Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > Computer Security > Here to Stay?

Reply
Thread Tools

Here to Stay?

 
 
Bren
Guest
Posts: n/a
 
      02-27-2005
I have now run AVG 7, MS Antispyware (beta), AdAware SE, and Spybot
S&D 1.3; all in Safe Mode, and all reporting clear. However, the Panda
Activescan (online) still reports 2 "spyware infections," in the
Windows Registry.
They are reported as SAHAgent (online shopping?) and Searchcentrix
(toolbar and startpage hijacker). (I have corrected the toolbar and
start page,
with no further trouble).

I have tried all the manual removal methods; Control Panel >
Add/Remove Programs; Windows\xxxUninstall.exe; Windows\System32;
Downloaded Program Files\
{xxx-xxx-xxx}; the Registry - HKLM\\Uninstall, HKLM\\\Run, HKCU\\\Run,
but there are no references to anything suspicious.

Could the antispyware have cleaned them out, but left references to
them in the hidden "_system" folder. And are they stuck there for
ever?
 
Reply With Quote
 
 
 
 
johns
Guest
Posts: n/a
 
      02-27-2005
Niether AdAware or Spybot go beyond removing the
actual programs where they expect to find them. If
those programs are zipped in a file that unzips later
and re-installs the spyware, then AdAware and Spybot
will do their jobs again, but they will never spot the source. Also,
programs like Gain, Gator, etc download
"servers" that will access their home sites and just
download them again and again. Not one of those spyware removal programs out
there is trying to deal
with this. Sort of makes me go Hmmmm? I suspect
that both AdAware and Spybot have great plans for
the future as "needed" purchases. It is not in their best
interest to totally solve the spyware problem. They
just want to make it clear to everyone that there IS a
problem, and we need to BUY something. I see that
as "insider blackmail". My solution is disk imaging,
and make sure you own a computer that can restore
a disk image in a reasonable amount of time. I do
critical backups of working folders, email, etc regularly.
So when I get this crap, I just reimage .. recopy a few
folders, and I'm back up in 30 minutes ... at nearly
40 gigs of data and programs ( AMD 64 ).

johns


 
Reply With Quote
 
 
 
 
Jim Watt
Guest
Posts: n/a
 
      02-27-2005
On Sun, 27 Feb 2005 10:07:27 -0800, "johns"
<(E-Mail Removed)> wrote:

>My solution is disk imaging,


My solution is to find out whats running on the
system and eliminate things that should not be
there. What adaware does not get can be got
by hand.

I found process explorer from www.sysinternals.com
as recomended to me here most useful.


--
Jim Watt
http://www.gibnet.com
 
Reply With Quote
 
Bren
Guest
Posts: n/a
 
      02-28-2005
"johns" <(E-Mail Removed)> wrote in message news:<cvt29h$1kem$(E-Mail Removed)>...
> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns


Hi Johns,

Thanks for the insight given!

Bren.
 
Reply With Quote
 
L;0zT....!
Guest
Posts: n/a
 
      02-28-2005
johns wrote:

> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns
>
>


Have you used the 'immunize' section of Spybot. Not ideal by any means,
but a start I guess.....

--
L;0zT.......!!! Me too!!!

LozT.SouL (at) GMail

Being a robot in my digital domain,
enter my world, feel my pain.
I'm not like other people you might see or you might know.
I made love to a BBC micro.
Touched it on the disk drive, the monitor got hot.
I knew at once I was a mother****ing robot.
Bill Gates from Microsoft, Steven Hawkins voice,
and ****ing Lara Croft....

The GLC.
 
Reply With Quote
 
winged
Guest
Posts: n/a
 
      03-01-2005
johns wrote:
> Niether AdAware or Spybot go beyond removing the
> actual programs where they expect to find them. If
> those programs are zipped in a file that unzips later
> and re-installs the spyware, then AdAware and Spybot
> will do their jobs again, but they will never spot the source. Also,
> programs like Gain, Gator, etc download
> "servers" that will access their home sites and just
> download them again and again. Not one of those spyware removal programs out
> there is trying to deal
> with this. Sort of makes me go Hmmmm? I suspect
> that both AdAware and Spybot have great plans for
> the future as "needed" purchases. It is not in their best
> interest to totally solve the spyware problem. They
> just want to make it clear to everyone that there IS a
> problem, and we need to BUY something. I see that
> as "insider blackmail". My solution is disk imaging,
> and make sure you own a computer that can restore
> a disk image in a reasonable amount of time. I do
> critical backups of working folders, email, etc regularly.
> So when I get this crap, I just reimage .. recopy a few
> folders, and I'm back up in 30 minutes ... at nearly
> 40 gigs of data and programs ( AMD 64 ).
>
> johns
>
>

Make sure spybot is in advanced mode.
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
FAQ Topic - I have a question that is not answered in here or in any of the resources mentioned here but I'm sure it has been answered in clj. Where are the clj archives located? FAQ server Javascript 7 02-10-2007 02:55 PM
FAQ Topic - I have a question that is not answered in here or in any of the resources mentioned here but I'm sure it has been answered in clj. Where are the clj archives located? FAQ server Javascript 0 12-04-2006 12:00 AM
FAQ Topic - I have a question that is not answered in here or in any of the resources mentioned here but I'm sure it has been answered in clj. Where are the clj archives located? FAQ server Javascript 0 10-06-2006 11:00 PM
FAQ Topic - I have a question that is not answered in here or in any of the resources mentioned here but I'm sure it has been answered in clj. Where are the clj archives located? FAQ server Javascript 0 08-09-2006 11:00 PM
Try over here likely more to the point here George Hester Javascript 0 09-30-2004 03:14 AM



Advertisments