 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
Windows Server Forum / Windows NT / Setup / October 2003virus damage help please
A hoax mircosoft email containing a virus has been opened on my NT4 workstation. Pandasoft antivirus software recoginised the virus and appears to havea system file. I can no longer run .exe files --- I get the message windows cannot find nxinbwy.exe Is this a denial of service virus ? Or is this a genunine system file that needs replacing. Where can I get a copy of this file ? Thanks for your help. Did you spell that exe correct? nxinbwy.exe gets zero hits in the knowledge base or on google. Did pandasoft give you the name of the virus? You should try to get a cleanup utility from pandasoft or some place like symantec.com. Hope this helps,  SignatureRyan Anderson MCSE Directory Services ===================================================== When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. Please do not send e-mail directly to this alias. This alias is for newsgroup purposes only. ===================================================== This posting is provided "AS IS" with no warranties, and confers no rights. > A hoax mircosoft email containing a virus has been opened > on my NT4 workstation. [quoted text clipped - 12 lines] > > Thanks for your help. Virus probably messed up open command for .exe file association to something like: "nxinbwy.exe" "%1" %* This is one of common used virus launching procedure, removing of virus file is not enough, you need to repair your .exe file association too (and eventually also all .com and other executable extensions, but most of viruses are working only with .exe extension). If you are able to run regedt32.exe (eventually make copy of this file as regedt32.com and try to run this copy), you can repair manually default value in key: HKEY_CLASSES_ROOT\exefile\shell\open\command to "%1" %* if you are not able to run registry editor, create file with .reg extension and paste following text to it. Browse to this file and double click on it or choose join from context menu: REGEDIT4 [HKEY_CLASSES_ROOT\.exe] @="exefile" "Content Type"="application/x-msdownload" [HKEY_CLASSES_ROOT\exefile] @="Aplikace" "EditFlags"=hex:d8,07,00,00 [HKEY_CLASSES_ROOT\exefile\DefaultIcon] @="%1" [HKEY_CLASSES_ROOT\exefile\shell] [HKEY_CLASSES_ROOT\exefile\shell\open] "EditFlags"=hex:00,00,00,00 [HKEY_CLASSES_ROOT\exefile\shell\open\command] @="\"%1\" %*" luck George alistair wright <anonymous@discussions.microsoft.com> p?se v diskusn?m p??sp?vku:0ccf01c39d63$ba129910$a501280a@phx.gbl... > A hoax mircosoft email containing a virus has been opened > on my NT4 workstation. [quoted text clipped - 12 lines] > > Thanks for your help. |
Reply to this Message |
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.