Thanks in advance for any help to fixing my computer.

The system32/drivers/spool.exe file got infected with the
"new malware.j" bug after the recent windows
update. I get popups every 30 seconds and my desktop
background changes from my usual wallpaper to some
malware phishing scheme asking me to click on a
phishing link.

Mcafee could not fix the file and now the bug has disabled
the Mcafee firewall on startup.

I've downloaded adware, spybot, and ewido and when I
clicked on the .exe to open them, windows wants me to
choose an appropriate program to open them with.
Therefore, I can't run any of the three programs.

I did an online scan with panda and AVG and cleaned all
the suspicious files, but have noticed no improvement.

I did a system restore from Safe Mode, but whenever
windows runs rstrui.exe, it asks me to choose the
appropriate program so I can't do a system restore.

Arrrrgh. Any help would be greatly appreciated. Thanks
so much.

Go to run-->system32/drivers/ and shred the infected driver. later,u can re-install if necessary.
Go to: www.od3n.net download smart antivirus & scan c:/windows/system32/drivers.

NS.RAM

Hello Windoze321,

Please disable your all Antivirus applications and do not make any click to any pop up by malwares, it may infect your system again.

Download the "HijackThis" Installer from this link:

http://www.trendsecure.com/portal/e...

1. Save " HJTInstall.exe" to your desktop.
2. Double click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5.Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit > Select All" then click on "Edit > Copy" to copy the entire contents of the log.
8. Paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

Post Hijackthis Log in your next reply.

*Do Safe Computing*

Thanks for the quick replies.

I downloaded HijackThis, but when I try to open the exe,
Windows asks me to choose the program.

If I can't run any exe that I've downloaded and I can't do a
system restore due to the restoration program being an
exe, what would the recommendation be at this point?
Should I format the hard drive and reinstall everything?
What if the bug prevents me from formatting, etc?

Thanks for the quick replies.

To clarify my last question: Since I can't run any anti-viral exe's or HiJackThis, should I reformat my C: drive. And is New Malware.J a rootkit or boot sector virus that remains even after a reformatting?

Thanks.

When it asks to choose the program then click Browse button and give the path of Hijackthis EXE file which you downloaded and click Open to Run. It will install Hijackthis.
Now click shortcut of installed Hijackthis to scan, it will ask you again to choose the program,so do same procedure but now give the path of installed Hijackthis EXE file from Program Files\Hijackthis folder. Do system and scan and save the log to post.

let me know..

*Do Safe Computing*

Fix Open with Problem:

Copy following bold text and paste into notepad file.

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\exefile\shell\open\command]
@="\"%1\" %*"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.exe]
@="exefile"
"Content Type"="application/x-msdownload"
[HKEY_CLASSES_ROOT\.exe]
@="exefile"
"Content Type"="application/x-msdownload"

Save this file with the name regfix.reg (registry file) on your desktop. Select Save type as "All files".

Now double click on regfix.reg file from your desktop and click Yes.

Now you can Run EXE files.

*Do Safe Computing*