My sis-n-law has this NASTY virus on her lappy. "Spools.exe". It is a very evil virus! I have googled all over for an easy fix, but no dice... Short of a reformat,,, How to get the s hit off of her pc...? You cannot run any exe. files... And the safe mode delete did not work either... Whoever created this virus needs to be hung by his nuts!
really can't run .exe ?? so, can not enter windows?? can run hijackthis or not? if can, give the log -------------------------------------------------------- could try this, 1. extract it 2. run Ansav.exe 3. choose PLUGINS - DEEP SLAYER 4. choose TAMBAH TARGET - select spools.exe 5. press EKSEKUSI! 6. wait, and it will delete all spools.exe
Thing is, you cannot even open IE. FF works... but the second you try to run anything... you get this "open with this" prompt, that will not work with anything.
http://securityresponse.symantec.com/avcenter/UnHookExec.inf save as, then right click, install, try to run program
you change regedit.exe to regedit.com,then rusn regedit.com,change the key value of HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command to "%1" %* you can run *.exe. you can download this tool "System Repair Engineer" and post the scan log here .I think I can help you to clean the Trojan not virus
If you cannot delete this virus... normaly it's clone itself... so check in TaskManager... disengage the DLL and check on the startup programs... and if you see the virus... put it out... reboot and it can work... i alredy had this virus 2 months ago and i did this for get it out of my system
u can change all application tat is in .exe to .com and run it~but u should format it after tat~the name spools.exe seems like spoolsv.exe which is for printer function....hehe~~
best to reformat and start again only option is for this sort of virus then when you create a new system make a ghost image as backup in case then if she does it again just ghost back anything she creates now save it to a separate drive ... been doing this for years
Damn, old thread, but quiet often you can boot into Linux via a live CD, mount the HDD partition in question, then remove the virus with free utils such as AVG or Kaspersky, etc. See this thread for info. Another option is CrunchBang which is a Linux distro based on Ubuntu with some AV software preinstalled.
