Important Parts of the Installation
As you are installing Spybot Search & Destroy, there are two windows that you should pay special attention to.
Here you can see the Components Selection Window. It is recommended to make certain that “Download updates immediately” and “Security Center integration” are selected.
Note: After installation, there may still be a few minor updates that can be downloaded.
In the Additional Tasks Window, it is definitely recommended to make certain that “Use Internet Explorer protection (SDHelper)” and “Use system settings protection (Tea Timer)” are both selected. This will help give you extra protection for your system.
Scanning for Malware
Once you have finished installing Spybot Search & Destroy and start it for the first time, you will be asked if you would like to make a “Registry Backup” before scanning with the software. It is recommended to make the backup…after all, backups are always a good thing.
As you can see in the following screenshot, Spybot Search & Destroy was already hard at work catching malware while still in the initial setup process right after startup (very wonderful!). Knowing that both of these were malware, we chose to have both processes shut down and deleted.
Once the initial setup process is complete, you will see the main Home Window. From here you can choose which action you would like to perform. For our example, we decided to “Search for Updates” just in case anything else was available (recommended).
As you can see, there were extra updates available for the Immunization database, the Tea Timer service selected during the install process, and an English language descriptions file. Once you have finished downloading any available updates, click on “Exit” to close the Updates Window.
Once the Updates Window has closed, you will be returned to the main Home Window. Now is a good time to go ahead and Immunize your system. Here you can see the amount of Immunization that is available to be applied (Unprotected versus Protected). Click on the “Green Plus Sign Immunize Button” to apply the Immunization. This not only helps your installed browsers, but also boosts your Hosts File as well.
After the Immunization is complete, you can see the shift in numbers from “Unprotected” to “Protected”. Now it is time to start scanning for malware. Click on the “Search & Destroy Button” on the left side of the window.
To start scanning, click on the “Check for problems Button”.
Once scanning has started, you will be able to easily track the progress using the color bar and numerical counter at the very bottom of the window. You will also be able to see which type of malware Spybot Search & Destroy is searching for at any given moment beside the numerical counter.
While scanning our example system, you can see that Spybot Search & Destroy was building a list of the malware (amount and type) that it had already found.
Note: Spybot Search & Destroy will take a while to complete the scan, so be patient. The wait is well worth it!
Once Scanning is Complete
After Spybot Search & Destroy has finished scanning for malware, it will list the number of problems found in the lower left corner of the window. In the main part of the window, you can see the compiled list of what has been found.
Clicking on the “Plus Sign” beside each entry will allow you to see information about each item found (i.e. Registry value, File, Location). The great thing about the compiled list is that you can go through to check for false positives (if any) and deselect those particular entries. You can be very specific in what is or is not removed (very nice!).
Removing the Malware
Once you have checked over the compiled list, click on “Fix selected problems”. You will then see a confirmation window asking if you want to continue. Select “Yes” to start removing the malware.
There will be a large green checkmark beside the entry for each item of malware on the compiled list that was successfully removed. If some of the malware discovered is in active use at the moment, you can choose to have those items removed when you restart your computer. Select “Yes” to activate this option.
Once you have clicked through the confirmation window shown above, you will see the following message window providing details about the number of problems fixed. If there are problems that will be fixed during a reboot, those will be shown as well and you will be asked to restart your computer. Select “OK” to restart.
Malware Removal During a Reboot
If you have malware that is being removed during a reboot, Spybot Search & Destroy will also conduct a whole new scan as well during the process in case any malware tries to reestablish itself during restart. Your system will not finish restarting completely until the scan is complete, so you can expect to see a black screen.
Note: This scan will likely take longer than the regular scan to complete, so if you have something else to work on or a book to read while waiting, feel free to do so. Spybot Search & Destroy will let you know when it is finished.
As you can see from our example, part of the malware did try to reestablish itself during the restart but was easily caught by Spybot Search & Destroy. To remove any malware problems found, select “Fix selected problems”. Once you have clicked “Fix selected problems”, your system will then finish restarting.
On our example system, the processes caught trying to reestablish themselves had startup entries that created repeating momentary popup windows with messages showing that they were failing to load. So it is recommended to go ahead and do another restart at that point. Once your system has restarted, sit back and enjoy how clean your system has just become!
Conclusion
While Spybot Search & Destroy is not the fastest anti-malware software, it is very meticulous and efficient in eliminating malware from a computer system. So this is definitely a recommended anti-malware app to have around.
Download Spybot Search & Destroy (version 1.6.2)
Next Up: Cleaning Spyware with Ad-Aware
We’ve already shown you how easily you can infect your system, and then clean it with Spybot, but stay tuned because tomorrow we’ll show you how to remove spyware with Ad-Aware, and then later this week we’ll run through the same thing with MalwareBytes.