If you are new to computer security, you might want to check out a couple of other pages on this site before reading this article. Although it isn't really necessary, a basic understanding of computer security will be helpful. Also, you may find a quick glance at Security Programs to be helpful as well.
Vista users will be glad to know that SpyBot versions 1.3 and 1.4 have received the "works with Vista" logo. SpyBot Search & Destroy version 1.5 is now available. Since changes have been made in performance rather than the graphical user interface, these screen shots and instructions should apply to most versions.
Update 09/27/2008 - SpyBot Search & Destroy 1.6 is now the newest version. When using SpyBot, Vista users will find it helpful to right click the SpyBot shortcut and select "Run as Administrator". This applies to the Start Menu listing, the Quick Launch menu and Desktop Shortcut icons.
You can beef up your defenses with the SpyBot tool known as "Tea Timer". Tea Timer monitors the Windows registry, notifies the user of attempted changes and blocks these changes until the user okays the change. It also monitors system processes that start and immediately stops any known to be malicious. These layers of protection use very little of the computers resources meaning the affects on performance are negligible.
Once you have this tool set to run on start up, Tea Timer usage is simple. If you are installing a new program on your computer and Tea Timer notifies you of a registry change, then you click the allow button. If you happen to be surfing the web and get a notification then click the deny button. As most malware try to write registry changes, this is a simple yet effective defensive tool. The portion of Tea Timer that monitors processes gives you the allow/deny options after killing the process. It also gives you the option of deleting the process file. Having seen very few false positives with SpyBot, deleting sounds to be the best option.
If you already have SpyBot installed and don't have Tea Timer running, you can still activate this tool, as mentioned earlier. You do have to have SpyBot in "Advanced Mode". If the bottom left corner of the SpyBot window is not showing the Settings, Tools and Info & License buttons as shown here, then SpyBot is in "Default mode".
The first thing you need to do is change to "Advanced Mode". In the upper left corner, you will find the "Mode" selection. A left click on the "Mode" selection will activate a drop down menu.
There are only two choices Default Mode and Advanced Mode. Clicking the Advanced Mode selection will result in an "are you sure" type message box. Click the "Yes" button and the required Advanced Mode buttons become available.
With the warning dialog out of the way and the Advanced Mode buttons available, click on the Tools button to open the Tools menu.
In the center of the resulting SpyBot window, you will find a list of tools to include in the "Tools" menu. Only items that have a check mark in their check box will be available on the tool selection menu. If the "Resident" entry does not have a check mark next to it, click the box with your mouse pointer to put one there.
On the left side of the window "hover" your pointer on the "Resident" entry and what looks to be flat text becomes a 3D button. It usually happens pretty quick on the Tools Menu as the more items you have there the smaller the buttons become. Click the button to get to the next screen.
Arriving at the "Resident" window, you will see, centrally located, two check boxes in an outlined area labeled "Resident protection status". Checking the box labeled "Tea Timer" will immediately initiate this "Resident". If the box labeled "SDHelper" isn't checked, I highly recommend checking this box too. SDHelper blocks the download of known malicious files, preventing the introduction of malware into your system and does so silently.
In the systray/notification area illustrated here, is the only evidence you will find that Tea Timer has started. The icon for Tea Timer is circled in white. SDHelper doesn't have an icon and works behind the scenes invisibly.
Microsoft, Microsoft Office, Windows, Windows XP and Windows Vista are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other names have been included in the above text that are trademarks of the respective companies.
