| | |

Mamakcafe.com Malaysia Forum | Technology  | Property | Web Hosting & Domain | Online Marketing forum

 Forgot password?
 Register with Mamakcafe
BigDomain.my  Free Website Builder dear user, mamakcafe is a free service, please do not be provocative and offensive to others user. if user are found to be offensive, it will be removed from the system and permenently banned
View: 3214|Reply: 0

damaged on xiao.vbs worm on NAV 10 corporate edition

[Copy link]








Rank: 9Rank: 9Rank: 9

Post time: 24-7-2008 12:39 PM
|Show all posts

I've surfed on the internet for weeks on solutions for the corruption of NAV 10 corporate edition but there's no cure, but I have managed to find the registry entries that cause the problems


Besides adding wscript.exe xiao.vbs into registry to allows the worm to auto reload,

Initial infection of Xiao.vbs will disable the auto protections of NAV 10 corporate edition by addiing entries to registry


HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options







NAV 10 CE will not load by showing , Auto protect has been disabled.  And the services.msc in control panel , Symantec Def Watch services will not be able to start ,  eventhough you will not able to re-install the NAV CE 10 also


The solutions is simple, simply change the name to ccapp.exe under "image file execution options" registry or simply remove it. then re-start the services in by going into services.msc  , it will function normally. 


Do  the same with the other files


Please refer to what I did in the picture

registry by xiao.JPG

Use magic Report

RM5.99 Malaysia Domain names with FREE Hosting @ bigdomain.my

Mobile| Archive| Mamakcafe.com a Malaysia Forum | Technology | Property | Web Hosting & Domain | Online Marketing forum , hosted on Bigdomain.my

19-7-2019 06:54 PM GMT+8 , Processed in 0.108158 sec., 24 queries .

Powered by Discuz! X2.5

Release 20121101, © 2001-2019 Comsenz Inc.

MultiLingual version, Rev. 85, © 2009-2019 codersclub.org

To Top