Discussion in 'Internet & Networking' started by Trinity, Jun 27, 2008.

    My sis-n-law has this NASTY virus on her lappy. "Spools.exe". It is a very evil virus!:twisted: I have googled all over for an easy fix, but no dice...:wall: :wall: :wall:

    Short of a reformat,,, How to get the s hit off of her pc...?

    You cannot run any exe. files... And the safe mode delete did not work either...:faint:

    Whoever created this virus needs to be hung by his nuts!:mad:
    really can't run .exe ??

    so, can not enter windows??
    can run hijackthis or not? if can, give the log :)


    could try this,
    1. extract it
    2. run Ansav.exe
    3. choose PLUGINS - DEEP SLAYER
    4. choose TAMBAH TARGET - select spools.exe
    5. press EKSEKUSI!
    6. wait, and it will delete all spools.exe
    Thing is, you cannot even open IE. FF works... but the second you try to run anything... you get this "open with this" prompt, that will not work with anything.:faint:
    Will advise...:wave:
    after can run program, try to do my post previously ;)
    you change regedit.exe to regedit.com,then rusn regedit.com,change the key value of HKEY_LOCAL_MACHINE\Software\CLASSES\exefile\shell\open\command to "%1" %*
    you can run *.exe.
    you can download this tool "System Repair Engineer" and post the scan log here .I think I can help you to clean the Trojan not virus
    If you cannot delete this virus... normaly it's clone itself... so check in TaskManager... disengage the DLL and check on the startup programs... and if you see the virus... put it out... reboot and it can work... i alredy had this virus 2 months ago and i did this for get it out of my system
    u can change all application tat is in .exe to .com and run it~but u should format it after tat~the name spools.exe seems like spoolsv.exe which is for printer function....hehe~~
    best to reformat and start again

    only option is for this sort of virus

    then when you create a new system make a ghost image as backup in case then if she does it again just ghost back

    anything she creates now save it to a separate drive ...

    been doing this for years
    Damn, old thread, but quiet often you can boot into Linux via a live CD, mount the HDD partition in question, then remove the virus with free utils such as AVG or Kaspersky, etc. See this thread for info. Another option is CrunchBang which is a Linux distro based on Ubuntu with some AV software preinstalled.
    Hmm.. That's one way I never considered. Good point! :thumb:

