Here to Stay?

I have now run AVG 7, MS Antispyware (beta), AdAware SE, and Spybot
S&D 1.3; all in Safe Mode, and all reporting clear. However, the Panda
Activescan (online) still reports 2 "spyware infections," in the
Windows Registry.
They are reported as SAHAgent (online shopping?) and Searchcentrix
(toolbar and startpage hijacker). (I have corrected the toolbar and
start page,
with no further trouble).

I have tried all the manual removal methods; Control Panel >
Add/Remove Programs; Windows\xxxUninstall.exe; Windows\System32;
Downloaded Program Files\
{xxx-xxx-xxx}; the Registry - HKLM\\Uninstall, HKLM\\\Run, HKCU\\\Run,
but there are no references to anything suspicious.

Could the antispyware have cleaned them out, but left references to
them in the hidden "_system" folder. And are they stuck there for
ever?

Bren

Niether AdAware or Spybot go beyond removing the
actual programs where they expect to find them. If
those programs are zipped in a file that unzips later
and re-installs the spyware, then AdAware and Spybot
will do their jobs again, but they will never spot the source. Also,
programs like Gain, Gator, etc download
"servers" that will access their home sites and just
download them again and again. Not one of those spyware removal programs out
there is trying to deal
with this. Sort of makes me go Hmmmm? I suspect
that both AdAware and Spybot have great plans for
the future as "needed" purchases. It is not in their best
interest to totally solve the spyware problem. They
just want to make it clear to everyone that there IS a
problem, and we need to BUY something. I see that
as "insider blackmail". My solution is disk imaging,
and make sure you own a computer that can restore
a disk image in a reasonable amount of time. I do
critical backups of working folders, email, etc regularly.
So when I get this crap, I just reimage .. recopy a few
folders, and I'm back up in 30 minutes ... at nearly
40 gigs of data and programs ( AMD 64 ).

johns

johns

On Sun, 27 Feb 2005 10:07:27 -0800, "johns"
<> wrote:

>My solution is disk imaging,

My solution is to find out whats running on the
system and eliminate things that should not be
there. What adaware does not get can be got
by hand.

I found process explorer from www.sysinternals.com
as recomended to me here most useful.


--
Jim Watt
http://www.gibnet.com

Jim Watt

"johns" <> wrote in message news:<cvt29h$1kem$>...
> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns

Hi Johns,

Thanks for the insight given!

Bren.

Bren

johns wrote:

> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns
>
>

Have you used the 'immunize' section of Spybot. Not ideal by any means,
but a start I guess.....

--
L;0zT.......!!! Me too!!!

LozT.SouL (at) GMail

Being a robot in my digital domain,
enter my world, feel my pain.
I'm not like other people you might see or you might know.
I made love to a BBC micro.
Touched it on the disk drive, the monitor got hot.
I knew at once I was a mother****ing robot.
Bill Gates from Microsoft, Steven Hawkins voice,
and ****ing Lara Croft....

The GLC.

L;0zT....!

johns wrote:
> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns
>
>
Make sure spybot is in advanced mode.

winged