jmorlan

Members
  • Content Count

    6
  • Joined

  • Last visited

Community Reputation

0 Neutral

About jmorlan

  • Rank
    Newbie

Profile Information

  • Location
    Pacifica, California
  1. Ad-Aware SE Build 1.06r1 Logfile Created on:Saturday, December 08, 2007 6:40:32 PM Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R207 03.12.2007 ....reported this item: Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Adware.Agent Object Recognized! Type : Regkey Data : TAC Rating : 5 Category : Adware Comment : Rootkey : HKEY_CLASSES_ROOT Object : clsid\{3f2bbc05-40df-11d2-9455-00104bc936ff} Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 1 I found the same clsid at: HKEY_CLASSES_ROOT\ecloaker.DocHostUIHandler\Clsid and... HKEY_CLASSES_ROOT\flockbox.DocHostUIHandler\Clsid SuperAntiSpyware did not detect this key. Is this a false positive?
  2. Yes, I noticed that. Only I was up to almost 40000 after only one scan. It seems like a memory leak to me.
  3. As others have pointed out, you have to set the service to "manual." Then it will start when you invoke Adaware. If you set it to "disabled" then you are correct, Adaware will not start.
  4. My guess is that it's there to make migration to pay versions easier. It's all one program now, and whether free or pay depends on how it's registered and activated. You can set the service to manual in Control Panel so it won't start automatically when your computer starts. Then if you want to do an on-demand scan, AdAware will load the service before it loads the program. Unfortunately, after you are done scanning and exit the program, the service will still be running. As you point out, it doesn't do anything or provide any protection in the free version as far as I have been able to determine. But you can stop the service in task manager or via a batch file. Specific instruction on how to make a batch file to do this is here FWIW, on my system the service eats close to 40 MB after a scan.
  5. This is from the log: Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Win32.Trojan.Agent Object Recognized! Type : Regkey Data : TAC Rating : 10 Category : Data Miner Comment : Rootkey : HKEY_CLASSES_ROOT Object : appid\bho.dll Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 1 Objects found so far: 1 The "jump to key" feature doesn't seem to be working for me, but here is the value: Windows Registry Editor Version 5.00 [HKEY_CLASSES_ROOT\AppID\BHO.DLL] "AppID"="{59AEAD8A-6822-4794-AF2E-8CC27312E26E}" I tracked that value to what I believe is the Snagit IE plugin. Please let me know if you need any other information.
  6. I believe this detection of a regkey is a FP for SnagIt. Name:Win32.Trojan.Agent Category:Data Miner Object Type:Regkey Size:39 Bytes Location:appid\bho.dll\ Last Activity:10-29-2006 Relevance:Low TAC index:10 Comment: Description:Win32.Trojan.Agent may download and install adware program(s) to the victim machine. May change configurations for Windows Explorer and for Windows interface. Using: Reference Number : SE1R125 06.10.2006 Internal build : 154 Note: The link to the TAC for Win32.Trojan.Agent is a dead end. I left the key pending further information. Please advise.