This guide will provide you with the means to detect and remove spyware that is installed on your system. Before we start we should define the term spyware. There are different categories of spyware, like adware and malware, that make it difficulty for the user to distinguish between them and select the right tool for their removal.
There is a huge difference between a cookie from a website which tracks your movement on that website / network of sites and a software that permanently phones home and transmits information about the computer, the software installed and the user.
Where does it come from ?
Many users are baffled when they find out that spyware is installed on their system. They have no idea how it was installed and most suspect that a malicious virus or worm installed it.
There are numerous ways how spyware can make it into your system:
1. Software:
Spyware could be a standalone software that a user installs on his system. The software is not labeled spyware of course and tries to decept the user most of the time making him believe its something else he is installing.
The second variation is more common, spyware comes bundled with software the user wants to install. Kazaa for instance has been famous for installing spyware in addition to the p2p software itself.
2. Websites:
Sometimes websites prompt the user to install a component or software before he is able to view the website. This can be some harmless plugin that is not installed on the users pc, like the macromedia flash player for instance which is not spyware, or a active x component that could install spyware on the users pc.
Some websites use security holes to install spyware without a prompt at all making it impossible for the average user to find out where this spyware came from.
A good advice would be to use a different browser than the microsoft internet explorer. Its not a 100% safety measure though. You should never install something that you don´t know about. Better leave the website than installing spyware on your system.
First Look:
Sometimes you can tell that something is wrong with your system without using a program to verify it. It is slower than usual, you see network traffic to a site that you don´t know, a new toolbar appeared in your internet explorer or a webpage loads as the homepage that you did not choose. All of these could have the cause in spyware that was installed on your system.
You could check the task manager and have a look at the active processes of your computer and take a look at the installed software. Maybe this is enough to detect a tool that you did not install. If that is the case you might want to perform a search on the internet for the process or tool to find a solution that removes it again.
You could try to kill the process or uninstall the software but most of the time it is only a matter of time until it will appear again. It´s better to fight the root of the cause.
Good tools that could help you detect spyware are autoruns (lists all programs that are automatically started with windows), process explorer (better version of the process tab of the task manager, more options), Filemon (monitors file activity and shows dependencies) and finally Portmon (shows the systems open ports and applications that use them).
Second look:
If you think that spyware might be installed on your system you should use anti-spyware tools to detect them. No tool is perfect and its wise to use more than one. I suggest ad-aware se and spybot search & destroy for a first scan of the system.
Both tools detect a variety of spyware, ranging from cookies to worms. Just run a default scan and make sure you read the instructions from the homepage and the program itself before removing detected spyware.
Browser Hijacking:
The homepage that opens when you start your browser has been changed and it was not you. If you encounter this phenomena you might be the victim of a browser hijacking. To find out if that is the case use a software like CW-Shredder or Hijackthis to remove the thread and turn things back to normal.
Safety Measures:
1. Install a different browser than Microsoft Internet Explorer, Firefox and Opera are recommended. Use those to surf the web.
2. Keep your system up to date.
3. Know what you are doing. Don´t install suspicious software. Perform a websearch before installing the software.
4. Keep your anti-spyware tool up to date. Perform regular scans.
5. Use an anti-virus tool. (antivir, clam)
6. Use a firewall.
Links that educate:
Spywareinfo.com
Spyware Removal Tutorials
Top 10 tricks causing spyware epidemic
Wikipedia Spyware
[tags]spyware, malware, hijack, adware, ad aware, spybot, remove spyware, detect spyware[/tags]
Related posts:
Scan And Detect Spyware And Suspicious Files In WindowsRun Multiple Anti-Spyware Tools With Hitman Pro
Firefox Spyware Add-On Adobe Flash Player 0.2
Free Spyware Removal Tools
Block Spyware Websites With Inoculate
Spyware Terminator a free antispyware software
Free Spyware Doctor 5.5 Starter Edition
Find out if a process is malicious
