Well, when I deny it, it keeps popping up. I deleted these 2 things from the HJT because an expert told me so to get rid of the viruses and spyware.

So what do I do to make the popping up of the Spybot - S&D registry change stop?:sad::sad:

Matthew03:


... I deleted these 2 things ...
What two things? What do the TeaTimer dialogs say?

By denying the registry changes there is a good possibility that you are putting back the same registry entries that were deleted to clean up your system.

Matthew03:


What two things? What do the TeaTimer dialogs say?

By denying the registry changes there is a good possibility that you are putting back the same registry entries that were deleted to clean up your system.

These two:
O21 - SSODL: bokpkov - {44211AC0-BB5F-49F3-BD0E-B359FD45A1DD} - C:\WINDOWS\bokpkov.dll
O21 - SSODL: altvxvm - {516941C7-178B-4A05-8652-C2561CB0E290} - C:\WINDOWS\altvxvm.dll

And I still need to delete them in my hard drive.
http://forums.spybot.info/showthread.php?t=25832

Matthew03:


What do the TeaTimer dialogs say?
I'll ask again, "What do the TeaTimer dialogs say?"

From your post here and in the your Malware Removal forum thread (http://forums.spybot.info/showthread.php?t=25832), I assume that the dialogs are response to your attempt to delete these two entries using HijackThis:


O21 - SSODL: bokpkov - {44211AC0-BB5F-49F3-BD0E-B359FD45A1DD} - C:\WINDOWS\bokpkov.dll
O21 - SSODL: altvxvm - {516941C7-178B-4A05-8652-C2561CB0E290} - C:\WINDOWS\altvxvm.dll
If the dialogs indicate that the entry(s) are being deleted, then you should do an "Allow change" if they occur in response to attempting to delete the items. By denying the changes, if they for the deletion of those entries, then you are preventing HijackThis from deleting them.

Sorry..Uhmm..where exactly is the Tea Timer?
I can't find it in the taskbar and I'm not quite sure what it is.
Sorry about this.:sad:

Matthew03:

TeaTimer is the program that is issuing the dialog messages that you are denying. There is an icon in the system notification area of the taskbar labeled "Spybot-SD Resident" that controls certain actions within it.

Oh okay. Sorry about that.

It says:
Spybot-SD Resident
61079 processes blaclisted
App: D:\Program Files\Spybot - Search Destroy\
Data: C:\Documents...

Matthew03:

No. What do the two TeaTimer dialogs say were you are clicking the "Deny change" button?

When you attempt to delete the entries using HijackThis you indicated that you denied some registry changes. Those dialog messages are formatted as follows:


Spybot - Search & Destroy

Spybot - Search & Destroy has detected an important registry entry that has been changed.

Category:
Change:
Entry:
Old data:
New data:
What do those messages say?
Category:
Change:
Entry:
Old data:
New data:

Well sir it's gone now. I followed roberto's instructions.
Renamed the 2 files in safe mode
Then deleted it.
And I'm now scanning my pc for spyware.
If I have problems I'll let you know.

Thanks alot sir.:D::bigthumb:

Matthew03:

No. What do the two TeaTimer dialogs say were you are clicking the "Deny change" button?

When you attempt to delete the entries using HijackThis you indicated that you denied some registry changes. Those dialog messages are formatted as follows:


Spybot - Search & Destroy

Spybot - Search & Destroy has detected an important registry entry that has been changed.

Category:
Change:
Entry:
Old data:
New data:
What do those messages say?
Category:
Change:
Entry:
Old data:
New data:



Okay. This came up again after I scanned my PC with Spybot S&D.

• Category: Shell services
• Change: Value deleted
• Entry: altvxvm
• Old data: {BE19C875-80C1-46AD-A412-41620BF82DD2.....
• New data: *Nothing*

That's what came up.