Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Spybot S&D


  • This topic is locked This topic is locked
19 replies to this topic

#1 doctorphibes

doctorphibes

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 09 September 2009 - 01:31 PM

I was wondering if anyone thinks its a bad idea to untick Tea Timer on the autoruns.exe because everytime I pull up task manager Tea Timer seems to be quite a resource hog.
Any thoughts?
Thanks in advance

Edit: Moved topic from XP to the more appropriate forum. ~ Animal
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

BC AdBot (Login to Remove)

 


#2 Keith Fawcett

Keith Fawcett

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 09 September 2009 - 02:07 PM

It's not entirely necessary. If you have anti-virus software running you should be OK.

#3 doctorphibes

doctorphibes
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 09 September 2009 - 02:21 PM

Thanks for your response as I'm not entirely sure what the function of Tea Timer is, and thank you Animal for moving my post to the proper forum. Sorry about that.
Take care.
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

#4 joseibarra

joseibarra

  • Members
  • 1,083 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Downstairs
  • Local time:09:16 AM

Posted 09 September 2009 - 02:21 PM

More shocking (to me) is the amount of Virtual Memory it uses.

In Task Manager, click View, Select Columns and tick the Virtual Memory Size to enable the column.

You may have to expand your TM box a bit...

Click the VM Size column header to sort by size - who's on top?!

Spybot lost it's luster with me a long time ago, but some people really like it.

TeaTimer:

http://www.safer-networking.org/en/faq/33.html

Edited by joseibarra, 09 September 2009 - 02:24 PM.

The mediocre teacher tells. The good teacher explains. The superior teacher demonstrates.


#5 doctorphibes

doctorphibes
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 09 September 2009 - 03:07 PM

Yes I can imagine, t's a hog alright. I keep it around for a backup but I already have Mbam and I'm not sure if you can get that for free anymore. Since I have a malware scanner in my security suite is I'll keep mbam since it doesn't seem to do anything unless you ask it to and I'll uninstall spybot then re-download the spybot .exe file to my desk top and leave it unopened in case I ever get one of those bad ones like the rootkit that has been going around and disabling all your protection. Then hopefully spybot will open and work. I don't know if it's feasible but it's worth a try I guess. I'll do the same with mbam if I can find it free anywhere. If not I'll keep it active(for lack of a better way to put it). The only problem is that when they're in that state you can't update. If I run into the aforementioned situation will the rootkit or trojan shut it down before I can update? A dilemma to be sure.
Thanks for the response Jose,
doc
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

#6 Bambo

Bambo

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:03:16 PM

Posted 09 September 2009 - 03:14 PM

If that type of protection is considered necessary it would probably be better to get advanced pro-active system monitoring superdeluxe firewalls like Comodo, Online Armor, Outpost, Privatefirewall or whatever they are called. See a pinned post or 2. Free of charge and likely do a better job of catching what cannot be catched through normal defenses - even if AV say so ;)

#7 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:16 AM

Posted 09 September 2009 - 03:18 PM

Malwarebytes is still free as an on demand scanner. You can get it here....

http://www.malwarebytes.org/

#8 doctorphibes

doctorphibes
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 09 September 2009 - 03:25 PM

Thanks stang. I thought you had to pay for it now. Take care
doc
For Bambo I do have a pro-active malware scanner with my security suite, but I like Spybot and was just playing the better safe than sorry bit. But, it uses a lot of resources so I think Ill just download the insallation file and leave it at that for a back up. I'm not worried at this point but one never knows what may come.
thanks guys
doc
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

#9 Stang777

Stang777

    Just Hoping To Help


  • Members
  • 1,821 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:07:16 AM

Posted 09 September 2009 - 07:06 PM

You are welcome. As for Spybot, just uncheck the box for TeaTimer inside the Spybot program. In the version of it I have, that is located in the Tools section, under Resident. I have Resident SDHelper checked but I left ResidentTeaTimer unchecked. That way TeaTimer does not run. I do not see any reason you should have to use another program to keep it from running

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,937 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:16 AM

Posted 10 September 2009 - 08:01 AM

mvps.org is no longer recommending Spybot S&D or Ad-Aware due to poor testing results. See here - (scroll down and read under Freeware Antispyware Products).

Further, most people don't understand Spybot's TeaTimer or how to use it and that feature can cause more problems than it's worth. TeaTimer monitors changes to certain critical keys in Windows registry but does not indicate if the change is normal or a modification made by a malware infection. The user must have an understanding of the registry and how TeaTimer works in order to make informed decisions to allow or deny the detected changes. Additionally, TeaTimer may conflict with other security tools which do a much better job of protecting your computer and even prevent disinfection of malware by those tools.

More effective alternatives are Malwarebytes Anti-Malware and SUPERAntiSpyware Free.

