When I first purchased SD with AV it found some infections. Those were fixed and i have had no infections since. Yesterday when I ran a full scan it said "infections ignored: 8". These are _new and recent_.

I understand that SD believes these to be low level. That is not my question.

How do I get SD to tell me exactly what these 8 new infections are and where they are located? (Name and location.)

Most likely just cookies. A good rule is to clean out cookies and history files (IE) or Private Data (FF) BEFORE scan. This way You eliminate all those 'low level' warnings that seems to freak out some people from time to time.
I general I call these kind of detections for 'advertising threats' as they only seems to be there to show how 'clever' the security app is in detection.
I always use Ccleaner from admin account before any scan, and NOTHING have been detected for more than a year.

The 8 "ignored infections" are not cookies. I use ccleaner also. I delete _all_ cookies, history, and temp files in _every_ acct before running a SDwAV scan. I double check.

Admins, how do I get SDwAV to tell me 1) what and 2) where these 8 _new_ "ignored infections" are?

Have you added anything to the global action list?

There are three possibilities as to why Spyware Doctor is ignoring items.

1. They are harmless cookies.
2. Spyware Doctor cannot remove the threat for now and requires a reboot to remove the threat.
3. The items could be the items in your Global Actions List

Harmless Cookies - Spyware Doctor usually detects any cookies residing in your system during Scans. Sometimes, some of these cookies are harmless and maybe also required by the websites you regularly visit. For either reason, Spyware Doctor will ignore these items during Fix.

Threats - There are threats that Spyware Doctor would require a Reboot in order to remove them. These threats are most likely protected by a running process which stops Spyware Doctor from removing them. During reboot, Spyware Doctor gets the priority to run first amongst other applications, which means Spyware Doctor can delete the infection before they get protected by any running process.

Global Actions List - The items on your Global Actions List at times will be detected by Spyware Doctor but will not be removed during the Fix stage.

To remove items on the Global Action List, follow the procedures below:

1. Launch Spyware Doctor
2. Click on Settings
3. Click on Global Actions List
4. Select the item you wish to delete by clicking on it
5. And click on Remove

I appreciate your response, but it did not answer the question that I asked.

Forget all that stuff about threats, cookies, and Global Action Lists. As I said above, I delete all cookies in all accts (also all temp files and history) before running SDwAV, The GALs have been there since shortly after I purchased the product, they are not recent. And SDwAV did _not_ flag those GALs on previous scans anyway.

But these "ignored infections" are new! And rebooting after running a scan does not remove them, per achen's post. In fact, the number changes: 8, 10, 12, 14, 8 -- it changes every time! Something's up. I want to know what. That's why I purchased this product.

Please answer this question:

How do I get SDwAV to tell me what infections that it has detected but "ignored". (And where they are.)

ohso, could you make sure the checkbox for "Include 'information Only' low-level threats in scan results" is ticked (Settings-> Scan Settings) and then run a scan. Once the scan has completed, could you send me the latest history file and I'll assist you further.

Win XP Home+SP2+updates
SDwAV, ver 5.5.0.204, db 5.09310, 658,826 sigs, av engine 4.4.2
Include info only low level threats is checked.

I logged into all 3 limited user accts, cleaned them with ccleaner, and used switch user to leave them active. I logged into the admin acct, cleaned it with ccleaner, and ran a full scan. It found (again, it's been found before):
Threats
Info & PUAs Adware.NewdotNet (1 infection)
File
C:\System Volume Information\_restore{OA4...

I checked its box and clicked "Fix Checked".
SDwAV brings up a new window:
Congratulations, all infections successfully removed!
Your PC is free from infections! ...
Infections detected: 1
... Infections removed: 1
Failed to remove: 0
Infections ignored: 15 <-----

15 is larger than it has ever been.

I restarted the computer, logged into only the admin acct, and ran an intelli-scan.
"Infections ignored: 8"

> could you send me the latest history file and I'll assist you further.

I saved history to a file. I don't see your email address, so I sent it to support and cc-ed achen at the same address.

Ohso, email sent via PM :)

From the info you provided, it looks like theres a possibility that there is an infection within the System restore.

\_Restore is an area of the hard disk that Windows ME and XP use when automatically backing up files with the System Restore utility.

An infected file could be stored in \_Restore. Infected files in \_Restore will be unable to be removed by Spyware Doctor or other AntiSpyware/AntiVirus products if you have System Restore enabled.

To remove the infected files from \_Restore, the System Restore Utility must be disabled.

Please complete the following steps under the applicable Operating System to disable System Restore.

WinXP

1. Right click the My Computer icon on the Desktop and click on Properties.
2. Click on the System Restore tab.
3. Check mark the box next to 'Turn off System Restore on All Drives'.
4. Click 'OK'
5. Click Yes to restart the computer

------------------------------------

After the PC restarts, run a full scan in Spyware Doctor.
If threats are found after the full scan, click on 'Fix Checked'

Hi
Please remember to repeat the above steps to switch System Restore back on!

> it looks like theres a possibility that there is an infection within the System restore.

It's more than a possibility. SDwAV said it is so. See my earlier post:
"C:\System Volume Information\_restore{OA4..."

> Infected files in \_Restore will be unable to be removed by Spyware Doctor or
> other AntiSpyware/AntiVirus products if you have System Restore enabled.

Two points:
1. SDwAV knows _exactly_ where that file is. I copied that into my post:
"C:\System Volume Information\_restore{OA4..."

