![[Skip to Network Security page content]](http://www.siuc.edu/siucimages/hpimages/skipsection.gif "[Skip to Network Security page content]"){kind=small}
Spybot Search & Destroy Guide
This page is a general overview of the installation and operation of the Spybot Search and Destroy utility.Spybot is an extremely useful program that attempts to keep your computer free of malware. It accomplishes this feat by scanning your system for known viruses, worms and other nasty things and then destroying them (hence the "search and destroy" aspect). It also creates an application that runs in your system tray and tries to prevent malware from making unauthorized changes to your computer's configuration. Although very useful immediately from download, it is recommended you update Spybot twice a week (including the Immunizations), and perform a full system scan at least once a week. The means to do this are explained below.
To download the program, do a Google search for "Spybot Search and Destroy."
You should get a result like the one below:
Any of the sites shown in the full size image are acceptable to download from. The people behind the website safer-networking.org are the creators of Spybot, and their site includes many mirrors to download the program from other sites.
For this article, we'll download from filehippo.com.
As you can see in the above picture, there's a huge green arrow in the right-hand corner screaming "Download newest version now." As of the writing of this guide, the newest version is 1.6.1.38 Beta. Click the green arrow to get the download started.
Depending on your Web Browser, it may prompt you with its pop-up blocker. If you haven't disabled this dialog box, click "OK" to proceed with the download.
Again, depending on your browser, the file may automatically begin downloading, or a yellow bar may appear at the top of your browser window. To download the file, right-click the yellow bar that appears at the top of your screen and select "Download file."
After you click "Download file," another dialog box, like the one pictured below, will appear.
It's a good rule of thumb to never run anything on your computer before first saving it and letting your anti-virus program scan it, so we want to click "Save."
A new dialog box will pop up, asking you where you want to save the installer file.
What I usually do is save anything I've downloaded from the Internet into a folder called "Downloads," and then create sub-folders for each file. In this instance, I would save it to a folder similar to: C:\Downloads\Spybot\v1.6.1.38Beta.
For the ease of reference, we will just save the file to the desktop instead.
The file will take a few minutes to download. When it's finished, a "Download completed" box will appear, and give you the option to "Run," "Open folder" or "Close."
You NEVER want to run a downloaded file before first scanning it with anti-virus software. However, because I saved it to my desktop, we'll be skipping this step.
(For those of you using Firefox, there is no "Open folder" option like the one in the picture above. To open the file to scan it, right-click it in the download manager and select "Open Containing Folder").
To install Spybot, close out your Web browser and navigate to the file you've just downloaded. Ours is here, on the desktop:
Double click the icon to start the installation process. Click "Run" on the next dialog box, and then select the language you are most comfortable with from the drop-down menu. After that, you should be presented with a window like this:
Click the "Next" button to begin. The next page is the license agreement. You may notice, for some odd reason, the creator of Spybot has dedicated it to "the most beautiful girl on Earth." Like I've always said, nothing says true love like an anti-spyware program. Review the license agreement, and when you're satisfied, click "I accept the agreement" and then "Next" to continue.
Next is the installation location. The default directory is fine, so go ahead and click "Next."
The next option is selecting the components to install. Unless you need the additional languages, or the large icons (blind user mode), I recommend UNCHECKING all the boxes except "Download updates immediately" and "Separate Secure Shredder application," like in the picture below:
Hit "Next" on the next screen as well, as the default setting is fine.
The top two check boxes on the next box are optional: "Create desktop icons" and "Create a Quick Launch icon." I recommend checking the bottom two boxes, "Use Internet Explorer protection (SDHelper)" and "Use system settings protection (TeaTimer)," as both of these services play a vital role in protecting your system. TeaTimer is the icon that you will find in the system tray. It will ask you whether you want to "Allow Change" or "Deny Change" whenever a program or web app is trying to modify some of your settings. SDhelper is part of the immunization strategy for Spybot. When you keep your immunizations up to date, this service will protect other programs like Internet Explorer and Firefox from certain "bad" things, such as going to well-known web sites that install adware or spyware. For the purpose of this guide, I've unchecked the top two boxes:
Click "Install" at the next box to install Spybot.
If you left the box "Download Updates Immediately" checked earlier and have a working Internet connection, Spybot will now download additional updates, keeping your program up-to-date (in theory). Again, I must stress how important it is to update at least twice a week in order to keep Spybot effective.
After downloading, it will install these updates along with the program itself.
Once it's finished installing, click "Finish" to launch Spybot Search and Destroy.
