Search:  

 
theme to black backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All ForumsHot TopicsGallery






how-to block ads


 
Forums » Up and Running » Security » Security » HJT Log Adware.BetterInternet Nail.exe
Search Topic:
 Share Topic:
RSS topic:
toggle:
flat / full
normal / watch
Posting:
Links: ·Hijack This logs? ·Panda Free Tools ·Vundo Removal
Babe.The-Killer.bz »
« Montana agencies fail to scrub PCs  
AuthorAll Replies


TheJoker
Premium,VIP,MVM
join:2001-04-26
Alexandria, VA

reply to blusky1
Re: HJT Log Adware.BetterInternet Nail.exe

Please download the trial version of Ewido Security Suite here:
»www.ewido.net/en/download/
Install it, and update the definitions to the newest files. Do NOT run a scan yet.

Please run Notepad and copy the following text into a new file:
@ECHO OFF
cd %windir%
Nail.exe /FULLREMOVE
sc config SvcProc start= disabled
sc stop SvcProc
sc delete SvcProc
attrib -s -r -h nail.exe
attrib -s -r -h svcproc.exe
del nail.exe
del svcproc.exe
cd %windir%\system32
attrib -s -r -h DrPMon.dll
del DrPMon.dll
exit
Save the file to the desktop as remove.bat and make sure the "Save as type" field says "All files".

Next, please reboot your computer in Safe Mode by doing the following:
1) Restart your computer
2) After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
3) Instead of Windows loading as normal, a menu should appear
4) Select the first option, to run Windows in Safe Mode.

For additional help in booting into Safe Mode, see the following site:
»www.pchell.com/support/safemode.shtml

Once in Safe Mode, please double-click on remove.bat. A window should open and close very quickly --- this is normal.

Then please run Ewido, and run a full scan. Post the log from the scan here for me.

Then please run HijackThis, click Scan, and check:

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O4 - HKLM\..\Run: [xbnuwxa] c:\windows\system32\zpoejid.exe

Close all open windows except for HijackThis and click Fix Checked.

Restart your computer in normal mode and please post a new HijackThis log, as well as the log from the Ewido scan.

--
TheJoker
to forum · permalink · · 2005-05-05 19:27:47 · (locked)
Thread is
Forums » Up and Running » Security » SecurityBabe.The-Killer.bz »
« Montana agencies fail to scrub PCs  

Tuesday, 10-Nov 15:55:12 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.republican-creole
page compression OFF
Most commented news this week
· [103] Moto Sold About 100,000 Droids
· [92] Verizon Keeps Swinging At AT&T
· [86] VoIP Over 3G Still Not Working For iPhone
· [57] Government Will Release Some Telco Wiretap Lobbying Documents
· [34] Bill Would Force ISPs To Block Financial Scams
· [30] Verizon's Hanging Up On Rural America
· [24] Mediacom Hints At 50, 100 Mbps Speeds
· [18] Clearwire To Get Another $1.5 Billion
· [18] Sprint Announces Job Cuts
· [14] Google Offers Free Holiday Airport Wi-Fi
Most people now reading
· Google Has Acquired Gizmo5 [VOIP Tech Chat]
· Windows 7 boot manager editing questions [Microsoft Help]
· Replace entry door [Home Repair & Improvement]
· House inspector failed to find major gas leak [Home Repair & Improvement]
· Framed for child porn 151; by a PC virus [Security]
· 3.x Feral Druid - Bear Tanking Guide [World of Warcraft]
· [ Classes] ATTN Death Knights - Post your spec for critique! [World of Warcraft]
· How in the world am I going to get into college? [General Questions]
· A fishy CRTC tarriff filed by bell? [TekSavvy]