A
Adil Unaldi
Problem's name is Nail.exe if you can send me a e mail i
can send you this exe than we can resolve this problem.
Thnx for help
can send you this exe than we can resolve this problem.
Thnx for help
T
Tom Emmelot
Hello Adil,
I quote Andy Manchesta:
Another tool worth trying is the Aurora remover ,you
might still need hijack this though to remove this fully .
Download the Remover to your desktop
ABIremover:
http://xsorbit26.com/users5/andymanchesta/index.php?
action=dlattach;topic=3240.0;id=292
Download (if not already done) latest Hijackthis and
unpack it in its own folder(either desktop or c/drive)
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Reboot into safemode
start the ABIRemover.exe, press install, wait (explorer
window will disapear)
reboot again into safemode
fix the random key in the registry with hijackthis
(normaly
HKLM\Software\Microsoft\Windows\CurrentVersion\Run )
Probably will look like this but the filename could be
changed
HKLM\..\Run: [kmajdf] c:windows\system32\eccclq.exe
Remember the random name and delete it in your system32
directory
reboot into normal mode and run at least one online virus
scanner
Trend Micro http://housecall.antivirus.com/
Panda
http://www.pandasoftware.com/activescan/co...n_principal.h
tm
Symantecs Security Check & Virus scanner
http://security.symantec.com/default.asp?
productid=symhome&langid=ie&venid=sym
Good Look if you need any help contact:
(e-mail address removed)
Regards >*< TOM >*<
Adil Unaldi schreef:
I quote Andy Manchesta:
Another tool worth trying is the Aurora remover ,you
might still need hijack this though to remove this fully .
Download the Remover to your desktop
ABIremover:
http://xsorbit26.com/users5/andymanchesta/index.php?
action=dlattach;topic=3240.0;id=292
Download (if not already done) latest Hijackthis and
unpack it in its own folder(either desktop or c/drive)
http://www.spywareinfo.com/~merijn/files/hijackthis.zip
Reboot into safemode
start the ABIRemover.exe, press install, wait (explorer
window will disapear)
reboot again into safemode
fix the random key in the registry with hijackthis
(normaly
HKLM\Software\Microsoft\Windows\CurrentVersion\Run )
Probably will look like this but the filename could be
changed
HKLM\..\Run: [kmajdf] c:windows\system32\eccclq.exe
Remember the random name and delete it in your system32
directory
reboot into normal mode and run at least one online virus
scanner
Trend Micro http://housecall.antivirus.com/
Panda
http://www.pandasoftware.com/activescan/co...n_principal.h
tm
Symantecs Security Check & Virus scanner
http://security.symantec.com/default.asp?
productid=symhome&langid=ie&venid=sym
Good Look if you need any help contact:
(e-mail address removed)
Regards >*< TOM >*<
Adil Unaldi schreef:
A
AndyManchesta
Plan B 
Download Ccleaner
http://download.ccleaner.com/download120bin.asp
Download Adaware SE & Ewido Security Suite
Ewido .
http://www.ewido.net/en/download/
Adaware SE
http://www.download.com/3000-2144-10045910.html
Update the definitions and run them both after following
these steps.
1.
Go to: Start > Run >Type:
services.msc
Hit Enter
In the Services window, press name to sort them into
order then scroll down for:
System Startup Service (Make sure its the exact name)
Right click it and select "Properties"
Click the "Stop" button, and wait for Windows to stop the
process
Then change the "Startup Type" drop-down menu
from "Automatic" to "Disabled"
2.
Go to Start > Run and type in
cmd
Click OK
In the command window that opens Copy and Paste the
following commands one at a time exactly as they appear
below and hit the Enter key after each one:
del C:\WINDOWS\svcproc.exe
Press Enter
del C:\WINDOWS\system32\drpmon.dll
Press Enter
sc delete SvcProc
Press Enter
cd C:\windows
Press Enter
nail.exe /FullRemove
Press Enter
then type
exit
Press Enter
3.
Go to Start > Run and type
%temp%
The Temp folder will open.
Click Edit > Select All > Right click the files and press
Delete to delete the entire contents of the Temp folder.
Goto start then run and type
prefetch
delete the contents of this folder
Finally go to Control Panel > Internet Options. On the
General tab under
"Temporary Internet Files" Click "Delete Files". Put a
check by "Delete
Offline Content" and click OK.
Click on the Programs tab then click the
"Reset Web Settings" button. Click Apply then OK.
4.
Run full system scans with both Adaware SE & Ewido and
clear anything found.
5.
Run Ccleaner and remove anything found also use the
issues button and scan for any issues,repair any that are
detected.
Reboot and hopefully that will be the end of it if you
have any problems let me know
Regards
Andy Manc
Download Ccleaner
http://download.ccleaner.com/download120bin.asp
Download Adaware SE & Ewido Security Suite
Ewido .
http://www.ewido.net/en/download/
Adaware SE
http://www.download.com/3000-2144-10045910.html
Update the definitions and run them both after following
these steps.
1.
Go to: Start > Run >Type:
services.msc
Hit Enter
In the Services window, press name to sort them into
order then scroll down for:
System Startup Service (Make sure its the exact name)
Right click it and select "Properties"
Click the "Stop" button, and wait for Windows to stop the
process
Then change the "Startup Type" drop-down menu
from "Automatic" to "Disabled"
2.
Go to Start > Run and type in
cmd
Click OK
In the command window that opens Copy and Paste the
following commands one at a time exactly as they appear
below and hit the Enter key after each one:
del C:\WINDOWS\svcproc.exe
Press Enter
del C:\WINDOWS\system32\drpmon.dll
Press Enter
sc delete SvcProc
Press Enter
cd C:\windows
Press Enter
nail.exe /FullRemove
Press Enter
then type
exit
Press Enter
3.
Go to Start > Run and type
%temp%
The Temp folder will open.
Click Edit > Select All > Right click the files and press
Delete to delete the entire contents of the Temp folder.
Goto start then run and type
prefetch
delete the contents of this folder
Finally go to Control Panel > Internet Options. On the
General tab under
"Temporary Internet Files" Click "Delete Files". Put a
check by "Delete
Offline Content" and click OK.
Click on the Programs tab then click the
"Reset Web Settings" button. Click Apply then OK.
4.
Run full system scans with both Adaware SE & Ewido and
clear anything found.
5.
Run Ccleaner and remove anything found also use the
issues button and scan for any issues,repair any that are
detected.
Reboot and hopefully that will be the end of it if you
have any problems let me know
Regards
Andy Manc