Hello bitman,
Thank you for the instructions. I will follow them when I return home later today.
Re the TeaTimer. I had originally disabled it after discovering the display issue but turned it back on after applying an automated patch given in the relevant sticky thread. I also turned it back on after the last SpyAxe Removal process was completed. It seems to be doing it's job but I really don't know for sure?
Would it be okay to use the patch again after the reinstall?
O
Absolutely, I just didn't want to confuse you with the added instructions so I left it out.
A simple way to test that TeaTimer is operating is to tick/untick the SDHelper - Bad Download Blocker selection while Teatimer is operating. This will cause a notification dialog box that you should accept in all cases. It will also show up in the TeaTimer Resident Log once you exit and re-enter the Resident screen in Spybot.
I also found that turning off/on my Norton/Symantec antivirus real-time monitoring services caused a similar warning I could use to test TeaTimer. These are useful things to help your understanding of what's normal and what's not when using TeaTimer.
Thanks bitman
Oppressed I see bitman's sorting you out regards spybot
By the way, If I want to check the various real-time monitoring programs are working, I go to Tools > internet options > and change the Homepage... to be immediately met with pop-ups from Spybot, spywareguard, Microsoftantispyware ...
The guest account is normal and is created during the install of XP...Originally Posted by Oppressed
When you boot XP, does it go to a welcome screen, with a choice of accounts or straight to your only account. Because if your husbands account is the only one you see in user accounts, it looks as though you and your husband are sharing the same account and you do not have separate accounts.
steam
Thanks for the help bitman
I encountered a message from Teatimer both times and an additional one from Microsoftantispyware one of the time only. When I unticked I did not see a Deny button but when I re-ticked I did.
I think I need a super easy to understand tutorial for using the TeaTimer. One I can put on a sticky note, LOL :o
This whole mess has left me wondering about the appropriate use of the "Deny" button is. I just can't seem to shake this hole I have in my logic when it comes to using this productFor whatever reason I don't seem to be able to develope correct connections to the choices I'm being asked to make?
(Sadly a slight case of brain damage here that, at the most inopportune times, wreaks havoc with my greymatter)
Hi steam,Thanks bitman
Oppressed I see bitman's sorting you out regards spybot
By the way, If I want to check the various real-time monitoring programs are working, I go to Tools > internet options > and change the Homepage... to be immediately met with pop-ups from Spybot, spywareguard, Microsoftantispyware ...
The guest account is normal and is created during the install of XP...
When you boot XP, does it go to a welcome screen, with a choice of accounts or straight to your only account. Because if your husbands account is the only one you see in user accounts, it looks as though you and your husband are sharing the same account and you do not have separate accounts.
steam
Thanks for letting me know about the "Guest" Account.
I tried the homepage test and found Norton, Microsoftantispyware and TeaTimer pop-ups. TeaTimer would ONLY let me Allow; a Deny response kept the window repeating the same way it did when I lost the SD Helper. Even though I didn't want to change my Homepage the Allow made sure I did; after I had to repeat the process to change it back
Re the Welcome Screen, the only time a choice is offered is when I am going to Safe Mode, Admin or not. I guess it is best there is only one Account and it is Admin because it simplifies my life somewhat
Thanks again for all your patient help bitman & steam
The simplest approach would be....I think I need a super easy to understand tutorial for using the TeaTimer.
If you are installing a program, accept everything, or turn teatimer off first to avoid the popups...
If you are changing something like your homepage yourself ... then accept it...
If you are surfing the web and you suddenly get a popup ... deny ... but if you are in any doubt whether you should have denied it or not ...make a note of the URL and the exact change noted in the message, and post it on a forum for advice...
I think the most probable cause of this is that you have the homepage locked...I tried the homepage test and found Norton, Microsoftantispyware and TeaTimer pop-ups. TeaTimer would ONLY let me Allow; a Deny response kept the window repeating the same way it did when I lost the SD Helper. Even though I didn't want to change my Homepage the Allow made sure I did; after I had to repeat the process to change it back
In spybot > tools > IE Tweaks > do you have "lock IE startpage setting against user changes" ticked ?
If it isn't, then it is probably a similar button in one of your other programs...
steam
Thank you again for your help steam
I looked in the location that was given and the Box is not ticked so it must be, as you stated, something similar in another program
Oh Crap!!!
Just when I thought it was safe ...
Hi ... I'm back ...
I just updated my ewido definitions and completed(?) a scan:
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 2:48:46 PM, 04/01/2006
+ Report-Checksum: 6790D966
+ Scan result:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724510c3-f3c8-4fb7-879a-d99f29008a2f} -> Hijacker.SpyAxe : Cleaned with backup
HKU\S-1-5-21-3631192919-4047014472-3028651874-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{724510C3-F3C8-4FB7-879A-D99F29008A2F} -> Hijacker.SpyAxe : Cleaned with backup
::Report End
------------
As soon as the scan completed the TeaTimer popped up indicating that:
Spybot - Search & Destroy has detected an important
registry entry that has been changed.
Category: Browser Helper Object
Change: Value deleted
Entry: { 724510c3- f3c8-4fb7- 879a- d99f29008a2f }
I am only given the "Allow change" and "Remember this decision." options along with the "?" and "Info" buttons.
I notice that this is the same series of numbers, (lower case) letters and dashes as one of the objects ewido found and cleaned. This is ALSO one of two of the registry entry changes that occurred the last time when the TeaTimer popped up unexpectedly.
Did I just lose my SD Helper again?
Should I "Allow change"? Right now the window is sitting waiting on my screen under this one :-/
Gosh ... aren't those are the same objects that ewido cleaned the last time ...
+ Scan result:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724510c3-f3c8-4fb7-879a-d99f29008a2f} -> Hijacker.SpyAxe : Cleaned with backup
HKU\S-1-5-21-3631192919-4047014472-3028651874-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{724510C3-F3C8-4FB7-879A-D99F29008A2F} -> Hijacker.SpyAxe : Cleaned with backup
Allow the change, you want it deleted, Spybot is remembering earlier registry entries in a snapshot database it keeps. Apparently this wasn't cleared when you uninstalled, I thought it was.
- Right click the TeaTimer icon in the System Tray.
- Select Settings from the pop-up.
- Click each of the 4 buttons across the top and make sure they're empty, especially the Registry ones.
- Delete any remembered entries by clicking the little 'X' at the far right of the line.
- Click OK to exit the box.
- Now right click the icon again and click Exit S&D Resident. Do NOT restart it.
- Run another Ewido scan and remove anything bad it finds.
- Restart TeaTimer by clicking on the file or Restarting your computer.
If Spybot complains about the changes again, accept them, you want it to allow the bad entries to be removed.
Hi bitman,
Thanks for the prompt reply
All the areas were already empty. Unless something was hidden?
I have done the Exit S&D Resident as requested and will now run another ewido scan.
Back in about 15 - 20 minutes
Posting Permissions
