How often do you need to scan for spyware?

Last week, in “Ten things you need to know about spyware,” I got some vigorous disagreement with two items on my list. It was good feedback, so I wanted to revisit both issues. In item #4, I wrote: “If you have to scan your system for spyware every week, you’re doing something wrong. … Running a weekly scan is probably not a bad idea, from a belt-and-suspenders point of view. But it shouldn’t be necessary…”

Suzi at Spyware Warrior took issue with that statement:

Well, perhaps for knowledgable users who understand how to protect their computers, that might be true. Truth be told, I don’t scan my computer very often, but that’s because I know exactly what’s going into and and leaving it all the time. How many users can say that? A very small percentage of current internet users, I’d say. Pehaps Ed’s blog is targeted to savvy users, I don’t know. For the average user, I’d certainly recommend scanning at least few days, maybe every day for frequent web flyers. An exception would be for users surfing with an alternative browser such as Firefox or Opera.

I think we’re closer to agreeing on this issue than it might sound at first. Suzi doesn’t need to scan her computer regularly, because she knows exactly what’s going into and leaving her computer at any time. So do I. So does my co-author Carl. So do friends and clients of mine who have asked for my help in keeping their systems free of spyware and viruses. And so can anyone who is willing to learn about the problem of spyware. If you incorporate some basic technological solutions and modify your behavior using common-sense guidelines, you can keep your PC spyware-free. (See “Six steps you can take to block unwanted software” for more details.)

But simply installing an anti-spyware program (or two or three) on an average user’s computer and telling them to scan daily or weekly isn’t enough unless you also train them in effective techniques for keeping crapware at bay. If you do that job right, the clean spyware scan becomes the weekly report card that proves they learned the lesson.

I have Microsoft AntiSpyware Beta 1 installed here and I allow it to do its nightly scan. It’s unobtrusive and the only real side effect is a dialog box that I need to dismiss each morning. It never finds anything. Over the past few months, during the course of researching the upcoming Windows Networking and Security Inside Out, I’ve experimented with just about every available anti-spyware program. They never find anything except cookies (which are not spyware and can easily be managed) and false positives.

Look, I have antivirus software on my computer. It’s constantly intercepting and quarantining infected attachments that arrive via e-mail. Every week, the antivirus program scans my system to verify that I am not infected with any viruses. It never finds anything. If it does, I know I have a serious problem and that I need to figure out how the unwanted software slipped past my defenses. The same is true with spyware. If your weekly scan reveals that you’ve picked up an unwanted and potentially hostile program, you need to remove it. And then you need to figure out how it got there and fix your defenses so it doesn’t happen again.

So, based on Suzi’s feedback, I’m changing item #4 to read: “If you have to scan your system for spyware and remove unwanted programs every week, you’re doing something wrong.”

In a follow-up post, I’ll address the controversy over how many spyware scanners you should use. One, two, as many as it takes?