In case you've heard about it and are considering doing it, you might want to peruse my experience with it: http://www.dslreports.com/forum/remark,7496334~root=security,1~mode=flat#7497771 . Pete

Your machine is far too clean, in dutch we would say "geen pest aan!" which is double meaning here:
in english it would mean "not interesting at all!" but the other meaning is "no pest around there!"
Was it worth the risk of all those uncertified files installed for ever deep into your system or are they away again now?

Well, Jooske, the whole thing for me was an exercise that attempted to show people what not to do. (Or the consequences if they did).

It was the only way I could think of to do that and since Pete unfortunately isn't wealthy enough to afford a "test" machine....

I'll get it all off later. Still would love to have someone with some know-how packet-sniff the whole thing and report on exactly what gets sent and received.

Scans carrying that much baggage are enough to turn people off all "scans" from the Internet. Pete

Did you try some with the socket spy in Port Explorer? You could run it some time (might grow fast if there is much traffic) Might give some indication.

I sniffed my traffic while doing an on-line scan and it shows NO traffic at all, but instead came up with two false positives...
Dolf

I decided to test it out on a clean machine, and I had a program's uninstall exe identified as a trojan. ::)

I'm sure more false-positives are possible - I should try substituting another file to see if it scans by filename.

Best regards,

-Javacool

I know it does, one of the fp was called capture.dll ;D but it is a legitimate part of Macro Express
Dolf