The first time you run Spybot (and frequently after applying new updates) you will see the notice below. This is a warning that if you're using a program that installed adware or spyware (and you remove the ad/spy portion of the program) the program may check for this and then refuse to work. One example that is fairly common is "free" screensaver or cursor replacement programs.
These programs are "free" to download because they make their money spying on you and then selling the information that they collect about you to advertisers. So they write the programs in a way that the program keeps checking to see if it is still successfully spying on you. If you stop your nifty screensaver from spying on you, it may choose to stop allowing you to use the "free" screensaver.
Go ahead and check the box labeled "Don't show this message again" and then click "OK."
You should now see a box proclaiming something about "Step 3 of 7." But what happened to steps 1 and 2?!?!?! OH NO YOU DID SOMETHING WRONG YOU'RE GOING TO HAVE TO START OVER OH MERCY. Just kidding. Steps 1 and 2 were leftover from an earlier version of the program and have completed automatically. So go ahead and click "Create registry backup" to move on. The backup will take a few minutes, and when the "Next" button reappears, click it.
I know you've supposedly already installed any updates, but in the off chance you missed one, Spybot give you another chance to grab these essential updates. This is also step 5 of 7. What happened to 4 you, ask? Step 4 used to be the option to completely wipe your hard drive, but Spybot's creators found this wasn't a particularly useful tool so they scrapped it. I may or may not be kidding. Click "Search for updates now."
This should bring up a box like the one below. These are the different mirrors you can download updates from. Spybot will automatically select the server that will provide the optimal download for you, so go ahead and click "Continue."
The next window contains the files to be downloaded. Yours may look different than the picture below, depending on what updates you need to download. It's a good policy to check all boxes for download. After you've done this, click the "Download button."
After the files have finished downloading, click "Exit" and then "Next" on the Step 5 of 7 window
The next step is an initial immunization of your system. What this does is prevent tracking cookies from entering your computer from your web browser. Click "Immunize this system."
After clicking "Immunize," a box will pop up and prompt you to close all browser windows to ensure a successful immunization. Do this, then click "OK."
This process will take a few moments. Enjoy the brick wall building graphic.
Once the "Protected" total matches the "Total" total, as in the picture above, click "Next" at the "Step 6 of 7" window.
Now you're ready to start scanning your machine! Click "Run Spybot S&D" at the next window, and you should get a screen like this:
Click the button "Check for problems now" to start scanning.
After clicking the button, you will be presented with the main scanning screen:
This is where the magic happens. The progress bar at the bottom shows all the different malware files Spybot is scanning your computer for. Depending on how affected your computer is, this could take minutes to hours. Running lots of programs in the background will also dramatically affect the speed of this process.
When the scan is finished, your screen will look something like the above picture. In the main window are the different types of malware/adware on your machine, what kind it is and how many instances there are. Types range from viruses, to worms, to simple browser cookies. As you can see, my computer has a few browser tracking cookie sites on it. These entries could potentially be tracking information I enter into my web browser, like credit card info or my SSN. Since this is a brand new computer, and I've only used Internet Explorer to browse less than 10 sites, it just goes to show how easy it is to get some nasty things on your computer! To rid your system of these baddies, click the "Fix Selected Problems" on the top of the screen.
When Spybot is finished removing the malware you will get a screen like this:
Some viruses will require a system restart to be completely removed, and Spybot will prompt you for a restart. It will then automatically run when your computer boots up again.
Congratulations! Your computer should now be malware free. Be sure to check out other pages on the Network Security page to educate yourself in order to prevent any sort of malware from infecting your system ever again.
Updating Spybot Search and Destroy
While Spybot is a tremendously useful program, it is worthless if you don't keep it patched. Just like any other program, updates need to be systematically applied to keep Spybot up-to-date and ready to identify the newest threats to your computer. Updating is extremely easy, and we'll walk through the process below.
You'll first want to click on your "Start" menu, expand "All Programs," and then expand "Spybot - Search and Destroy." Click on "Update Spybot S&D."
After clicking, you should get a window like this:
Since this is the Beta of version 1.6.1.38, I'll check the "Include Beta Updates" box. If you need updates in a language other than English, check the "Display updates for all languages" option. Then click "Search."
Spybot will then search online for any updates to virus definitions, software updates, or anything else. When I ran this test, there were no new updates. However, if there are, refer to the initial installation update process above, as it is exactly the same. A dialog box will prompt you to select a location to update from, pick the one in your language of choice and that is geographically closest, then check the selected updates when they pop up, and hit "Download" to download and apply those updates.
Updating is a vital process in ensuring Spybot finds EVERY malware entry on your computer, and I recommend you update at least once a week, and definitely every time before you actually scan your system.
Last update by Michael on 5/29/09