Tech Support Forum - View Single Post - My Hijackthislog....Someone Please Help! I was told to post this here..

sUBs · 05-24-2005, 12:25 PM

Hello again. Sorry to have kept you waiting. Your HijackThis log is much cleaner now.

Yes. We have deleted Nail.Exe file. That windows message is related to a registry entry which we would deal with in this post.

With regards to your other queries, please provide more details about the error messages displayed by NET FRAMEWORK INITIALIZATION & by MSN/AIM MESSENGERS.

Before proceeding, please print this page or copy it to Notepad to help you carry out the instructions. If you have questions about any instruction, please ask before performing it.

Please empty any Quarantine folder in your antivirus program and purge all recovery items in the Spybot program (if you use it) before running this tool.

Download the Mwav virus checker (Use Link 3)

Save it to a folder.
Reboot into Safe Mode.
Double click the Mwav.exe file. This is a stand alone tool and NOT just a virus checker......so it won't install anything.
Select all local drives, scan all files, and press SCAN. When it is completed, anything found will be displayed in the lower pane.
In the Virus Log Information Pane......
Left click and highlight all the information in the Lower pane --- Use &CTRL C &on your keyboard to copy everything found in the lower pane and save it to a notepad file

*Note* If prompted that a virus was found and you need to purchase the product to remove the malware, just close out the prompt and let it continue scanning. We are not going to use this to remove anything...but to ID the bad files.

Once you copy that to a Notepad file...highlight the text and copy it here.

Open HijackThis and click on Scan. Check the following entries (make sure you do not miss any)
Please remember to close all other windows, including browsers then click Fix checked.

F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)

Reboot Windows back into Normal Mode.

Download FindIt's.zip to your desktop

Unzip/extract the files inside to a folder on your desktop.
Open the folder and run FindIt's.bat and wait for notepad to open a text file. Please be patient as it will take awhile for it to finish running
Then post the results here please, along with a fresh copy of HijackThis log.

*Please do not reboot your computer after you have done the FindIt scan. I shall endeavour to get back to you ASAP.
In your next reply, please include:
HijackThis log

Mwav log

Findit's log

05-24-2005, 12:25 PM	#6 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Hello again. Sorry to have kept you waiting. Your HijackThis log is much cleaner now. Yes. We have deleted Nail.Exe file. That windows message is related to a registry entry which we would deal with in this post. With regards to your other queries, please provide more details about the error messages displayed by NET FRAMEWORK INITIALIZATION & by MSN/AIM MESSENGERS. Before proceeding, please print this page or copy it to Notepad to help you carry out the instructions. If you have questions about any instruction, please ask before performing it. Please empty any Quarantine folder in your antivirus program and purge all recovery items in the Spybot program (if you use it) before running this tool. Download the Mwav virus checker (Use Link 3) Save it to a folder. Reboot into Safe Mode. Double click the Mwav.exe file. This is a stand alone tool and NOT just a virus checker......so it won't install anything. Select all local drives, scan all files, and press SCAN. When it is completed, anything found will be displayed in the lower pane. In the Virus Log Information Pane...... Left click and highlight all the information in the Lower pane --- Use &CTRL C &on your keyboard to copy everything found in the lower pane and save it to a notepad file Note If prompted that a virus was found and you need to purchase the product to remove the malware, just close out the prompt and let it continue scanning. We are not going to use this to remove anything...but to ID the bad files. Once you copy that to a Notepad file...highlight the text and copy it here. Open HijackThis and click on Scan. Check the following entries (make sure you do not miss any) Please remember to close all other windows, including browsers then click Fix checked. F2 - REG:system.ini: Shell=Explorer.exe C:\WINDOWS\Nail.exe O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing) Reboot Windows back into Normal Mode. Download FindIt's.zip to your desktop Unzip/extract the files inside to a folder on your desktop. Open the folder and run FindIt's.bat and wait for notepad to open a text file. Please be patient as it will take awhile for it to finish running Then post the results here please, along with a fresh copy of HijackThis log. *Please do not reboot your computer after you have done the FindIt scan. I shall endeavour to get back to you ASAP. In your next reply, please include: HijackThis log Mwav log Findit's log