Removing agobot.spoolsrv32

[Bill Sanderson]

Andy - my "snake oil" post was in response to a post from Ed Barba--it was
in no way intended to reflect of any post of yours, or your advice, in this
thread or any other in these groups.

I believe that Microsoft Antispyware, since it has identified this threat,
is capable of removing it--otherwise, why would it identify it, and offer to
remove it? However, in this case it clearly hasn't done the job, so any
solution that Chris cares to accept is fine with me.

I'm glad we both recommended Trend Micro--that should give Chris some added
assurance, if he needs it.

As an MVP, I'm here to get the product tested, and help people get the most
out of the product. I'm not here to claim that Microsoft is perfect, or
that this product is better than another product, or that this forum is the
best place to get spyware problems solved--far from it.

 

[Bill Sanderson]

I wasn't referring to your advice at all.

You are right--we did refer to the same solution--I mentioned the online
scanner, and you the DCE. Frankly, I did the online scan because my
standard post about the DCE is more work for me to post--I don't have it
canned, and each time I end up looking up the DCE url, and the definition
URL, and writing how to put them together.....

Does the DCE also now cover spyware, as the Online scan does? (Yes, I know
this threat is, in fact not spyware--just wondering!)

 

[Ron Chamberlin]

Bill,
I can remember when I used to implicitly 'trust' the first couple of pages
of hits on a search on Google.
That impression ahs changed in the past couple of months.

Ron Chamberlin
MS-MVP

 

[Ron Chamberlin]

Andy,

Whoa! I believe the term 'snake oil' was properly used. There's a lot of
roughage in the spyware, malware, crapware,badware business, and it
sometimes wraps itself into worms, virus, trojans et al. The bad stuff, by
whatever means it's being bad all deserves to get kicked to the curb.
There are some sites and 'programs' that advertise themselves as 'antispy',
and they are, IMVHO, just as obtrusive as a critter and should be kicked to
the curb. That's where the 'snake oil' comes in.

I don't think Bill is here to 'promote' MWAS. I think he's here to help
people, just as you are, as I am, and as several others are that are
becoming regulars. That's what NG's are all about: Helping each other.

Ron Chamberlin
MS-MVP

 

[AndyManc]

Hi Bill sorry for the missunderstanding last night i must
admit i never read all of Ed Barba's posts so my first
impression when reading your and chris's reply was that
you both thought i was advising rogue products and you
thought i was trying to cause more problems for him,but
after viewing all the mail now i realise i got that wrong
and can see you was referring to his mail.

No offence Bill i dont think there is anything wrong with
promoting MS antispy as im interested myself exactly what
this is able to remove,The tricky ones just dont seem to
be getting touched but i suppose even the tried and
tested removers are struggling with the nasty ones too ,I
cannot judge MS Antispy myself as im no longer using it
due to problems i was having when testing it.But realise
its Beta so i am interested in the improvements coming
from MS about this and like to use this forum to keep up
to date with whats going on plus try help out if i spot
something i recognise.

With your question about Trend Micro's Damage clean Up
Engine it targets Worms/Trojans & Visual Basic
Scripts,Java Scripts Etc.. but will not cover spyware.

I know you are doing a great job on here as ive read alot
of your postings so realise you have the users best
interests as your first thought so hope my post didnt
sound offensive.You MVP's are so called as you do this
stuff day in day out so im sure there is alot of users
who are very greatfull for your advise and assistance.I
know about scumware but do not know the Full side of
Microsoft products so i enjoy reading your posts to
educate myself about these things.

I like to keep up to date with These forums to keep
informed of developments on the antispy front plus reply
to a couple of mails here and there but know you deserve
the respect and credit as ive seen your advise working on
here over and over again,So next time i will read all the
postings before assuming you are critising my comments
and i apologise for comments i made.

To Ron(MVP) Im aware i made a mistake on this and know
you are all trying to help each other and appreciate
these so called (Snake oils) are causing alot of problems
for users,Most search engines are full of bogus products
so im well aware these need to be pointed out to users
who might download them when they have a fault after
reading some fake reviews then end up with trojans and
adware they never even knew existed.Theres Loads of these
bogus removers going around
(SpyBlast,VirtualBouncer,SpyBan,Malwhere,
SpySpotter,MyNetProtector) To just name a few but agree
the lists are endless so appreciate you advising people
on this.The term snake oil is new to me but Im from the
UK so maybe its a American thing,I understand the meaning
now though and agree it needs explaining to people


We all have the same goal in mind,to help users who need
assistance and to benefit from each other's experience on
these topics and realised i was unfair in my comments so
wanted to post a letter admitting this.

