Spybot question...

SLLAB02

SLLAB02

New Member
I'm using Spybot and whenever it detects a "system registry change", a dialogue box appears asking me to approve it. I'd like to get Spybot to just automatically approve these changes since whenever the dialogue box appears, it appears all F'd up (graphical errors so I can't see which option I'm pressing). Everytime I reinstall Spybot, the same graphical errors occur. Regarding auto-approve for the changes, I can't seem to find any options like that in the settings menu. Any ideas on how to make Spybot automatically approve all of these registry changes OR on how to fix the annoying screwed up dialogue boxes? I'd appreciate it!
 
The point of that feature is to prevent unwanted registry changes. If you're going to just let them all be changed automatically, what's the point of having the Spybot resident installed? Automatically accepting changes completely, and 100% defeats the purpose of having that installed. If this is the case you should rethink having the resident installed. I strongly suggest keeping it installed but if it's bothering you that much, it's your call. If you want some suggestions as to alternatives to Spybot I'd be happy to provide you with them.

Unfortunately, Spybot S&D and Adaware just don't cut it nowadays. When they were first created they did a wonderful job, and still do a good job. But the malware that has been created since then has made those programs difficult to successfully clean a computer. Therefore, you need other programs besides them to protect yourself the best you can. Don't get me wrong, they are still good programs, just very different from what they were when they were created. I'd be curious to see if you have any malware. If you want me to take a look I'd be happy to help you out.

If you want me to check out your computer please download HiJackThis and post a logfile. To do that, please follow these steps:
  1. Download HiJackThis.zip
  2. Unzip it to a permanent directory. This will keep HJT and its backups in a common place. A very good place to put it is C:\HJT
  3. Open HiJackThis.exe and select the option to "Do a system scan and save a logfile"
  4. A notepad window will popup with all the information I need. Please paste its contents in a reply to this thread.
Note: do not attempt to "Fix" anything, as we need to see the entire log.
Also if you have any Startup items unchecked in Msconfig, check those items, reboot, then post a fresh log. HijackThis can not "see" disabled items in Startup.
 
Platinum said:
Unfortunately, Spybot S&D and Adaware just don't cut it nowadays. When they were first created they did a wonderful job, and still do a good job. But the malware that has been created since then has made those programs difficult to successfully clean a computer. Therefore, you need other programs besides them to protect yourself the best you can. Don't get me wrong, they are still good programs, just very different from what they were when they were created. I'd be curious to see if you have any malware. If you want me to take a look I'd be happy to help you out.
Click to expand...


what the heck are you reccomending for spyware and malware in general now...
 
What? There's no need for the attitude. I didn't say don't use them, I said they aren't as good as they used to be so he should consider using other things AS WELL I have posted other tools many times in this forum and I'm sure you have seen them. But, since I'm here to help SLLAB02 I will repost other options. I'm here to help, not deal with obnoxious people who give me an attitude while I'm helping someone, so please mind your own business.

Anyway here is what I suggest:

Make sure you are protected with a known anti-virus software and a firewall

Computer Virus - A computer virus is a dangerous computer program with the characteristic feature of being able to generate copies of itself, and thereby spreading. Additionally most computer viruses have a destructive payload that is activated under certain conditions.

Antivirus software is a type of application you install to protect your system from viruses, worms and other malicious code. Most antivirus programs will monitor traffic while you surf the Web, scan incoming email and file attachments and periodically check all local files for the existence of any known malicious code.

Firewall - an extra layer of security built into computers on a network, which restricts access to systems from the outside world. Firewalls protect against hackers and malicious intruders.

Windows XP will supply its own firewall but it will only monitor traffic in one direction. It does not block outgoing traffic. Simply put, Windows XP contains a mediocre firewall. This firewall is NO replacement for a dedicated software solution.

Recommended Anti-Virus Programs

Avast - Free Edition
AVG Free Version
NOD32

Recommended Firewalls

Sunbelt Kerio Firewall
ZoneAlarm Free Edition

taggif.gif

Next, if they're not already present, I would recommend the download and installation of some of the following anti-spyware programs, and the updating of them regularly. Having only a firewall and anti-virus software is not enough to keep you safe from spyware, as both are mostly weak against the onslaught of spyware today out there on the internet :
  • Ad-Aware SE - Ad-Aware SE is an excellent program against spyware but usually adware. Works well together with Spybot S&D. It's free. A tutorial can be found here.
  • Spybot Search & Destroy - Spybot - Search & Destroy can detect and remove a multitude of adware files and modules from your computer. Spybot also can clean program and Web-usage tracks from your system, which is especially useful if you share your computer. Modules chosen for removal can be sent directly to the included file shredder, ensuring complete elimination from your system. For advanced users, it allows you to fix Registry inconsistencies related to adware and to malicious program installations. The handy online-update feature ensures that Spybot always has the most current and complete listings of adware, dialers, and other uninvited system residents. Spybot S&D goes great together with Ad-Aware SE as a anti-spyware/adware arsenal.

