Follow these simple steps and you will be able to identify the threat in no time.
In the field of information and technology, advancements take place on an almost regular basis. Updates on your computer and smart phones are a living proof of such things. Such is the nature of the dark side of this technology as well; the advancements and availability of programmes that can steal or possibly harm the other person. These are the softwares that worry most of us, and out of the many millions – there is a branch of commercially available Bond-style spying softwares to a normal user.
These companies usually target individuals who are fearful of their cheating spouses, and with this fear in mind they’re lured into buying commercial spying products.
If you think someone is spying on you below is information that will help you determine if this is the case.
There are commercially available tools that can help a normal person gain access to your computer without you even knowing. These third-party tools are called remote-accessing tools or virtual networking computing. However, in order for them to spy on you, they need to install this software on your computer first.
Head to the Start Menu and then go to All Programs. Search the list for software like Real VNC, LogMeIn, GoToMyPC, Tight VNC, VNC, or software with similar names are installed. If you find something like this then someone can gain access to your system as long as the software is activated in your background.
However, if the software is activated then (most of the times) you will be able to see its icon in the taskbar. Click on the icons and see where they take you. In addition, if you see something alien to you, then do an internet search and research on what you find.
Most commercially available RAT softwares are usually seen in the taskbar when they run in the background. If the taskbar shows nothing, then you don’t have nothing to worry about.
Firewall & Open Ports
Finding software in the background is the easy bit. However, after checking everything and you still have doubts then check your ports.
The ports are the virtual links via which the computer, shareing information between each other. Thus, if you have spyware on your system then an open port might be active in transferring your data.
You can check this by heading to Start Menu > Control Panel and check for Windows Firewall. On the left-hand side of the Window, you will see the option Allow a Program or Feature through Windows Firewall. This will open another window that will show you a list of programmes installed on your PC. Next to them are check boxes.
The ones ticked are the ones with permissions. The ones unticked are the ones without permissions to connect to the internet.
Check the list thoroughly and search for unfamiliar software(s). If you find something unfamiliar, do a quick internet search before you switch it off.
The step mentioned above is important as it can help you identify and close the connections. But for a lot of times these remote-accessing tools have only an outgoing connection.
For Windows, mostly all outgoing connections are set to ‘on’. Meaning that no connection is blocked. So if the spying software installed on your system only collects your information and sends it to another computer, only an outbound connection is used – it won’t show up on your firewall list.
A way to check such programmes is to examine Transmission Control Protocols, which will show all the connections linked to your computer.
Go to Microsoft and download TCP View. Unzip the file and click on TCP View Application. You will also see a column, Process, on the extreme left of the window. Under it you will see all programmes in operation. Check for the State column; you will see a lot of states, one of them will be called Established.
‘Established’ signifies an open connection.
You need to filter out the information that you don’t understand. Conduct a search to see whether the application running in the background is safe or not.
You can also check columns Sent Packets; this will help you identify the process that is transferring a lot of data from your machine. Naturally, if spyware is running on your system and it is sending large amounts of data to a server, this is the place to see the evidence.
Once you do your Google search about that connection and find that the task sending data is harmful, right click on that Process and select Process Properties. A window will appear containing the Path. Follow the path address to its file and End the Process.
Next, head over to Start Menu to the search bar. Type msconfig, hit enter and a window will pop up. On the tabs you will find Startup, you will find a list of programmes mentioned under the column named Startup Item with check boxes. Find your malicious application and untick it. From there click Apply and OK.
Now run a deep virus scan, which is all written in our article: A Starters Guide to Removing a Standard Virus or a Malware From A Windows Machine.
If you follow these steps, you will be able to identify if someone is snooping on your system.