No offence guys

Keep up the good work

Regards Andy

 

[Bill Sanderson]

Thanks, Andy--no offense taken!
--

Hi Bill sorry for the missunderstanding last night i must
admit i never read all of Ed Barba's posts so my first
impression when reading your and chris's reply was that
you both thought i was advising rogue products and you
thought i was trying to cause more problems for him,but
after viewing all the mail now i realise i got that wrong
and can see you was referring to his mail.

No offence Bill i dont think there is anything wrong with
promoting MS antispy as im interested myself exactly what
this is able to remove,The tricky ones just dont seem to
be getting touched but i suppose even the tried and
tested removers are struggling with the nasty ones too ,I
cannot judge MS Antispy myself as im no longer using it
due to problems i was having when testing it.But realise
its Beta so i am interested in the improvements coming
from MS about this and like to use this forum to keep up
to date with whats going on plus try help out if i spot
something i recognise.

With your question about Trend Micro's Damage clean Up
Engine it targets Worms/Trojans & Visual Basic
Scripts,Java Scripts Etc.. but will not cover spyware.

I know you are doing a great job on here as ive read alot
of your postings so realise you have the users best
interests as your first thought so hope my post didnt
sound offensive.You MVP's are so called as you do this
stuff day in day out so im sure there is alot of users
who are very greatfull for your advise and assistance.I
know about scumware but do not know the Full side of
Microsoft products so i enjoy reading your posts to
educate myself about these things.

I like to keep up to date with These forums to keep
informed of developments on the antispy front plus reply
to a couple of mails here and there but know you deserve
the respect and credit as ive seen your advise working on
here over and over again,So next time i will read all the
postings before assuming you are critising my comments
and i apologise for comments i made.

To Ron(MVP) Im aware i made a mistake on this and know
you are all trying to help each other and appreciate
these so called (Snake oils) are causing alot of problems
for users,Most search engines are full of bogus products
so im well aware these need to be pointed out to users
who might download them when they have a fault after
reading some fake reviews then end up with trojans and
adware they never even knew existed.Theres Loads of these
bogus removers going around
(SpyBlast,VirtualBouncer,SpyBan,Malwhere,
SpySpotter,MyNetProtector) To just name a few but agree
the lists are endless so appreciate you advising people
on this.The term snake oil is new to me but Im from the
UK so maybe its a American thing,I understand the meaning
now though and agree it needs explaining to people


We all have the same goal in mind,to help users who need
assistance and to benefit from each other's experience on
these topics and realised i was unfair in my comments so
wanted to post a letter admitting this.

No offence guys

Keep up the good work

Regards Andy

 

[Ron Chamberlin]

Hi Andy,

<I cannot judge MS Antispy myself as im no longer using it due to problems i
was having when testing it.But realise its Beta so i am interested in the
improvements coming from MS about this and like to use this forum to keep up
to date with whats going on plus try help out if i spot something i
recognise.>
Your assitance is appreciated,as is the help from many of the regulars who
came to ask, and stayed to give.

<You MVP's are so called as you do this stuff day in day out so im sure
there is alot of users who are very greatfull for your advise and
assistance.>
I hope so. After ten years, I hope I've helped someone out there. I know
I've learned a lot.

I know about scumware but do not know the Full side of Microsoft products
so i enjoy reading your posts to educate myself about these things.>

I liken it to a ballet. Sort of 'good fairies v. bad fairies.'

To Ron(MVP) Im aware i made a mistake on this and know you are all trying
to help each other and appreciate these so called (Snake oils) are causing
alot of problems for users>>

Shh!. No problems here. We all have common causes in helping each other and
putting a crimp in the bad guys styles.

<The term snake oil is new to me but Im from the UK so maybe its a American
thing,I understand the meaning now though and agree it needs explaining to
people>
I'm from New England, and we have an overabundance of colloquialisms here.
I grabbed a pretty darn good explanation of "Snake Oil Salesman" from your
cousins down under: http://www.abc.net.au/health/cguides/avoidingquacks.htm
.. In short they walk a very, very thin line in that you end up wanting to
buy the junk, just as some of these popups and sites have it so you, the
user, is the one who agrees to that EULA and allows the junk onto the pc.

No offence guys>

Nah. As long as you're not mad about what my Patriots (Early and current)
did, or the Red Sox.

Ron Chamberlin
MS-MVP

 

[Bill Sanderson]

Nah. As long as you're not mad about what my Patriots (Early and current)
did, or the Red Sox.

Ron Chamberlin

The Red Sox? What did they ever do to anything/one British?

