Exterminate Malware Efficiently with Spybot Search & Destroy
First we showed you how easily your computer can become infected with spyware, crapware, and other unwanted software—and today we’ll show you how to clean your system with Spybot Search & Destroy.
Important Parts of the Installation
As you are installing Spybot Search & Destroy, there are two windows that you should pay special attention to.
Here you can see the Components Selection Window. It is recommended to make certain that “Download updates immediately” and “Security Center integration” are selected.
Note: After installation, there may still be a few minor updates that can be downloaded.
In the Additional Tasks Window, it is definitely recommended to make certain that “Use Internet Explorer protection (SDHelper)” and “Use system settings protection (Tea Timer)” are both selected. This will help give you extra protection for your system.
Scanning for Malware
Once you have finished installing Spybot Search & Destroy and start it for the first time, you will be asked if you would like to make a “Registry Backup” before scanning with the software. It is recommended to make the backup…after all, backups are always a good thing.
As you can see in the following screenshot, Spybot Search & Destroy was already hard at work catching malware while still in the initial setup process right after startup (very wonderful!). Knowing that both of these were malware, we chose to have both processes shut down and deleted.
Once the initial setup process is complete, you will see the main Home Window. From here you can choose which action you would like to perform. For our example, we decided to “Search for Updates” just in case anything else was available (recommended).
As you can see, there were extra updates available for the Immunization database, the Tea Timer service selected during the install process, and an English language descriptions file. Once you have finished downloading any available updates, click on “Exit” to close the Updates Window.
Once the Updates Window has closed, you will be returned to the main Home Window. Now is a good time to go ahead and Immunize your system. Here you can see the amount of Immunization that is available to be applied (Unprotected versus Protected). Click on the “Green Plus Sign Immunize Button” to apply the Immunization. This not only helps your installed browsers, but also boosts your Hosts File as well.
After the Immunization is complete, you can see the shift in numbers from “Unprotected” to “Protected”. Now it is time to start scanning for malware. Click on the “Search & Destroy Button” on the left side of the window.
To start scanning, click on the “Check for problems Button”.
Once scanning has started, you will be able to easily track the progress using the color bar and numerical counter at the very bottom of the window. You will also be able to see which type of malware Spybot Search & Destroy is searching for at any given moment beside the numerical counter.
While scanning our example system, you can see that Spybot Search & Destroy was building a list of the malware (amount and type) that it had already found.
Note: Spybot Search & Destroy will take a while to complete the scan, so be patient. The wait is well worth it!
Once Scanning is Complete
After Spybot Search & Destroy has finished scanning for malware, it will list the number of problems found in the lower left corner of the window. In the main part of the window, you can see the compiled list of what has been found.
Clicking on the “Plus Sign” beside each entry will allow you to see information about each item found (i.e. Registry value, File, Location). The great thing about the compiled list is that you can go through to check for false positives (if any) and deselect those particular entries. You can be very specific in what is or is not removed (very nice!).
Removing the Malware
Once you have checked over the compiled list, click on “Fix selected problems”. You will then see a confirmation window asking if you want to continue. Select “Yes” to start removing the malware.
There will be a large green checkmark beside the entry for each item of malware on the compiled list that was successfully removed. If some of the malware discovered is in active use at the moment, you can choose to have those items removed when you restart your computer. Select “Yes” to activate this option.
Once you have clicked through the confirmation window shown above, you will see the following message window providing details about the number of problems fixed. If there are problems that will be fixed during a reboot, those will be shown as well and you will be asked to restart your computer. Select “OK” to restart.
Malware Removal During a Reboot
If you have malware that is being removed during a reboot, Spybot Search & Destroy will also conduct a whole new scan as well during the process in case any malware tries to reestablish itself during restart. Your system will not finish restarting completely until the scan is complete, so you can expect to see a black screen.
Note: This scan will likely take longer than the regular scan to complete, so if you have something else to work on or a book to read while waiting, feel free to do so. Spybot Search & Destroy will let you know when it is finished.
