• Welcome to Overclockers Forums! Join us to reply in threads, receive reduced ads, and to customize your site experience!

possible virus or something

Overclockers is supported by our readers. When you click a link to make a purchase, we may earn a commission. Learn More.

jayson

Member
Joined
Jun 2, 2002
Location
Essex, UK
I think i have a virus of some sort. it is slowing my computer by taking up memory and cpu power. in the task manager i can see the process 'OBODJJ32.EXE' and it takes up alot of cpu (30-50%) and has a big memory usage too. when ever i end the process it will automatically come back. this has only started recently and i have not installed anything for a while, but have just connected to the internet (haven’t been over summer) any help on how to remove this will be helpful.

I have tried virus scan (norton) and a reg cleaner and spyware cleaner but still nothing.
 
tyr adware 6.0 its a freeware but workz great with adware/spyware try searching your comp for 'OBODJJ32.EXE' and deleting it manually
 
Follow the parts of the malware warfare guide in my sig for cleaning malware.

Post a Hijackthis log as an attachment to your post.
 
You need to run spybot, and make sure adaware is updated completely. You should follow the guide in my sig also, if you have not already.

Check and fix these:

O2 - BHO: BrowserHelper Class - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{77CB1E31-6576-4F1A-830B-9D8676484CEA}: NameServer = 192.168.1.1,1.0.0.0
O21 - SSODL: Web Event Logger - {7CBBACFF-EE00-1230-ABCC-516592B5D639} - C:\WINDOWS\System32\Dmhfnjpc.dll

Also, find those files in windows, and delete them... If the process is active, end task on it. If it restarts, you may need to do this from safe mode. Safe mode can be accessed by pressing F8 repeatedly during boot up.
 
yep ive done that, but the process is still there?.......the only place ive found the file name is in the windows prefech folder so not the actuall file or alike
 
The file resides in the sytem32 folder here:

C:\WINDOWS\System32\Obodjj32.exe

In order to see it and delete it, you may need to go into tools>folder options>view then select show hidden files and de-select hide hidden operating system files.

You will then be able to find this obodjj32 file, and in order to delete it its process will need to be disengaged - you can try to end task on it, however if it restarts too quickly, you will probably need to go into safe mode in order to find and remove it.
 
Back