1.2600.2180 Microsoft Corporation
1528 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 Microsoft Corporation
1660 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 Microsoft Corporation
404 C:\WINDOWS\system32\spoolsv.exe 5.1.2600.2696 Microsoft Corporation
524 C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe 1.14.0.0 Apple, Inc.
556 C:\Program Files\Common Files\Authentium\AntiVirus\dvpapi.exe 4.94.107.129 Authentium, Inc.
592 C:\Program Files\CA\PPRT\bin\ITMRTSVC.exe 1.1.0.24 CA, Inc.
632 C:\Program Files\Network Associates\Common Framework\FrameworkService.exe 3.5.0.412 Network Associates, Inc.
748 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE 7.0.9466.0 Microsoft Corporation
852 C:\Program Files\Raxco\PerfectDisk\PDAgent.exe 8.0.0.57 Raxco Software, Inc.
1188 C:\WINDOWS\system32\svchost.exe 5.1.2600.2180 Microsoft Corporation
1788 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 1.11.0.0 ATI Technologies Inc.
1780 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe 8.1.6.0 Synaptics, Inc.
1948 C:\WINDOWS\RTHDCPL.EXE 2.0.4.4 Realtek Semiconductor Corp.
1708 C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe 5.0.0.910 Cyberlink Corp.
2972 C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe 6.0.50.13 Sun Microsystems, Inc.
2992 C:\Program Files\Common Files\Real\Update_OB\realsched.exe 0.1.0.3510 RealNetworks, Inc.
3012 C:\Program Files\iTunes\iTunesHelper.exe 7.5.0.20 Apple Inc.
3268 C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe 3.5.0.412 Network Associates, Inc.
3364 C:\Program Files\MSN Messenger\MsnMsgr.Exe 8.1.178.0 Microsoft Corporation
3604 C:\WINDOWS\system32\ctfmon.exe 5.1.2600.2180 Microsoft Corporation
3840 C:\Program Files\BitTorrent\bittorrent.exe
232 C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe 1.5.2.16 Safer Networking Limited
1928 C:\Program Files\FinePixViewerS\QuickDCF2.exe 1.1.1.0 FUJIFILM Corporation
2476 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 1.11.0.0 ATI Technologies Inc.
2500 C:\Program Files\ATI Technologies\ATI.ACE\cli.exe 1.11.0.0 ATI Technologies Inc.
2468 C:\WINDOWS\system32\nod32se.exe
2548 C:\Program Files\Internet Explorer\IEXPLORE.EXE 7.0.6000.16608 Microsoft Corporation
2628 C:\WINDOWS\system32\msiexec.exe 3.1.4000.1823 Microsoft Corporation
3164 C:\Program Files\iPod\bin\iPodService.exe 7.5.0.20 Apple Inc.
3032 C:\Program Files\MSN Messenger\usnsvc.exe 8.1.178.0 Microsoft Corporation
3160 C:\WINDOWS\System32\svchost.exe 5.1.2600.2180 Microsoft Corporation
3256 C:\WINDOWS\system32\rundll32.exe 5.1.2600.2180 Microsoft Corporation
2340 C:\WINDOWS\explorer.exe 6.0.2900.3156 Microsoft Corporation
2988 C:\PROGRA~1\WINZIP\winzip32.exe 21.0.6698.0 WinZip Computing LP
3816 C:\Documents and Settings\Ollie\Local Settings\Temp\wz5cbf\IBProcMan.exe 1.4.0.0 Soeperman Enterprises Ltd.

This is what come up. Thanks a lot

ollieb2008 0 Newbie Poster · Answer 2 · 2008-03-31T21:34:52+00:00

Thanks. But HiJackThis wont open. I've downloaded both the old version and new version, i download them, extract them and double click them, then click run the programme but nothing happens.

:-S

ollieb2008 0 Newbie Poster · Answer 3 · 2008-04-02T22:49:15+00:00

Have tried it in safe mode after deleting that file and it still doesn't work. Kind of stuck now ha

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 4 · 2008-04-03T03:03:54+00:00

Download exefix_xp.com from http://www.mvps.org/sramesh2k/exefile.htm and follow the instructions there for running it.
See how you go then.

ollieb2008 0 Newbie Poster · Answer 5 · 2008-04-03T03:35:36+00:00

Ive tried all that, and still not loading. now saying that its not a valid win32 application(slight improvement ha).

crunchie 990 Most Valuable Poster Team Colleague Featured Poster · Answer 6 · 2008-04-03T15:23:24+00:00

Download Dial-a-Fix and run it. Select the 'Check all' (green arrow) and then hit 'GO.'
Reboot when done and see how things are now.

Please Help!!

Recommended Answers Collapse Answers

All 9 Replies

Recommended Answers