As you can see from our example, part of the malware did try to reestablish itself during the restart but was easily caught by Spybot Search & Destroy. To remove any malware problems found, select “Fix selected problems”. Once you have clicked “Fix selected problems”, your system will then finish restarting.
On our example system, the processes caught trying to reestablish themselves had startup entries that created repeating momentary popup windows with messages showing that they were failing to load. So it is recommended to go ahead and do another restart at that point. Once your system has restarted, sit back and enjoy how clean your system has just become!
Conclusion
While Spybot Search & Destroy is not the fastest anti-malware software, it is very meticulous and efficient in eliminating malware from a computer system. So this is definitely a recommended anti-malware app to have around.
Download Spybot Search & Destroy (version 1.6.2)
Next Up: Cleaning Spyware with Ad-Aware
We’ve already shown you how easily you can infect your system, and then clean it with Spybot, but stay tuned because tomorrow we’ll show you how to remove spyware with Ad-Aware, and then later this week we’ll run through the same thing with MalwareBytes.
Daily Email Updates
You can get our how-to articles in your inbox each day for free. Just enter your name and email below:
haha very nice
thanks for this
did it catch 100% of the viruses or did some leak through
I do like Spybot but you said it is definently recommended to turn on the SDHelper and TeaTimer…however I have to question that because if SDHelper is protection for IE and the user doesn’t even use IE doesn’t that make SDHelper unnecessary?
As for TeaTimer that is basically a firewall for spyware so if that is the only protection a computer has I would see it as needed but if a computer has multiple antispyware programs, a firewall (windows or 3rd party) and an antivirus having background processes running for each would cause a massive decrease in speed.
Essentially I am asking are you recommending to have SDHelper and TeaTimer activated regardless or just if a users uses IE and TeaTimer if they don’t have any other protection?
I’m sorry, but Spybot is really some tool of the past.
Kudos to it for being one of the first antimalware tools on the market.
I was using it for a long time, but right now, it’s well behind its better competitors: Malwarebytes, and Superantispyware.
On a top of it, TeaTimer is known for hogging computers, and some other problems.
@RottNKorpse – With so many people continuing to use Internet Explorer for various reasons (still nearly 60%), I do think that it is a good idea to use the SDHelper. So that is why I recommend it. ^__^
I keep SDHelper (for occasional Internet Explorer use) and TeaTimer both running on my system all the time. As I am writing this both combined together are using less than 6 MB of memory.
Personally, I think the idea of having a “real-time protection” type of service (app/company of choice) for malware running with anti-virus protection and a good firewall is a good idea. ^__^ Each can compliment the other two in providing a good “blanket” of protection for people’s computers.
@Broni – The recent versions of TeaTimer have been gentle on system resources with my computers. ^__^ I have had absolutely no problems with TeaTimer running full-time. ^__^
Seems to be malware/malicious in itself.
My webroot supscription has expired and i thought i would give it a go.
With it installed webroot was forever poping up windows blocking access to malicious websites
and my whole pc slowed to a crawl.
Once i removed it everything was peachy again.
Since I am using Mc Afee{from AOL} will these conflict??
I’ve been using Spybot for about a year on a primary computer at work. It has done a great job of blocking viruses, but now it’s created a problem I can’t seem to fix.
After approving Spybot to run at start-up to fix a problem that it wasn’t able to fix immediately after completing a scan, I’ve not been able to stop it from running in the middle of reboot everyday. I’ve already removed it from the startup program list & disabled Teatimer in the registry & it worked for a few days, but has started back up again & since it’s not listed in either place as active, I can’t figure out how to make it stop. This computer has some very large database files on it, so it takes more than an hour for Spybot to complete it’s run & let the computer finish booting. How do I get control of the computer back?
@Kathryn Merkel – My recommendation would be to do a complete uninstall of Spybot and then reinstall to see if that solves the problem.
If that does not work, then the Spybot forums would be the best place to see if anyone else has had the same problem:
http://forums.spybot.info/
Hope you get your Spybot install all settled down! ^__^