Spyberus Tutorial

Thanks for downloading Spyberus. You're one of the early adopters of a new way of dealing with adware - not by searching and matching, or patching problems as you find them, but by tracking programs as they install and run, so that the entire tumor can be removed.

Before you get started annihilating adware, you should take a few minutes to get accustomed to the Spyberus interface. First, we'll cover what happens when Spyberus tracks a program, and then we'll go over some of the other tools that are available to you in taking back control of your computer.

I'm assuming that you've already downloaded and installed the program. You will probably notice that the list on the left is blank. This is normal. Since Spyberus is a fundamental enhancement to your computer, the data we gather can only be useful for programs installed after we are.

Let's start by installing some harmless software. Firefox is releasing new versions all the time, but if you have Mavis Beacon or something sitting around, that will work just as well. We won't be uninstalling it.

Click here to download firefox.

Now that you've got that installed, look back at Robot Genius. You should see something like this, depending on what you actually installed:


Click here to view a larger image

The page on the right displays detailed information about the changes that this program has made to your system. Think of it as an executive summary, if you will. You can see the raw data if you click the "Files" tab. Here's the full lowdown:


Click here to view a larger image

As you can see, even the 'lightweight' Firefox browser contains hundreds of files, a hundred or so registry keys, a COM/OLE Class, and a few other tidbits. A more complicated program might include dozens of shared libraries and alterations to your system of a more exotic nature.

Tip: Popup ID

Start Firefox (or the program you installed), go to Robot Genius, and click "Popup ID" in the upper-left hand corner. The screen will melt away. Now, target Firefox and click. Spyberus will track down to the Firefox executable, which you see, if you click the +, creates tons of files on its own.

Search

We can also find specific files by name, just as you'd expect in Windows Explorer.

For example, click the "Search" button in the upper-right hand corner, and type mathml into the text box. Click Search and you should see the file mathml.css come up in the Search Results pane at the bottom.

To see the file in the Package Viewer, right click and select Find in Package Viewer. You can also Find target to go to the Windows Explorer, just like in the Package Viewer.

If you click the Advanced Options button in the Search dialog, you will see a few other options. These are addressed in great detail in the manual, but you can play around with them if you wish.

Process Tree

The next thing you might want to take a look at is the Process Tree. You can access this by clicking the Process Tree button on the main window. It'll look something like this:


Click here to view a larger image

Yes, it's a bit basic at this point, but it does one thing that not many products can: chart which programs spawn others. We found that often adware will try to restart itself, or programs that you trust might start several other processes that do nothing but serve ads.

So, open up the User Applications/Other portion of the tree by clicking on the + next to it. Then, you can browse through the processes for anything suspicious. Usually, if there's a huge branch going out far to the right, it's a bad sign.

Just like in the Windows Task Manager, you can click on a process and select the Kill Process button to bring it down. If you're plagued by a swarm of adware, however, there's a better way to take them all down at once.

Take Control

Before you start reading this section, make sure that you've turned off any important programs you might have running and saved all of your data. Leave Firefox running to make sure the program has something to take down.

Hit Take Control, read the warning carefully, and press Yes. Just like that, Firefox is gone. Better yet, any spyware that was running at the time is probably also gone. When the Take Control Status window appears, Click Close to make it go away.

Here's something even cooler. To economize on system performance, you can click Tools->Spyberus Options. Under Take Control options, click the second button, Most services except networking.

This mode is definitely faster, but it can disable many key services (including anti-virus programs), and is recommended only for advanced users. Click Restore Services to reactivate the old Windows look and feel (you can also reach this by going to the Tools menu).

Note

In some cases you will need to restart your computer to regain full functionality. Make sure to reset Take Control to User programs only in the upper-right hand corner of the Spyberus Options dialog under tools.

Removing Adware

I know you've been itching to press it the whole time, but I've saved information on the Remove button for last because of its permanent consequences. Also, this is not something we decide for you. We feel that our customers know which programs are malicious better than we do. We have the infrastructure in place to start collecting data on exactly which programs are bad, but as the program is very new, we've only just begun to build our database!

If you were to remove Firefox, our program would run the registered uninstaller first. Then you'd see something like this:


Click here to view a larger image

If you press Remove again, Spyberus allows you to remove anything that was left behind. Often malicious programs will leave portions of themselves in your system without telling you, continuing to serve ads and collect data after you've supposedly removed them.

If the package isn't something that's registered (i.e., it installed itself without telling you, and doesn't want to be removed), it would just jump to this step, and then it would be removed permanently.