 

[Chris]

I seem to be having some difficulties posting here. Just a quick test post.
Chris

 

[Chris]

Andy,

....snake oil - no disrespect to MS, Trend Micro or the good advisors on this
group, it just seems to me that there is a proliferation of tools appearing
which claim to remove spyware et cetera. Many of these are no doubt
excellent, but I am fearful that *some* may be trojans themselves. Hence my
wish to only use "household names", I'm still a novice in this area and
don't know the good guys from the bad. Given the discussion on this thread
and elsewhere, I'm not alone. Having been unwittingly infected once from an
unknown source, I'm hesitant about exposing myself (or rather my data) to
extra risk.

Chris

 

[Chris]

I'm having great difficulty posting to this group, so apologies if this
appears twice and out of context.

Andy,

....snake oil - no disrespect to MS, Trend Micro or the good advisors on this
group, it just seems to me that there is a proliferation of tools appearing
which claim to remove spyware et cetera. Many of these are no doubt
excellent, but I am fearful that *some* may be trojans themselves. Hence my
wish to only use "household names", I'm still a novice in this area and
don't know the good guys from the bad. Given the discussion on this thread
and elsewhere, I'm not alone. Having been unwittingly infected once from an
unknown source, I'm hesitant about exposing myself (or rather my data) to
extra risk.

Chris

 

[Chris]

it appears that I can only reply to top level posts! Replying in-context
gives me an "unresolved newsgroup" message. (using OE6 in XP)

Bill,

success!

MSAS could only find this problem in normal mode but couldn't fix it - n
safe mode it wasn't picked up. I noted the MSAS registry key and was able to
delete this and the file in safe mode. Thanks to all for their advice.

My point in the inital post (MSAS reported this problem fixed, but then
ignored) was for Beta information feedback aswell as fixing my problem.

Chris

 

[plun]

...snake oil - no disrespect to MS, Trend Micro or the good advisors on this
group, it just seems to me that there is a proliferation of tools appearing
which claim to remove spyware et cetera. Many of these are no doubt
excellent, but I am fearful that *some* may be trojans themselves. Hence my
wish to only use "household names", I'm still a novice in this area and
don't know the good guys from the bad. Given the discussion on this thread
and elsewhere, I'm not alone. Having been unwittingly infected once from an
unknown source, I'm hesitant about exposing myself (or rather my data) to
extra risk.

Hi Chris

If you want to learn how to disinfect and about risks ,
visit some of these
excellent forums. If you follow some of these you can see
yourself what
tools you need.

http://www.merijn.org/forums.html

There is no "walktrough" in this large swamp, but every forum
uses the same tactic to solve a users forum.

1. Run a antivirus app, a lot of users dont have an updated prog

2. Clear out all temporarily folders.

3. Run Adaware and/or Spybot. (and MSAS)

4. Post a HijackThis log.

5. Manual removing. Killbox, About Buster, etc.

6. Post a HijackThis log again, hopefully clean.

7. Advice user about Windowsupdate, Antivirus,
Antispywaresolutions.

Happy computing.

 

[Ed Barba]

Hi Chris, Great to hear that you finally got rid of the problem.. I guess
this is one more battle won in the larger war on spyware.
Ed

 

[Bill Sanderson]

Thanks--glad you got it solved. Microsoft does read (and I pity the
poor.......) these posts and the feedback is noted. These forums serve a
dual purpose--they help users help themselves--i.e. peer support, and they
give Microsoft feedback about the performance of the product in the real
world. Thanks for helping do both!

 

[Ron Chamberlin]

Bill,
One has to cover their bases when defending against the pinstripes.

Ron

 

[Ron Chamberlin]

Andy,

...snake oil - no disrespect to MS, Trend Micro or the good advisors on
this group, it just seems to me that there is a proliferation of tools
appearing which claim to remove spyware et cetera. Many of these are no
doubt excellent, but I am fearful that *some* may be trojans themselves.
Hence my wish to only use "household names", I'm still a novice in this
area and don't know the good guys from the bad. Given the discussion on
this thread and elsewhere, I'm not alone. Having been unwittingly infected
once from an unknown source, I'm hesitant about exposing myself (or rather
my data) to extra risk.

Chris

 

[Ron Chamberlin]

Hi Chris,

...snake oil - no disrespect to MS, Trend Micro or the good advisors on
this group, it just seems to me that there is a proliferation of tools
appearing which claim to remove spyware et cetera. Many of these are no
doubt excellent, but I am fearful that *some* may be trojans themselves.
Hence my wish to only use "household names", >

Tha's exactly why I used the term! Thanks!

<I'm still a novice in this area and don't know the good guys from the bad.
Given the discussion on this thread and elsewhere, I'm not alone.>
May I suggest going to http://www.microsoft.com/athome/security/default.mspx
for best practices. Be sure to watch the video!

Ron Chamberlin
MS-MVP




Having been unwittingly infected once from an