[Mayro]

Hi guys, I hate to bug you with questions that seem like there should be a easy awnser, but im having a sever problem trying to remove NAIL.EXE.

Nod32 is classifying it as Win32/Adware.BetterInternet application.

My FRIKIN c:\windows\explorer.exe is what keeps recreating this horrible SOAB.

I just reformated yesterday and thats how I caught this wonderfull .. little... GRR..

Ive always relied on a software fire wall... I just didnt get it installed in time... Now with a combination of Microsoft Spyware, Search and Destroy and NOD32.. I cant get this damn thing off! I am seriously and royaly ticked off. Is there any type of legal action that I can take on these bastages? This is worst than a virus as its a self replicateing soab that has leeched onto my explorer.exe like a parasite. All nod has been able to do is quarentine it ever instance that is made.

I really dont want to have to reformat again... But I guess it would be better to do it now than wait. Although im not sure if id be able to block it anyway as im seeing people getting this all over.

What kind of company would want to sponser such a application? I mean really, I wouldnt buy a damn thing off the vendors who paid into this application.

[Mayro]

Ok, the company is called DIRECT REVENUE and supposable, with this link, http://www.mypctuneup.com/evaluate.php it will remove all this BS...

Quite frankly I dont want to be installing something made by the same people to remove there junk. I find it quit comical that they think that people wouldnt be the least bit afraid of getting more spyware from useing there spyware remover.

[daedal]

Registrant:
Thinking Media LP
275 Madison Avenue
New York, NY 10016
US

Domain name: MYPCTUNEUP.COM

Administrative Contact:
Services, Reg.
275 Madison Avenue
New York, NY 10016
US
+1.8668396164
Technical Contact:
Services, Reg.
275 Madison Avenue
New York, NY 10016
US
+1.8668396164


Registration Service Provider:
DBMS VeriSign,
800-579-2848 x4
Please contact DBMS VeriSign for domain updates, DNS/Nameserver
changes, and general domain support questions.


Registrar of Record: TUCOWS, INC.
Record last updated on 27-Jan-2005.
Record expires on 14-Feb-2007.
Record created on 14-Feb-2004.

Domain servers in listed order:
GLOBE.A.FGREP.NET 64.124.153.8
GLOBE.I.FGREP.NET 64.95.228.8
GLOBE.I.ISPHWY.NET 64.74.242.8
GLOBE.W.ISPHWY.NET 64.192.114.8

[nitrousoxide52]

Use bazooka spyware scanner, it doesn't delete it for you but it tells you how to.

[Sandok]

ya i agree with nitrous, try that...

[Yousaif]

I found a solution that should apply to what you have going on here: http://forums.spywareinfo.com/index....56&hl=nail.exe. It might be your best bet to just follow the instructions to remove nail.exe, especially since you just reformatted.

Incidentally, I have found that forum to be awesome for help in removing nasty malware that normal anti-spyware scans have trouble with.

-Yousaif

[PangingJr]

i think that is a very good virus removal guide Yousaif.

IF you can find a manual removal solution/instruction, try to manually do the removal first. this goes to every viruses removal.
it's better than using a program in many cases.
some virus (and virus-like) removal program may not properly remove the virus,
it could wrongly modify your Windows registry. or program that removes viruses with force could leave other problems in Windows instend.

in most cases, the manual removal solution are came out first.
Defs/Dats files or program updates will be later come out in form of computer programing using the manual removal solution. many of the virus protection products are now provides a manually virus removal instructions along with their new updates or with the virus news.

sometimes would be best to just taking care the bad registry at last, and manually do it. some Run registry keys won't cause any real problem to Windows. but yet, sometimes Windows won't allow you to remove the bad files before removing its registry settings. but a good instruction should give you a step-by-step of how to do it right.


it is very important for today internet computer systems to have virus and other securities protections at all time during using the internet, but in my case i like to use virus program in Report-only mode only when available.

[Mayro]

Thanks guys, I have removed that POS and protected myself from further anoyances with it. I also found that it did indeed make me feel better to call the company and verbaly let them know how much I love there software. Its amazeing what you can do to tell someone off, without useing language that you wouldnt use infront of yer mom

[PangingJr]

okay LOL.
what was the name of the program that causes you had the virus..?

[The_Neon_Cowboy]

I just removed the same crap last night:

It spyware/malware/adware... the only way to remove it is to download spybot, adaware and spyware blaster load an updated them all but don't run them yet. disconnect from the internet run each of the tools. You'll also need an good anti virus program thats updated

#1

spyware blaster 1st. enable all protection and close it's that simple.
then spybot , enable immunization... do a scan remove all threats
the lovasoft adware do a full system scan remove all threats

Delete all files in
c:\windows\temp

Delete all files in
C:\Documents and Settings\***YOUR USER ACCOUNT***\Local Settings\Temp

every time you boot setups run from those locations
Reboot and run an anti virus such as norton that should be able to remove the nail.exe etc.... You may need to install the drive in another PC and sacn it for it to be removed...

Part #2

your not don't yet! the f**** replaces windows files and adjusts secuirty settings so that it can downlod it self over and over as well as the other spyware it installs.....

So you boot your to windows cd....
when prompted to install or use recover console, choose install
it will ask you to agree to the licence agreement F8
then you will give some chioces choose repair install....

it will reinstall windows, ask you only for you cd key and it will leave all you other data in place including windows accounts.... go to windows update download all updates

The final option/ alternative


You can't 100% get rid of it from removal it add/changes over 3 MB! of data in your system registry. It also alters hundreds of files. There is a post i made on this if you want to search when this thing 1st came out. I infected myself and logged the changes...

part 1 and 2 works but it a pain in the arse....You other option is to back up what you need to save format and reinstall windows, update and load the tools i mentioned before for future protection. go to windows update download all updates

[Mayro]

My guess would be a webpage.

[PangingJr]

ok. i thought it just showed up after you installed a program.