When the NAIL.exe virus first came out, it seemed that the major antivirus/antispyware software packages were incapable of removing the little bugger. It was easily removed if you knew what it was doing, however, to the novice; it was a pain in the ass. NAIL.exe loads itself with the Explorer shell. Explorer.exe is the GUI (Shell) for Windows. Windows defines the loading of the shell in the registry. Knowing this, you can easily remove NAIL.exe by hitting CTRL+ALT+DEL. Then, using the “Processes” section of Windows Task Manager, right click on “explorer.exe” and choose “end process”. Afterwards, using the Windows Task Manager, choose “File”, “New Task (Run…)”, type “cmd”, then press enter on the keyboard. This will bring up the Command Shell. Now, in the Command Shell, type “cd %systemroot%” and press enter. Then, type “del nail.exe” and press enter. This kills the virus, but we still need to clean up the remnants. So, type “regedit” and press enter. On the left side of the screen, browse to the following location in Windows Registry: HKEY_LOCAL_MACHINE > Software > Microsoft > Windows NT > CurrentVersion > Winlogon. Now, on the right hand side of the screen locate “Shell” and double click the icon. The path to “nail.exe” should be removed, but leave the path to “explorer.exe”…for example: “Explorer.exe, c:\windows\nail.exe” should be changed to read “Explorer.exe”. Using Windows Task Manager, choose “File”, “New Task (Run…)”, type “explorer”, then press enter on the keyboard. This will return the Windows environment that you are so accustomed to using - minus the virus.

 

Nail.exe is now being recognized by the mainstream antivirus and antispyware packages, but the above process comes in handy for those systems unequipped with the latest protection.