2. SDwAV then said, after I clicked "fix it" and _without_ me turning off system restore and restarting,
that it removed the infection:
> Congratulations, all infections successfully removed!
> Your PC is free from infections! ...
> Infections detected: 1
> Infections removed: 1
> Failed to remove: 0

(And, once again, it said:
"Infections ignored: 15")

Why would SDwAV say that it removed the infection in _restore if it did not?
Why do you say that it is necessary to turn off SR and restart?

Remember -- after I ran the full scan I clicked on "fix it" and SDwAV
said that it was fixed. System restore was running at that time, of course.

Then, after reading your post, I turned off sys restore and restarted,
logged into the admin acct, and ran another full scan (2+ hrs).

No infection was found! That means that SDwAV must have removed it
the first time when sys restore was running. Which is exactly what it said it did.

But there were still 15 "ignored infections".

I'm getting the runaround here.
This is the _third_ time I have asked this question.
WILL SOMEONE PLEASE ANSWER THE QUESTION?
How do I get SDwAV to tell me what infections it has detected but "ignored".
(And where they are.)

"Infections ignored: 15"
It has been as high as 18. So far.

Remember:
1. I use ccleaner to clean every acct.
2. These are new. SDwAV did not find them earlier.
3. The number continually changes.
4. But most of all, please remember to answer my question.
Thanks.

Ohso, could you please post a screenshot of the Global Action List.

Once you've completed the screenshot, delete everything in the GAL and run a full scan. See if the ignored items are displayed.

Ignored items will not show up in the list as they have been set to be ignored by SD, but a value is still provided so users know that an item/s have been detected. In most cases, they are items in the GAL. If you have a certain website added to the GAL, then all cookies, temp files, any items associated with this site will show up as ignored.

I emailed the screen shot file of the GALs that you requested to you.
There are only six files listed in the GAL. They are the .exe's for:
AdSubtract Pro ver 2.55
Comodo Firewall Pro ver 2.4.18.184 (2 files)
ccleaner ver 1.4.544
AdAware SE Plus ver 1.06r1
MS Process Explorer 11.04

I started out by deleting all GALs. I then ran intelli-scan and it showed 0 ignored infections. When I previously had all six GAL it showed 8-18.

I then added them back one at a time and ran an intelli-scan.

With only the AdSubtract GAL it showed 2 ignored infections.
With only the two Comodo Firewall GALs it showed 6 ignored infections.
With only the ccleaner GAL it showed 0 ignored infections.
With only the adaware GAL it showed 0 ignored infections.
With only the MS process explorer GAL it showed 0 ignored infections.

I then put all six GALs back in and ran a full scan. It showed _18_ ignored infections.

> If you have a certain website added to the GAL

I have no websites in the GAL, only .exe files of the processes that I want SDwAV to ignore.

> then all cookies, temp files, any items associated with this site will show up as ignored.

I generally run ccleaner before running SDwAV.

Q: What is it about AbSubtract and Comodo Firewall that cause SDwAV to say that there are "Ignored infections"?

It is absolutely bizarre that when I do _not_ have them in the GAL that SDwAV finds NOTHING, but when I put them in the GAL then SDwAV says there are 8 "ignored infections" between them.

1) The purpose of putting them in the GAL is to tell SDwAV to IGNORE them!
2) When they are not in the GAL, SDwAV finds NOTHING.
3) But when they are in the GAL, SDwAV finds "8 ignored infections".
This is *ss-backwards! Why is this happening?

There is a very important principle here. SD should _never_ tell a customer that there is _any_ kind of infection without at least giving the customer the ability to see what those infections are (and where they are).

AdAware does precisely that. After a scan there is a tab called Negligible Objects that the customer may click on if they want to see what AdAware found but did not quarantine.

Anthony, any answer as to why SDwAV shows "infections" when I tell it to _ignore_ files/processes by putting them in the GAL?

But when there is nothing in the GAL (that means it doesn't ignore anything) it finds _no_ infections.

That's backwards.

Presumably SDwAV is looking at all the same files when it does the scans. Well, I hope it is anyway.

Yesterday I emailed the history file that you also requested. I also downloaded and installed the new .212 version. A full scan shows "14 ignored infections" but it won't say what and it won't say where.

The new version works well with no apparent problems. Well, except when I (infrequently) log into the admin acct it seems to run quite a while. I'm not sure what's happening there, but since I don't do that often it's not a problem.

Thanks for your feedback.

SD works on the principal that only infections should be ignored otherwise there should not be a need to ignore it.

And so by this principal, if you add something safe in there, for example, the items which you have added which are not infections, then SD will presume they are infections since they are in the GAL and show them as ignored infections.

If items are in or not in the GAL, SD will still scan the file and consult with GAL whether to ignore the items or not.

> SD works on the principal that only infections should be ignored otherwise there should not be a need to ignore it.

That "does not compute". Please say again another way.

> And so by this principal, if you add something safe in there, for example, the items which you have added which are not infections, then SD will presume they are infections since they are in the GAL and show them as ignored infections.

This doesn't compute either. "if you add something safe in there ... then SD will presume they are infections." You just said that when I add something safe that SD will presume "they are infections." That makes no sense at all.

> If items are in or not in the GAL, SD will still scan the file and _consult with GAL whether to ignore the items or not_.

This is precisely my point. They are in the GAL but SD does NOT ignore them. SD reports them as infections. These are COMMON commercial products, e.g., ccleaner (millions of installs), Ad-Aware, AdSubtract, and Comodo Firewall.

What I do NOT know, since SD refuses to tell users/customers, is what ELSE it has noticed, besides these items, that it is calling an "infection". This is a major concern.