Raining Blessings From Holiness David's Heart

Holiness David Running Eagle Shooting Star

Search This Blog

Everyone is Welcome into the Heart of Holiness David, for he wants to help you with your questions! Nothing is too simple or complicated! Semiconductor World Trainer! He loves computers and he loves you too! Email holinessdavid@alightfromwithin.org

Friday, February 12, 2010

Spybot Search and Destroy and Tea Timer Installation

This is a short tutorial to show you the first steps you have to do to remove spyware and other kinds of malware from your computer, using Spybot-Search and Destroy.

1. Download
Obviously, the first thing you need to do is download Spybot-Search and Destroy from our download page.
The download page first gives you a bit of donation information; if you like the program, I encourage you to come back later and donate something. But right now, you want to download. The downloads are on the same page, just scroll down a few lines and click Spybot-Search and Destroy 1.6.2. On the next page you will see a table with four download locations. Clicking on one of them will lead you to a page offering the download. Each of these pages is a bit different, but you should be able to find the download link there without problems.
2. Installation
The file you have downloaded will be named spybotsd162.exe or similar. To install Spybot-Search and Destroy, all you have to do is run the file, and the installation program will start (if you have downloaded with Internet Explorer, the download dialog will give you the option to open the file directly). The installer will show you the license and ask you for the installation location. You can go with the default settings here and just click your way through the installer by using the Next button.

After the installation has finished, you will see a Spybot-Search and Destroy button on your desktop and in your start menu. Click on it to start Spybot-Search and Destroy the first time.

3. First run
The first time you start Spybot-Search and Destroy, it will display a Wizard, a small window helping you through the first steps. It gives you the possibility to add or remove the icons you have or haven't created during install, for example. Let's just say you want them and proceed to the next page.
If you are using a proxy in Internet Explorer, Spybot-Search and Destroy will show you this proxy and a button will give you the opportunity to use it for Spybot-Search and Destroy, too. If the text field is blank, you don't need to do it, but in most cases this will show an internet address, and you should import this proxy setting.

The next page deals with updates. It is very important to keep up-to-date. Using the two buttons this page offers will do the updates for you, if you want to do it at a later point, read this.
The last page of the wizard will ask you to read the help file. The help file is always a good resource if you are unsure what to do, so please do at least read the first pages of it.

4. Doing a scan
After the tutorial has finished, you may find yourself on the Settings or Update page. As the default settings are ok right now, and you've already updated, let's ignore them for now and do the first scan.
The left side of the program has a navigation bar that can lead you to all functions of the program. The first section there (the top-most button) is labeled Spybot-Search and Destroy and leads you to the main page. Right now, you will see only an empty list and a toolbar at the bottom. The first button in this toolbar is named Check for problems - that is the button you've got to press to start the scanning. Lean back and watch the scan progress.

5. Interpreting the results
At this point, you could just jump to point 7, and remove the results. Instead we recommend that you first have a look at what all the stuff is that Spybot-Search and Destroy detected. The first thing you should know is to distinguish between the red entries, which represent spyware and similar threats, and the green entries, which are usage tracks.

For the usage tracks (I hope you have followed that link to read what they are), removal is non-critical, but depends on your personal preferences.

Ignoring the usage tracks for now, you should have a look at the red entries which represent the real threats. While you of course can trust us that we have chosen the targets using strict criteria, you can check for yourself if you click on each product and read the product information that will be shown in a pop-up window.

6. Decision on exceptions
All problems displayed in red are regarded as real threats and should be dealt with. But while you read the product description, you may still decide to keep a threat, or just a usage track. Maybe you don't want your list of most recently used Word documents removed? At this point you have three options.
  • You could decide on ignoring all usage tracks. In that case you could open the File sets page on the Settings section of the program, and disable the Usage tracks entries.
  • Or if you want to just keep all tracks from a specific product, just right-click a product in the results list.
  • Finally, if you want to keep just one file, that is possible the same way.
7. Removing the threats found
So now you should know about everything you've found. It's time to use the Fix selected problems button.
Once you start thinking about removing the usage tracks, too, you may think that ticking all the green entries is hard work. This is for a simple reason - to force you, the newbie - to look at the results. Once you know what you are dealing with, there is a hidden Select all button available for you.

8. Resident
If you use Spybot-Search and Destroy's realtime protection against spyware, nasty spies will not enter your system. Currently there are three different kinds of protection.
The Immunize function prevents e.g. Tracking Cookies from entering your system. Immunize works with Mozilla Firefox, Internet Explorer and Opera, allowing you to adjust specific settings of the browser to block known spyware installers, (and similar baddies) already included in Spybot-S&D's database. You start the Immunize function by clicking on Spybot-Search and DestroyImmunize on the left navigation bar.

Resident SDHelper is a second layer of protection for IE. Immunize function blocks installers by their ActiveX ID, while SDHelper blocks badware that tries to enter using a different method. Thus Internet Explorer cannot download bad files. You start SDHelper by clicking on ToolsResident on the left navigation bar (therefore Spybot-Search and Destroy has to run in Advanced Mode). There you can tick the checkboxes next to Resident "SDHelper" (Internet Explorer bad download blocker) active in order to activate SDHelper.

