hello i just DLed s&d yesterday.
im researching and updateing my computers security because of malware and something very bad on my computer that i cant figure out what yet.

see here for details on my computers issues, and my HJT log, which reveals no infection.

http://www.cybertechhelp.com/forums/showthread.php?t=167315

http://www.cybertechhelp.com/forums/showthread.php?t=166716


my question is:
why is s&d in my system icon, why is it running all the time?
in most threads i read, people use s&d as a scanner for spyware, and it doesnt run unless u make it run, on demand or how ever. well that was my impression @ 1st.

i read its checking ur browser? im using firefox cause IE sucks.
does this feature do something for firefox? i hope they dont only cover IE, cause everyone knows that is the worst browser of all. lol!.

do i need to turn it OFF?

is going to clash with the other programs im going to be using to fite malware and the like.??

im using nod32 free trail rite now
lavasoft adaware (on demand scanning)


soon im going to use...
spywareblaster
comodo firewall
a HIPS program
maybe switch to avast AV
other anti malware programs and stuff, keylogger finder.


is that thing on S&d in the system trey going to counter anything, and should i DISABLE s&d and use it as a spyware scanner only??
ill let it run all the time if its actually a credible feature that does not clash with anything else im going to be using.

thanks for the helP!

That icon is associated with the running of TeaTimer.

From:

How Spybot-S&D protects against the installation of Spyware/Malware
http://forums.spybot.info/showthread.php?t=281

... TeaTimer is an active protection that monitors changes to certain system Registry keys such as System Startup, ActiveX Distribution Unit, Browser page and Browser Helper Object, etc. When any change is detected to these Registry keys a pop-up dialog is issued asking you to allow or deny the change and if you want TeaTimer to remember the decision. TeaTimer also monitors processes that are initiated in the system. If the process being initiated matches a list of processes in Spybot's detection files, the process is terminated and a dialog is issued to notify you and allow you to make choices as to how to handle the same process during future detections.
If you want to disable TeaTimer:

Go into Spybot > Mode > Advanced Mode > Tools > Resident.
Uncheck the following:Resident "TeaTimer" (Protection of over-all system settings) Active.

thanks for the responce.

so teatimer is the icon running.
is that the only thing it is ?
http://www.spybot.info/en/faq/35.html
this link has mention its 2 tools in 1.

are the 2 tools:
process monitor and registry key monitor?
is the combined tools together the "teatimer"

my MAIN question is not HOW to stop/disable it.

my question:
do i need too?
do i need to stop spybot S&D from always running, and use it as a spyware sweeper/scanner only?...
because it is going to conflict with other programs im thinking about using, such as a HIPS or other active apps like SPYWAREBLASTER and a firewall, or other programs that are credible / trustworthy and are allways running as well.

if this feature is benificial and works better than another freeware of the same thing, with out conflicting with my other apps, i will happily continue to use it.

I am not familiar with HIPS.

SpywareBlaster is actually a passive protection not an active protection. Both SpywareBlaster and Spybot's immunization feature add registry entries to block cookies from some sites, place other sites in the restricted zone and block the download/execution of selected ActiveX scripts. Although there is some overlap in their protection they do not conflict with one another the actually complement one another. TeaTimer does not conflict with this type of protection.

TeaTime will not interfere with your firewall.

There is a possibility that TeaTimer could conflict with other programs that actively monitoring registry changes and either allow you decide if a registry change was legitimate or not (or automatically make that decision on your behalf).

__________

ps: Notice that I just edited this post. So edit does in fact work (for 15 minutes).

its good to hear spywareblaster works with S&D well.

its good to hear i can use a new firewall with no problems. im leaning towards trying comodo firewall 1st, to replace windows built in, inefficient firewall.



hips: intrusion prevention system



i think its a constant process of preventing spyware or changes to the computer. maybe the same thing the teatimer does.

i need to research hips more. i read theres a couple that do a better job than ones that come with programs.
i wonder if HIPS is just another term for what the teatimer is doing.

does teatimer offer browser security? i think thats what a HIPS does. keeps spyware from coming to ur computer before it does.

oK
now i understand what "teatimer" is...
its what is behind the icon, whats happening as it runs...

its the..
1. resident protection-
thats what a HIPS is. browsing protection, helping stop MALWARE from DLing.

2. registry key monitor.
looks for changes on the registry.


3. process monitor.
this is what u see when u go into msconfig and see whats running.


is this correct ?

ok now i get it, thanks for answsering this here:
http://forums.spybot.info/showthread.php?t=19244

in S&D settings, advanced, under RESIDENT,
there is the option to disable, by unchecking the box, sd resident and teatimer.

since i donot use IE, should i disable this? does this feature, SD RESIDENT, have ANY other advantage if i leave it running.

also:
does SD RESIDENT, if disabled, save any system resources?

Evolutionbanjo:

I would like to say that because "SDHelper" is a Browser Helper Object (BHO) it only loads if and when you start Internet Explorer. However, that is not 100% true. Because Windows Explorer and Windows Internet Explorer are integrated, the SDHelper.dll also loads with Windows Explorer (explorer.exe). So I imagine that there are some resources used, although probably insignificant, when "SDHelper" is enabled even if you are not using Windows Internet Explorer.