Scan & Clean Your PC

Is your computer infected? Spyware Nuker will protect you from unwanted adware, malware, spyware and more!

Useful Links

Article

How to detect and remove spyware?

For his/her own security every user should be aware of risk connected with possibility of spyware infection, and cautiously take into consideration the indications that might signify presence of spyware on home or office computer.

Quite often spyware doesn’t display itself openly, especially in the most dangerous cases, when a keylogger or other means of espionage is used. Nevertheless there exist indirect indications, which should particularly attract user’s attention as far as security problem is concerned, and means of tracking suspicious programs. Both ways should not be neglected.

Here is a range of signs that should immediately draw your rapt attention:

• Appearance of pop-ups and other advertising windows even when computer is not connected to net;
• New desktop or system tray icons began to appear;
• Browser’s home page or search page changes «on its own»;
• Common words search results give reference only either to advertisements or pages with obscene material;
• New tool bars, buttons and menus appear in browser;
• Some browser’s functions like Tab or tool bars’ rearrangement are no longer active;
• Once you input a particular site address, browser guides you to a completely different one, sometimes resembling each other, or pop-ups and other objects appear;
• Sudden error reports, especially those containing references to sites;
• Computer performance and speed of work in Internet fall considerably;
• System boot begins to take a prolonged period of time;
• When computer is not connected to Internet there begin to appear requests for connection without user’s participation;

All these paragraphs signify with high degree of probability that your computer is working not only for you. The first thing, which should be done in such cases, is to scan computer with the help of antivirus and anti-spyware applications, being sure the updates are fresh.

It is also recommended to carry out an additional search of suspicious processes manually. Using iKnowProcess you can not only get list of running tasks, but also receive information concerning every process and timely disable harmful programs.

You can check your net connections by the command netstat -an. It is worth mentioning that interpretation of the program’s conclusion needs some background, so less experienced users can use freeware programs, which represent intuitively clear visual form. They will be analogous with iKnow Process Scanner in providing information about processes with the difference that you will see which process is connected with net and through which port.

What else can be done for accurate detection of suspicious programs?

You can inspect some locations in operating system, where suspicious programs and components can hide. There are different programs to check the autoload list, but it’s better to ascertain the system security with one’s own hand.

For manual check you will need a reliable file manager. «Explorer», which is built in Windows, doesn’t meet the requirements, besides it is not designed for quick actions in critical situations. There exist a great number of both commercial and free versions of file manager and one of them will certainly hold appeal for you.

It is worth paying attention to the menu’s «Autoload» entry — there can be stored tags for launching of unwanted programs. You can check this entry directly from the menu and with the help of file manager with address %USERPROFILE%\Start Menu\Autorun (the variable %USERPROFILE% designates the path \Documents and Settings\name_of_user_profile\) and \Documents and settings\All Users\Start Menu\Autorun.

It is also worth paying attention to system registry. The registry editor is built in Windows and can be activated by the command regedit. There are alternative editors like RegHance from Lavasoft (an anti-spyware creator) known for its product called Ad-Aware.

The key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ can also contain records about autoload of unwanted applications.

In such folders like %USERPROFILE%\Local Settings\Temp\, %WINDIR% (\Windows, \Winnt), %SYSTEMROOT% (\Windows\System32, \Winnt\System32) there can be dangerous programs or their installation kits. To check this one should sort contents of the folders according to time and check last created files.

In case of executable files (.exe, .dll) it can be done even with the help of Windows Explorer with request about file properties.

In addition we want to remind you one more time — it’s simpler and cheaper to display vigilance and timely prevent infection and possible compromise of important information than later to try dealing with consequences of computer espionage.

Article Source: http://www.iKnowProcess.com/

Back to the Articles

Articles

• Three steps in solving the problem
• Anti-spyware software review
• What should you know about spyware?
• The ways of spyware spreading
• How big is the spyware threat?
• Spyware in figures and facts
• Strangers at party. What should one know about processes?
• How to detect and remove spyware?
• Spyware and rootkits: concealed threat

Feature Articles

Protect Your PC