Could someone please tell me the pro and con of having Tea Timer on - is it worth having on or is it too interfering?
Also, how often should I be clicking on "Immunize?"
Thanks, Grace
Immunize and Tea Timer
Could someone please tell me the pro and con of having Tea Timer on - is it worth having on or is it too interfering?
Also, how often should I be clicking on "Immunize?"
Thanks, Grace
Hello Grace,Originally Posted by GraceM
I always immunize after an update to make sure that the "SD Helper" is blocking all currently known BAD products.
Do you have the Resident "SD Helper" turned on?
I have the "patched" Resident "TeaTimer" running and it mostly does not interfere, only does it's job and warns me about changes to my computer. If I don't /didn't know a change that has tried to happen then I can Deny the Change or not according to the description given and this will hopefully keep my computer safer.
The pro of TeaTimer is that it helps you protect your system. The downside is that you have to know what you are doing when answering the pop-up dialogs issued by TeaTimer's particularly the registry change pop-ups.
In my opinion it is worth having on.
TeaTimer in general:
There are two distinct functions within TeaTimer. One is rule based the other is not:
- TeaTimer Processes Monitor (Rule based).
- TeaTimer monitors processes that are called or initiated in the system. If the process being called or initiated matches a list of known malicious processes in Spypot’s detection files, the process is terminated and an alert is issued to notify you and allow you to make choices as to how to handle the same process during future detections. TeaTimer terminates the application before asking because threats like toll dialers are time critical - they have to be terminated before they can connect.
- TeaTimer Registry Monitor (Not rule based).
- TeaTimer monitors approximately 35 registry keys. If any change is made to one of the registry keys that TeaTimer is monitoring it appears that the change is actually made to the registry. When TeaTimer recognizes that the change has been made it checks to see if there is a stored "Remember this decision" entry that covers the change. If there is, TeaTimer uses that information and just issues a pop-up notification of the action it took. If not a TeaTimer popup dialog is issued. If you "Allow change" the change nothing is done. If you "Deny change" the change the registry change is reversed (note if you exit out of the pop-up dialog it arrears that TeaTimer denies the registry change (reverses it). Checking the "Remember this decision" option during the popup dialog stores the information for that change so that similar changes in the future will be handled automatically. After you answer the pop-up dialog TeaTimer issues a pop-up notification of the action you took.
You cannot reverse any Registry change decisions ("Allow change" or "Deny change") that you make with TeaTimer. You have to redo whatever you were doing so that the Registry change is done again (or manually edit the Registry). That is why it is important to remember that:
- If you allow all changes, you would be no worse off than if I didn't have Teatimer Enabled at all.
- If you deny the wrong change you can adversely affect the stability, functionality and security of your system.
There is currently a bug in TeaTimer 1.4. Portions of TeaTimer's popup dialog overlay the "Allow change" and "Deny change" buttons. On my system the very top edges of the "Allow change" and "Deny change" buttons are showing and I am still able to select the options. I also can check "Remember this decision" since it is visible. If no portion of the "Allow change" and "Deny change" buttons are showing, you can answer TeaTimer's popup dialog (English language version) by pressing "A" on your keyboard for "Allow change" or "D" for "Deny change". If you close the dialog without answering "Allow change" or "Deny change" the registry change is denied. Note that if you close the popup dialog without answering it the registry change will be denied. If you can't deal with the problem that way until it is fixed, you can:
- Apply one of the workarounds found in the following pinned (Sticky) thread that fixes the pop-up dialog so the buttons are visible:
Solution to fix the pop-ups in TeaTimer
http://forums.spybot.info/showthread.php?t=122- Disable TeaTimer as follows:
- Go into Spybot > Mode > Advanced Mode > Tools > Resident.
- Uncheck the following:
- Resident "TeaTimer" (Protection of over-all system settings) Active.
After each time you update Spybot.
You should immunize after each update of Spybot. Go into Spybot > Immunize > then click on the Immunize button at the top of the screen (big green plus sign) even if you receive the following message (see Note #1):
- Information
All known bad products are already blocked.
OK
Note #1: There appears to be a defect in the counting and checking of immunized items within Spybot's immunization process since the introduction of Spybot 1.4. Although the "All known bad products are already blocked" message is issued when you go into Immunize after an update, clicking on the Immunize button sometimes adds additional immunization entries.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Oppressed:
Although Spybot's immunization and Spybot's Resident SDHelper Browser Helper Object (BHO) both help prevent spyware/malware they are separate functions and not interrelated. You should immunize after updating but this not directly associated to the protection offered by Spybot's Resident SDHelper BHO.
Suggested reading:
How Spybot-S&D protects against the installation of Spyware/Malware
http://forums.spybot.info/showthread.php?t=281
Last edited by md usa spybot fan; 2006-01-15 at 19:38.
Getting an answer is one thing, learning is another.
Microsoft Windows XP Home Edition running on a 2.40GHz Intel® Pentium® 4 Processor with 512 MB of RAM and a 533 MHz System Bus.
Thanks for the clarification.
I apologize for the misinformation I posted.
Posting Permissions
Reply With Quote