Ick ick ick!!! I can't get rid of this.
I have XP pro SP2 and a major problem.
I have the latest Adaware, Spybot, Microsoft Beta, and F-Prot Antivirus. I also have an "Aurora" ad keep popping up--and my internet is running slow.
I have switched to Firefox, turned off system restore, turned off all suspicious start up programs in MSCONFIG, booted in safe mode, emptied cookies, temp, %all temp%, Temporary Internet Files, and History of all users on this computer. I ran all programs but Hijack This.
I rebooted in Safe Mode and ran Hijack this. I am familliar with Hijack this and took off all ickies.
BUT, when I reboot back to normal mode and run my antivirus, I get a bunch of suspicious files. My antivirus deletes them, but when I go to C:Windows, I see a "Nail.exe" icon (one of the suspicious files. I delete it, and within 2 minutes, it is back in without even rebooting. There is also the Auro Icon (A White globe with an orange and blue stripe). I delete both, and I get an Icon named Buddy that looks like the Aurora Icon, and the Nail.exe is back.
I have gone into safe mode, emptied everything, ran programs, manually deleted these files...AND EVEN IN SAFE MODE, the Nail.exe and the Aurora/Buddy Icon reappears.
The only problem I have with the Hijack this, is that after each reboot, after the RO and R1 Entries, there is a Hijack Entry :
F-2 Reg:System.ini: Shell=Explorer.exe C:\Windows\Nail.exe.
I keep fixing it, But it keeps comming back.
I have never seen an "F-2" in the Hijack this log. Now my explorer wont work, but at least I have Firefox.
Any ideas would really be helpful!
I have XP pro SP2 and a major problem.
I have the latest Adaware, Spybot, Microsoft Beta, and F-Prot Antivirus. I also have an "Aurora" ad keep popping up--and my internet is running slow.
I have switched to Firefox, turned off system restore, turned off all suspicious start up programs in MSCONFIG, booted in safe mode, emptied cookies, temp, %all temp%, Temporary Internet Files, and History of all users on this computer. I ran all programs but Hijack This.
I rebooted in Safe Mode and ran Hijack this. I am familliar with Hijack this and took off all ickies.
BUT, when I reboot back to normal mode and run my antivirus, I get a bunch of suspicious files. My antivirus deletes them, but when I go to C:Windows, I see a "Nail.exe" icon (one of the suspicious files. I delete it, and within 2 minutes, it is back in without even rebooting. There is also the Auro Icon (A White globe with an orange and blue stripe). I delete both, and I get an Icon named Buddy that looks like the Aurora Icon, and the Nail.exe is back.
I have gone into safe mode, emptied everything, ran programs, manually deleted these files...AND EVEN IN SAFE MODE, the Nail.exe and the Aurora/Buddy Icon reappears.
The only problem I have with the Hijack this, is that after each reboot, after the RO and R1 Entries, there is a Hijack Entry :
F-2 Reg:System.ini: Shell=Explorer.exe C:\Windows\Nail.exe.
I keep fixing it, But it keeps comming back.
I have never seen an "F-2" in the Hijack this log. Now my explorer wont work, but at least I have Firefox.
Any ideas would really be helpful!