Resident TeaTimer prevents unwanted files from being installed – no matter how – on your system. It monitors the processes called/initiated perpetually. If known malicious processes want to start, TeaTimer immediately terminates them, giving you three options how to deal with this process in the future:
  • be informed when the process tries to start again
  • automatically kill the process
  • generally allow the process to run
There is also an option to delete the file associated with this process. If something tries to change critical registry keys, TeaTimer will detect it. TeaTimer can protect you against such changes by giving you an option: You can either Allow or Deny the change. TeaTimer is always running in the background.
Since Spybot-Search and Destroy 1.6 the TeaTimer uses our database where known files are rated as good or dangerous. This database contains several hundreds of thousands entries and is enlarged continuously. Nonetheless now and then there are files which are not contained yet. In these cases and if you use older Spybot versions Resident TeaTimer will ask your permission for every change. If you are not sure if you should allow the change, there is a simple rule of thumb:

If you have been installing something and/or if you judge the file that is going to be installed as good because you know its name, you can proceed by allowing the registry change (same thing if you or Spybot-Search and Destroy were deleting an application). But if the message comes out of the blue sky while you were surfing the web, you should get cautious. In this case it is better to deny the registry change.

You start Resident TeaTimer by clicking on ToolsResident on the left navigation bar (therefore Spybot-Search and Destroy has to run in Advanced Mode). There you can tick the checkboxes next to Resident "TeaTimer" (Protection of over-all system settings) active in order to activate TeaTimer.
Of course it is possible to revise each of your personal decisions. That could be necessary if you have denied some process which turns out as a good one later. You do so by right clicking on the TeaTimer symbol in the system tray - it is the blue one with the lock. (If you cannot see the symbol, it is probably hidden. Just click on the arrows in the system tray to show all hidden symbols.) A window appears where you have to click on Settings to modify your personal lists of registry changes and processes.
How to make a backup
How to disable Spybot-S&D temporarily
How to download Spybot-S&D
How to exclude products from the search
How to disable the proxy
How to make a recovery
How to enable the Select all button
How to export the Startup list
How to switch the language
How to uninstall
How to update


Download Page: http://www.safer-networking.org/en/download/index.html
Download Spybot-Search and Destroy from a mirror hosted by Safer-Networking
To avoid confusion often caused by download sites full of advertisements, we provide this service that is dependent upon donations. If you did not already send your donation, please give it a second thought.

Download Spybot - Search & Destroy©® 1.6.2 (15.6 MB)

md5: 54ACBA9CFD7154C02CEACF6310CF3CFA

NP. I like Spybot alot and want to see it grow. You can contribute to its success by sending threats you think it does not detect. Send the file in a zipped folder to: detections@spybot.info

Solution to fix the pop-ups in Spybot's TeaTimer

This fix is from Safer-Networking Ltd.

This is a provisory solution to fix the problem the bug in the pop-ups checkbox buttons

1.- Download "ResHacker" from here

2.- Deactivate the TeaTimer

Go into Spybot > Mode > Advanced Mode > Tools > Resident.
Uncheck the following: Resident "TeaTimer" (Protection of over-all system settings)

3.- Used "ResHacker" to open TeaTimer.exe (Should be in C:\Program Files\Spybot
- Spybot-Search and Destroy).

4.- Press Ctrl+F and searched for the word: decision

You will see this code:
object cbRemember: TCheckBox
Left = 8
Top = 160
Width = 339
Height = 17
Anchors = [akLeft, akTop, akRight]
Caption = '&Remember this decision.'
TabOrder = 2
 5.- Change the value "Top" from 160 to 190

6.- Press in "Compile Script" and File > Save

7.- Close the "Resource Hacker" and activate the TeaTimer again

This is the final result:

More information of this bug on Safer-Netowrking's Site:


Angel Services around the world!
Client Security Solutions gifted by 
A Joy Light From Within .Org

Computer Weekly Telephone Free Access
Elders for Assistance Available by Telephone
Sun 5:30 pm PST Arrive between 5:30 to 6:00pm PST
Your Conference Access Number:     1-218-895-3911
Your Conference Passcode:     62013#

If you have any problems, please don't hesitate contacting me at holinessdavid@alightfromwithin.org
Cheers and Blessings, Holiness David Elder Lavender person alightfromwithin.org Rainbow Warriors of Prophecy

Warriors of the Earth  

Welcome to the home of love, where your computer gets to know of hugs. Take the time to give it love, to ensure the spine stands, on the test of time (until you update protection files again). For only you can operate the golden rule, do unto your computer, who knows who to fool. But we do outwit the slyest fox, when we give love instead of gloves (put them up, combative forces). The greatest part of protection is clear, the smooth operation of moving in space is dear (world wide web). Protect my computer God above to bring the Angels down below. Bless and bless the common place, to be rest assured that all is grace.

No comments:

Post a Comment

Thank you for your comments! We will review and post your comments as soon as we can.
Your devoted servants,
Twin Deer Mother and Holiness David