    Version 1.4 has the first native multi-installation scanner, noticeably faster than the previous version during scans, and has improved the tools and updated the interface. Spybot S&D is absolutely free. A tutorial can be found here.
  • Spyware Blaster - SpywareBlaster will add a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. SpywareBlaster is free. A tutorial can be found here.
  • IE Spyad - IE-SPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit innocent-looking sites that aren't actually innocent at all. It basically prevents any downloads, cookies, scripts from the sites listed, although you will still be able to connect to the sites. IE-SPYAD is free. A tutorial can be found here.
  • Spyware Doctor - Spyware Doctor is a top-rated malware & spyware removal utility that detects, removes and protects your PC from thousands of potential spyware, adware, trojans, keyloggers, spybots and tracking threats. Protect your privacy and computing habits from prying eyes and virtual trespassers with the help of Spyware Doctor. This one you will have to pay, but it is worth every penny.
  • Windows Defender (Beta 2) - Free program from Microsoft that helps protect your computer against pop-ups, slow performance, and security threats caused by spyware and other unwanted software. It features Real-Time Protection, a monitoring system that recommends actions against spyware when it's detected, and a new streamlined interface that minimizes interruptions and helps you stay productive.
  • Fire Trust Sitehound - Firetrust introduces the SiteHound Toolbar - the safe way to browse the Internet. With SiteHound, when you browse the Internet, you're shown a warning page every time you go to a site which is a known scam, potentially loads viruses or spyware on to your computer, has questionable content or anything you would not consider reasonable. You are shown a warning page with information about that site. From there you can choose to enter the site or go back. SiteHound is a free add-on to Internet Explorer.
  • WinPatrol - WinPatrol uses a heuristic approach to detecting attacks and violations of your computing environment. Traditional security programs scan your hard drive searching for previously identified threats. WinPatrol takes snapshot of your critical system resources and alerts you to any changes that may occur without your knowledge. You'll be removing dangerous new programs while others download new reference files. This one is free but has a "Plus" version that you can pay for.
  • A-squared - Free version can scan for worms, trojans, dialers and spyware. The non-free version has realtime-monitoring.
  • ewido anti-malware - Highly underrated from the beginning by most critics, ewido anti-malware offers protection from spyware, adware, trojans and dialers. The first time you download it, it will have realtime-monitoring. After the trial, the realtime-monitoring disappears but you will still be able to use it for scanning and removing present infections for free.
  • Spysweeper - Webroot's Spy Sweeper is well known for being one of the better spyware detection and removal programs. A 30-day free trial is available, however, it will not remove any spyware it detects; for that, you'll need to purchase the product.
  • SpywareGuard - An anti-virus program scans files before you open them and prevents execution if a virus is detected - SpywareGuard does the same thing, but for spyware! This one is absolutely free.


    ALERT: Before adding any other Spyware Detection and Removal programs always check the Rogue Anti-Spyware List for programs known to be misleading, mistaken, or just outright "Foistware". You can find the list here.
 
Thanks for the help, I appreciate it!

But keep in mind the main problem here is that when I'm presented with the registry change dialogue, the box looks terribly un-like the way it should. I'm not sure what the problem is, maybe a script error or something...the text is somehow fused and all overlapped into the buttons so I can't tell what it is I'm really pressing. That's the main reason I started this thread.

But here's the logfile. Thanks again.






Logfile of HijackThis v1.99.1
Scan saved at 7:48:08 PM, on 8/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\nvraidservice.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\AIM95\aim.exe
C:\Program Files\Steam\Steam.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Prevx1\PXAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\program files\Hijack This\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://torrent-finder.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.insightbb.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Insight Broadband
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Malicious Scripts Scanner - {55EA1964-F5E4-4D6A-B9B2-125B37655FCB} - C:\Documents and Settings\All Users\Application Data\Prevx\pxbho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [ViewMgr] C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Norton Ghost 9.0] C:\Program Files\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Windows Media Connect 2] "C:\Program Files\Windows Media Connect 2\WMCCFG.exe" /StartQuiet
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [AIM] C:\Program Files\AIM95\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.insightbb.com
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4576/mcfscan.cab
O16 - DPF: {FE0BD779-44EE-4A4B-AA2E-743C63F2E5E6} (IWinAmpActiveX Class) - http://pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Prevx Agent (PREVXAgent) - Unknown owner - C:\Program Files\Prevx1\PXAgent.exe" -f (file missing)
 
Teatimer is a Spybot S&D resident that provides real-time protection against malware. Teatimer is what keeps popping up.
 
Very well, but do you know if there is any way to repair teatimer so that when the window appears that it's actually readable,and not full of visual errors so that I can't see what I'm clicking? That's the reason I started this thread in the first place.
 
If you haven't tried reinstalling, try that. If your resolution is 800x600 that may be the problem too. Sometimes at 800x600 things get covered or cut off.
 
yeah tried reinstalling and didn't work...my resolution is 1152x864. any other suggestions?

This seriously doesn't happen to anybody else?
 
SLLAB02 said:
yeah tried reinstalling and didn't work...my resolution is 1152x864. any other suggestions?

This seriously doesn't happen to anybody else?
Click to expand...

Same thing has happening/is happening to me. I have just grown used to it. That and the fact that I have no idea how to edit my white list/black list (which I wish I could do).
 
You must log in or register to reply here.
Back
Top