Spyware Removal

Do you think someone is spying on your internet activity? Though Norton or McAfee might be able to locate spyware, some may be so well-written as to escape detection. In any case, downloading more software willy-nilly in an attempt to protect your computer is more likely to make things worse. Here are some steps a Microsoft Windows user can take to detect spyware activity; Macintosh OS/X, Linux, and users of other operating systems will have similar but different methods available.

- Press Ctrl-Alt-Del (all 3 keys simultaneously, known as a “three-finger salute”). This should pop up the Task Manager, or whatever Microsoft is calling it lately. One of the tabs should be Processes; click that tab.

1) Look up every process name on the Internet. Don’t trust all the information that you find, but try to get a general consensus from the more reliable sites whether that process name is likely to be malevolent or not.

2) Even if a process name is normal and expected (like svchost.exe), it’s still possible that a “hacker” was able to overwrite the normal system process with a tainted one.

3) If a process looks suspicious, for example u-r-0wn3d.exe, you will need to attempt removal. See Tips for ideas on that process.

- Open a command window, also known as a “DOS box”, by clicking Start | Run | cmd, or Start | Run | command on older systems. Type in the command: netstat -an. This will show you a list of systems you have connected to, and systems connected to you, and all “listening” ports. Learn the port numbers: 80 and 443 are typical for the “web”; 135, 139, and 445 are for Microsoft networks; find out what they all mean. If you see something suspicious, netstat -anbv might show you what process is doing the communication.

Tips to stop spyware

Spyware is software that hides on your computer, usually without your knowledge and without you knowing how it got there. Spyware & Adware can not only result in data corruption, personal profiling, hacker attacks, pop-up ads, spying, but also identity theft.

Here are some tips to stop spyware:

1) Be careful when you download: Many spyware programs are downloaded unknowingly when you download other software.

2) Avoid peer-to-peer file sharing: Peer-to-peer file sharing is risky, as the content of the other person’s computer is unknown and viruses and spyware can be spread this way.

3) Use add-ons on your Internet browser.

4) Install anti-spyware software: There are a number of freeware and shareware sites that offer free anti-spyware. Even with anti-spyware software installed on your computer, you will want to check periodically for updates from the software manufacturer as new spyware and adware viruses are developed. These updates will protect you from the latest spyware programs.

5) Keep your operating system up to date: Most operating systems will automatically check for updates periodically.
Operating system security patches are released often from the manufacturers that can fix holes in your system that hackers and spyware can break through.

HijackThis is a free spyware detection tool from Trend Micro. It was orgiginally developed by Merijn Bellekom, a student in The Netherlands. Spyware removal software such as SpywareTerminator and Spybot: Search and Destroy detect most spyware. However, there are some spyware that are too stubborn and manual removal is the only way to go.

HijackThis has been developed specifically to detect browser hijacks, or software that takes over your web browser, alters your default home page and search engine and other malicious things. HijackThis is a spyware-remover and does not use signatures or target any specific programs or URL’s to detect and block. Rather, HijackThis looks for the tricks and methods used by spyware to infect your system and redirect your browser.

HijackThis generates a log which provides information on the condition of your computer. Analysis of this log requires experience and knowledge. However it is not so difficult and can be deciphered with a little online help.

There are also certain websites that provide online analysis for free. All you have to do is to copy and paste your log and you will get an ideas about the spyware that has infected your computer.

Here are some HijackThis Analyzers:

# PrevX.com
# HijackThis.de
# SpyandSeek.com