However, if you want to continue using Spybot, here are a few helpful links:
Spybot Tutorial: Overview - 8. Resident explains the Immunize function, Resident SDHelper and Resident TeaTimer
Spybot S&D FAQs & How To's
Spybot FAQ: What is TeaTimer
How to Disable TeaTimer
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 Bambo

Bambo

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:03:16 PM

Posted 10 September 2009 - 08:33 AM

Too much of this http://forums.spybot.info/showthread.php?t=49881 should be why S&D is not "recommended". And TeaTimer.

If poor testing results mean output from scanner I dont know if it should not be recommended. Does it promise more than is delivered? They say S&D is only updated once a per week partly to make sure all is tested and secure. If there are no FPs and does remove what it is able to find, is result then poor? Then Malwarebytes is also poor because A2 Squared or SAS have big ass databases, cant even figure out how to catch a cookie - S&D can, with warning even :thumbsup:

#12 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,937 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:16 AM

Posted 10 September 2009 - 09:31 AM

Then Malwarebytes is also poor because A2 Squared or SAS have big ass databases, cant
even figure out how to catch a cookie - S&D can

When compared to other security tools like Spybot S&D and Ad-Aware, the advantage of MBAM is that it uses a proprietary low level driver similar to some anti-rootkit (ARK) scanners to locate hidden files and special techniques which enable it to detect a wide spectrum of threats including active rootkits. IMO it has proven more effective than many of the stand-alone ARK tools which are available. MBAM intentionally does not search for and remove cookies which pose no significant threat. The research team investigates new rogue applications and malicious files so the database is usually updated several times a day in an aggressive effort to keep it current. Scanning is performed quickly while other tools can take hours.

a-squared products are prone to "false positives" and they even acknowledge this.

...Sometimes security software falsely identifies important crucial system components as a threat (hence the term False Positives - FP).

Removing/deleting critical system files, even temporarily, can make a system crash. Sometimes the system will recover after a reboot, and sometimes it will not. Therefore, you may not be able to start your system. Special system restore measures may be needed, or even a full system re-installation.

...If detections are FP's, you run the risk of rendering your system inoperable...

a-squared HiJackFree: Using security Software to scan data
a-squared Anti-Malware: Using security Software to scan data
a-squared Free: Using security Software to scan data

...the a-squared Scanner looks for files, folders, registry entries and Tracking Cookies that are typically created by Spyware programs. Traces are exactly these trails that Spyware leaves behind.

This approach has both advantages and disadvantages for Malware recognition...The negative side is that it provides a relatively inexact, or insufficiently differentiated to be more precise, Malware recognition. Benign software can be falsely recognized, for example, if it uses the same file name or folder as a dangerous Spyware program.

Software discovered via Traces should therefore first be double-checked to see if it is actually Malware before it is finally deleted...

Spyware Traces in Detail
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#13 Bambo

Bambo

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:03:16 PM

Posted 10 September 2009 - 10:52 AM

Im not a big fan of S&D, should not be that popular!, but seems it is too easy to compare with whatever - then make conclusions. You can do that with everything. S&D as a universal anti-malware tool used by Grandmas worldwide has proven to fail, is what "poor testing result" mean right?

You refer to 1 line on 1 page made by 1 mvps member. So? Why should people care? I can see some work ahead, like cleaning up pinned threads. Now you mention rootkits - how clever is it to list free AVG as " A free full featured antivirus software." when it is not? Or S&D for that matter... If you dont like S&D you must be more clear why. Replace "poor testing results" with "Potentially troublesome tool and in 2009 there are better free ones available" or something.

The site you refer to has a section about cookies btw. http://www.mvps.org/winhelp2002/cookies.htm - so we can conclude you and Malwarebytes are mistaken :thumbsup:

Edited by Bambo, 10 September 2009 - 11:23 AM.


#14 doctorphibes

doctorphibes
  • Topic Starter

  • Members
  • 81 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 11 September 2009 - 03:02 AM

