How to Know if You Have Spyware on Your Computer

Do you think someone is spying on your internet activity? Though Norton or McAfee might be able to locate spyware, some may be so well-written as to escape detection. In any case, downloading more software willy-nilly in an attempt to protect your computer is more likely to make things worse. Here are some steps a Microsoft Windows user can take to detect spyware activity; Macintosh OS/X, Linux, and users of other operating systems will have similar but different methods available.

1. Press Ctrl-Alt-Del (all 3 keys simultaneously, known as a "three-finger salute"). This should pop up the Task Manager, or whatever Microsoft is calling it lately. One of the tabs should be Processes; click that tab.

Ads by Google
Computer Monitoring Tests
Find software that fits your needs. Research made easy with our reviews
WellResearchedReviews.com/Monitor

1. Look up every process name on the Internet. Don't trust all the information that you find, but try to get a general consensus from the more reliable sites whether that process name is likely to be malevolent or not.
2. Even if a process name is normal and expected (like svchost.exe), it's still possible that a "hacker" was able to overwrite the normal system process with a tainted one.
3. If a process looks suspicious, for example u-r-0wn3d.exe, you will need to attempt removal. See Tips for ideas on that process.
2.
1. Open a command window, also known as a "DOS box", by clicking Start | Run | cmd, or Start | Run | command on older systems. Type in the command: netstat -an. This will show you a list of systems you have connected to, and systems connected to you, and all "listening" ports. Learn the port numbers: 80 and 443 are typical for the "web"; 135, 139, and 445 are for Microsoft networks; find out what they all mean. If you see something suspicious, netstat -anbv might show you what process is doing the communication.

Ads by Google
Waste water process
New Wastewater Treatment Technology At Higher Performance & Lower Cost!
All-About-Wastewater-Treatment.com
Remote Desktop Monitoring
Remote monitor any distant PC. Works through any Firewall.
www.TeamViewer.com
DDos protection service
5 days absolutely free, Pay by LR Both Normal and Offshore
center.theupcomings.com

edit Tips

* More important than any firewall or security software is your creation of a Limited account from which you do all your normal Internet activity. Only use an Administrative account to install specific software that you have downloaded from a trusted website from your Limited account.

Ads by Google
Patriot Systems
Alarm Monitoring Software for Central Station Automation
www.patriotsystems.com
* All software should be considered "guilty" until proven "innocent". Some so-called "hackers" manage to get their malware onto distribution CDs of commercial software. Don't install any software unless you absolutely need it, and then do some web searches to see what other people have reported about that software.
* Once your computer has been compromised, even after you have eliminated the spyware you will have to change all your passwords to every account you access via your computer; it's better to assume the spy has all your passwords.
* The firewall is an important defense, but in many cases it will not detect the spy's uploading of data, if it is sent as an email or uploaded to a web page, since in most cases you won't want to restrict your access to email or the web.
* If a suspicious process is found, and stopping the process from the Task Manager does not visibly affect your ability to use the computer, it may be wise to attempt to quarantine the file. Locate it using Start | Search, and create a folder like C:\evil in which to store it: right-click the suspicious file, select "cut", then right-click the "evil" folder, and select "paste". If you later find it's innocuous, or even vital to the use of your computer, you can put it back where it belongs; keep a record of what goes where.
* On some systems, msconfig will help with this process, by letting you change startup options and other system configurations. If a process in StartUp has no name, or is located in \Windows\temp, it is highly suspicious.

edit Warnings

* Sometimes your firewall will flag on things such as "Windows XP is trying to update" that's okay. But if you see something you are not familiar with or looks suspicious then you can go ahead and block it. In fact, you can temporarily block anything until you know for sure if it is okay or not.
* In many cases, malicious software writers will have several alternative means of starting and reinstalling their viruses and spyware. If you don't get them all, the "evil" software will return; and in some cases it will erase your hard drive in retaliation. It's best to back up all important data to CD-R, CD-RW, or DVD before attempting spyware removal.
* There is no surefire way of detecting a compromised system; some methods are diabolically well hidden. Also, your country's government very likely has ways of monitoring all network activity (like the NSA in the United States), so it's wise to always assume someone is watching.


Source: www.wikihow.com