Share what you know with millions of people
Focus is the best place to turn what you know into remarkable content
0
What are the signs that you have computer spyware?
What methods do you use to detect spyware on your computers? Are the free software applications enough, or do you go with something more powerful?
Events
- Dos and Don'ts of Small Business Marketing May 29 @ 11 am PT
- Lead Nurturing 202: The Next Generation May 31 @ 11 am PT
- The Tricks to Paid Media June 6 @ 11 am PT
- Display Advertising for Brand Awareness June 20 @ 11 am PT
Related Activity
6 Answers
I always use more than one anti-malware program to check for problems. The free applications are fine. Just use more than one.
Here a few that are rated extremely well:
http://www.superantispyware.com/
http://www.malwarebytes.org/
http://download.cnet.com/Ad-Aware-Free-Anti-Malware/3000-8022_4-10045910.html
One sign can be that when you attempt to browse to certain websites - particularly if they are security related - i.e. - Symantec, etc. - and you get redirected elsewhere - or your browser just plain won't take you anywhere...
'active' spyware can cause your system to act funny, to slow down, to lock-up, and to re-direct your browser requests.
I have installed the free version of Ad-Aware for several years now, as-well-as the free version of Spy Bot Search & Destroy. Those free versions work well to find spyware and to clean it.
Also regularly search for rootkits . . . .
and lately use malwarebytes
Real (well developed) spyware is something you won't see as it does things on the background, trying to hide. But if you're an expert then you could check the processes that are running, what programs start up automatically, etc.
If you talk about adware, then you'll see pop-up advertisements coming out of nowhere.
In both cases: check your computer with anti spyware (anti malware) software, one (or all) of the programs mentioned below.
- SpyBot
- AdAware
- Hitman Pro
Assuming that this is in the case of a managed network rather than an individual PC, the technique which has been most useful to me comes from the concept of "extrusion detection". If your network uses an HTTP proxy of any type for PC access to the web and your firewall only allows HTTP out from that device, look at your firewall logs to see what PCs are trying to access the web directly. This will show up as denied outbound HTTP requests. The other thing to look for is outbound IRC requests on port 6667. Spyware programs have been known to try to bypass web proxies to hide their activity and to use IRC for command and control purposes. The IP addresses of these PCs are a good place to focus your cleanup efforts.
If you are in a corporate environment and your network is not configured with a proxy and your firewall does not limit outbound PC access then your only hope is to go from computer to computer using the packages above manually.
Answer This Question