View Full Version : Resident blocked by Vista UAC
Hello,
I'm a long date user without problem but few days ago, Vista 32 uac started blocking teatimer. I had to acknoledge. I googled for some alignments and finally decided to uninstall and reinstall. Uninstall blocked and never completed.
I reinstall latest version and same problem : UAC doesn't recognize teatimer as valid and I have to acknoledge. Spybot seems to be working properly. I tried to unclick/clik Resident few times without success. UAC always blocks teatimer.
I finally decided to uninstall and reinstalll again. This time I got the message that security center could not be uninstalled as it was not installed with ID 1060 if I remember correctly.
I installed again. Spybot works but teatimer is always blocked by uac. Teatimer was always working as administrator !
What should I do ? I forgot to mention that I installed the updates where I got a new teatimer (1.6.6).
Thanks J
spybotsandra
2010-08-11, 11:50
Hello,
What exaclty do you mean by UAC is blocking the TeaTimer?
Do you get any error message?
Or is the TeaTimer not active?
Did you open Spybot with a right click and choose "run as administrator/take ownership" (http://www.safer-networking.org/en/faq/42.html)?
About the security center integration:
I am sorry, but Windows has updated the WSC and our method to integrate into the security center does not work anymore.
We are working on a fix, that will be available in our next version. There is no release date yet.
Best regards
Sandra
Team Spybot
When I start the computer (and SBSD resident is clicked for being resident) during the boot, UAC asks me to allow or not teatimer.exe. The exact message is : "An unidentified program wants to access to your computer". I then have to click "allow, I trust this program". I didn't have to do that some days ago. UAC was recognizing TeaTimer as a "trustable" program.
If I open Spybot, and then unclick, click Resident, then teatimer runs without a glitch and I do not get the message from UAC. Teatime icon appears in the system tray. So no problem when Spybot is open, problem when he is not.
I indicate "run as an administrator" for all .exe in the Spybot SD directory in the compatibility tab in properties (including TeaTimer.exe). As I said, Spybot is not creating problems, TeaTimer is ... It's like the digital signature is not recognized by Vista.
Thanks J
spybotsandra
2010-08-11, 15:08
I indicate "run as an administrator" for all .exe in the Spybot SD directory in the compatibility tab in properties (including TeaTimer.exe).
So have you also opened Spybot with a righ click from you start menu (not all the exe's in your Spybot SD directory) and then choose run as admin? Then activate the TeaTimer.
Best regards
Sandra
Team Spybot
same result !
I'm not really surprized as clicking "run as an administrator" from properties for SpybotSD.exe or right click "run as an administrator" from start menu is exactly the same thing.
I think the following should mean something : when I open SpybotSD (as always as an administrator) and unclick "resident" then click it again, teatimer starts without UAC's message. When teatimer starts from boot or when I start it manually (with SpybotSD not working), then UAC stops it.
So Teatimer needs Spybot working to pass through Vista security.
Thanks J
As I had problems uninstalling SBSD the first time, I suspect I may have traces in the registry. I searched with regedit for "teatimer" and found multiple entries in user\appdata\local\temp\ like :
is-BQ110.tmp\teatimer166.tmp
is-G17RB.tmp\teatimer166.tmp
is-LFSD3.tmp\teatimer166.tmp
Could it be a problem ?
If I want to really clean every traces of tea timer and or SBSD in the registry do you have a tool or information where data is located ? Doing a clean install may be the answer ...
Thanks J
You won't and I'm not doing my best to help you ..
While in task manager, I noticed I had two huge processes running ... teatimer.exe around 83 XXX K and GHOHATW.scr around but not exactly the same size.
After few searches, I found that this .scr file was in fact Teatimer with just another name. Then I did the following test. I closed SBSD and double clicked teatimer.exe which was blocked by UAC. I didn't execute it. Then I double clicked on GHOHATW.scr and it was NOT blocked by UAC. It perfectly ran.
You can imagine what I did ... I made a copy of GHOHATW.scr renamed teatimer.exe. This file renamed teatimer does not work ! So my UAC doesn't like the name teatimer. If you tell me that I should have a virus or malware, I ran Avira and malwarebytes with no result. So I don't think having a virus or malware ... bu I may be wrong ! Also, if it was blocked by a virus or valware, bloackage would not come from UAC, it would probably just not work.
What does it mean ? what can I do ?
Thanks J
Problem found, but it's not what I expected neither you I imagine.
When I was renamimg the "teatimer.exe" to "teatimer old.exe" this later program was not ran as an administrator. After finding that, I removed the "run as an administrator" option in the properties and everything is now correct.
So be very carefull saying and writing to run teatimer and any other program as an administrator if you really do not need it, because eleveting this type of program brings it through UAC and requires user acceptance.
That was finally simple : NO "run as an administrator" !
J