Need Help Removing SpyWare and Agobot.spoolsrv32

G

Guest

Good day,

I'm trying to help my Dad with a SpyWare and virus problem. He has a
Windows XP system. Here's what I've tried so far:

(1) Disconnected PC from Internet
(2) Installed beta version of Microsoft Anti-Spyware software
(3) Disabled System Update
(4) Ran the Anti-Spyware program -- this identified two problematic "items"
(Lookingfor (dialer) and Agobot.spoolsrv32). I removed each of these.
(5) I rebooted and re-ran the Anti-Spyware software. No problems detected.
(6) Re-enabled System Update
(7) Turned PC off, reconnected to the Internet
(8) Rebooted.

After these steps, everything seemed fine as my Dad used the machine
yesterday (he had turned on and off a couple of times after things were
fixed, and no problems cropped up). This morning, the problem is back. His
desktop is black with the Spyware message box and the Anti-Spyware software
is flagging the Lookingfor (dialer) and Agobot.spoolsrv32 issues again.

Help! Any suggestions on how to fix this problem more permanently would be
most welcome. I can't figure out if the PC is getting reinfected by sites
that my Dad is visiting after we cleaned it, or if it's a different problem
in play. Thanks in Advance.
 
W

writetoamh

I wanted to suggest this great site called I hate spyware. It has a lot
of great information on. The guy that runs it is super nice, and will
answer any questions you have if you email him. Here is the link:

http://amarillocomputerguy.com/

Hope this helps some people!
 
D

David H. Lipman

From: <[email protected]>

| I wanted to suggest this great site called I hate spyware. It has a lot
| of great information on. The guy that runs it is super nice, and will
| answer any questions you have if you email him. Here is the link:
|
| http://armadillocomputerguy.com/
|
| Hope this helps some people!

It is not a great site and what information I provided Rona is *more* informative and
assistive in that one post than that whole site.
 
D

David H. Lipman

From: "Rona" <[email protected]>

Rona:

I received your feedback from Clay at Claymania.com. I am glad Ssyscleand and Stinger
corrected the Internet worms you were infected with.
 
G

Guest

I wanted to add that this post was extremely heplful, it saved me a lot of
time running around trying to get answers. Thanks -Dee

David H. Lipman said:
From: "Rona" <[email protected]>

| Good day,
|
| I'm trying to help my Dad with a SpyWare and virus problem. He has a
| Windows XP system. Here's what I've tried so far:
|
| (1) Disconnected PC from Internet
| (2) Installed beta version of Microsoft Anti-Spyware software
| (3) Disabled System Update
| (4) Ran the Anti-Spyware program -- this identified two problematic "items"
| (Lookingfor (dialer) and Agobot.spoolsrv32). I removed each of these.
| (5) I rebooted and re-ran the Anti-Spyware software. No problems detected.
| (6) Re-enabled System Update
| (7) Turned PC off, reconnected to the Internet
| (8) Rebooted.
|
| After these steps, everything seemed fine as my Dad used the machine
| yesterday (he had turned on and off a couple of times after things were
| fixed, and no problems cropped up). This morning, the problem is back. His
| desktop is black with the Spyware message box and the Anti-Spyware software
| is flagging the Lookingfor (dialer) and Agobot.spoolsrv32 issues again.
|
| Help! Any suggestions on how to fix this problem more permanently would be
| most welcome. I can't figure out if the PC is getting reinfected by sites
| that my Dad is visiting after we cleaned it, or if it's a different problem
| in play. Thanks in Advance.

MS Anti Spware is insuffisient and is not a virus removal software adequate for AGOBot
worms.


Dump the contents of the IE Temporary Internet Folder cache (TIF)

start --> settings --> control panel --> internet options --> delete files

1) Download the following four items...

McAfee Stinger
http://vil.nai.com/vil/stinger/

Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp

Latest Trend Pattern File.
http://www.trendmicro.com/download/pattern.asp

Ad-aware SE (free personal version v1.05)
http://www.lavasoftusa.com/

Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")

Download SYSCLEAN.COM and place it in that directory.
Download the Trend Pattern File by obtaining the ZIP file.
For example; lpt492.zip

Extract the contents of the ZIP file and place the contents in the same directory as
SYSCLEAN.COM .

2) Update Ad-aware with the latest definitions.
3) Disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
4) Reboot your PC into Safe Mode [F8 key during boot]
and shutdown as many applications as possible.
5) Using Trend Sysclean, Stinger and Ad-aware, perform a Full Scan of your
platform and clean/delete any infectors/parasites found.
(a few cycles may be needed)
6) Restart your PC and perform a "final" Full Scan of your platform using the three
utilities; Trend Sysclean, Stinger and Adaware
7) Re-enable System Restore and re-apply any System Restore preferences,
(e.g. HD space to use suggested 400 ~ 600MB),
8) Reboot your PC.
9) Create a new Restore point

* * Please report your results ! * *
Click to expand...
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Spyware Infection Notice -- NEED HELP 10
spyware removal help 4
Spyware 3
annoying adware and spyware 1
Recent spyware attack 2
Need help with spyware/adware 4
cant get rid of anti-spyware or message 4
Spyware/virus infection 2

Top