I have a total security suite that I pay for so I don't really need any others. I do have the installer for S&D on my desktop and Mbam. I guess that's a bit of overkill but from what I've read about S&D just now I might just put the installer for mbam on my destop keep it there and 86 the S&D altogether. I wondered some months ago when I logged onto Bleepingcomputer why they no longer had a link posted to Spybot S&D. Is this the reason why? That they cosider it inferior? Then the same thing happened to Mbam. Now it's Stopzilla. Can someone in the know tell me the reason for this?
I was never a big fan of S&D because a friend of mine told me a few years ago their were issues with it. At the same time I like to see things for myself. S&D didn't seem like a bad program until I saw Tea Timer on my Task Manager(talk about a resource hog). I still have MBam on my system because it doesn't show up in my processes as far as I can tell (unless I run it). I also have a lifetime subscription to SuperAntiSpyware(the full version) which I still have, but have uninstalled because I didn't want to have 2 malware programs running at the same time to avoid conflicts. I liked SAS because it was lite and had some other functions I liked (e.g. Homepage Jacking). It didn't seem to update often though. What's your opinion (anyone) of the Premium SAS? Also, in spite of having full protection (if you consider AVG full protection)I've been hit a couple of times and the standalone scanner Cureit from dr.web has saved me. I'd like to hear some opinions on that as well. Seems like not many people have heard of it, maybe because it's Russian. They claim it's upadated hourly if needed and I've had cases where the scanner was on my desktop for one day and when I tried to run it again they recommended that I delete and reinstall the next days version. It scans for pretty much everything rootkits included. For free I like it becuase it tries first to cure the problem, rename, move, and delete as a last resort but you have the option to do whichever you like. I also tried a 30 day trial of their full security suite and never had a problem with it. Before I was able to afford to pay for security I used AVG. It wasn't bad but it let some things through which is when Cureit saved me. I then switched to Avast Free Home Version. I was quite pleased with it never gave me any problems and always seemed to catch potential threats. I used Ashampoo"s personal firewall. I actually still use both on one of my older desktops as I can only cover 3 with what I pay for and I still haven't had a problem with either. I've noticed quite a few new antivirus and firewalls (free) coming out but don't know much about them. I suppose time will tell the tale. Also any opinions on CCleaner?
Thanks.
I am enough of the artist to draw freely upon my imagination. Imagination is more important than knowledge. Knowledge is limited. Imagination encircles the world. Albert Einstein

#15 Bambo

Bambo

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Denmark
  • Local time:03:16 PM

Posted 11 September 2009 - 11:35 AM

May be not a good idea to recommend at all, only warn like quitetman7 does with S&D. But you must be mistaken - Malwarebytes will not be taken off any positive list.

CureIt/Dr.Web is great. Running off a link with no install is nice but their LiveCD http://freedrweb.com/livecd/?lng=en is even better. Has Filemanager, Firefox build-in = they used brain when putting cd together. May be you need to have been in a situation where only liveCD could fix a problem to understand value. Not worth the bother right now. When using LiveCDs safety belts are off = you must know settings in scanner, what to clean/remove. Manual actions and some knowledge required. Remember there are no quarantine. Why file-manager and browser comes in handy.

Being Russian is questionable? Where does Kaspersky, Avast, ESET, AVG, Bitdefender come from? Should also be hmm then. They race to English speaking countries with offices at first chance so soon "Russian" or "Eastern" label is gone. No one cares about origin unless program is obviously regional like not being translated, has no history known to mankind. Panda is from Spain btw, F-Secure Finland, Avira Germany, Norman Norway. Look up at Wikipedia.

Almost everyone use CCleaner so probably wont blow up computer. Just keep it updated and take it easy while cleaning registry. When done with scanning deselect all findings, then manually select those you want removed. If NO WAY! you are not a registry cleaning person. Well backup of changes will also work. Program can be set to autorun/autoclean right? Done with some safety since files must be older than xx hours but could be improved by allowing profiles. So autoclean would not just use last active settings but a fixed profile. Actually I think you can do something like that with ini-file magic but anyway - be careful with automatic clicks, from you or program.

Hit from where? with what? If you have problems navigating internet, or just dont want to see crap, use something like WOT http://www.mywot.com/ You already use AVG Link scanner? If you talk about cookies or popups "harden" your browser a bit. So easy with Firefox :thumbsup:

Could look at Hostsman http://forum.abelhadigital.com/index.php?showtopic=553 good for blocking ads, good for blocking malware domains (much the same as is now in paid Malwarebytes). Has advantage of being system-wide, WOT only works in browser. Must be 100 times better than S&D, Spywareblasters "passive" protection. Install, disable DNS client, tell it which hosts file you want to use (for ads only use Peter Lowes), under tools start hostsserver (set it to start at bootup) - enjoy. No maintenance on your part except excluding now and then, that hphost can be very sensitive sometimes. To make a few exclusions take seconds - why to use a hosts manager like this and not just pop in a huge hosts file. Updating, removing duplicates etc. is automatically. Not many hosts annoyances left really. Can add own domains with host editor, save as file then include in "Manage update sources". Set update to always overwrite current hosts, do not merge. If questions check his little forum, close to set and forget though.

hphosts (partial) means you get daily hphosts updates, closing in on real-time protection. Easy to find blocked domains with downloads AVG cant deal with - or why did Malwarebytes start with the old trick of domain blocking? Domain vanish and pop up again under new name = hopeless. Problem is same can be said for downloads, also difficult to keep up with. So MBAM attack from one more angle now.

Search BC for hostsman - judging from hits it must have blessings from many. If into "passive" protection you should consider.

Edited by Bambo, 11 September 2009 - 11:36 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users