3 How to detect spy software on computers

securityIf you work in an office, especially in a corporate environment, it is possible your existing computer and email monitoring. Maybe this sounds creepy, but on the other hand it is important for safety reasons.

By monitoring email, for example, attachments may contain viruses or spyware, it can be blocked. In fact, if you work in a corporate environment, you have to assume everything you do on your work computer can be seen.

As ever leaked Wikileaks, intelligence agencies around the world have been doing this for years. And of course, they do so on a scale that is much broader.

Advances in technology in everyday life means spy software is no longer limited to the domain of the intelligence services. The proof, spy software is now available commercially.

Third party software

This software is usually known as remote control software or virtual network computing software (virtual network computing, VNC). Through this software, what you are doing on the computer can be monitored.

The first thing you can do is go to All Programs and see if something like VNC, RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC, and so installed on your computer or not. If one of these programs installed, one can connect to your computer without you knowing it during the program running in the background.

Normally, when one of the above programs installed, there will be an icon representing it in the taskbar. Check all of your icons and see what is running. If you find something foreign, soon find out, for example by doing a search on Google.

Checking port

The first step is very easy to do, even for people without technical knowledge though. Now, if you’ve checked the installed programs, but still wondered if someone was spying on you, then you can check the port on your computer.

Not to worry, this step is also quite easy. Port is a virtual data connection, which allows computers to share information or data directly. So, if there is spy software on your computer, a port could be open to allow the transfer of data.

You can check all ports were open by going to Start, Control Panel, and Windows Firewall. Then click on “Allow a program or feature through Windows Firewall ‘on the left side of the box. This will open another box and you’ll see a list of programs with the check box next to it.

Programs that unchecked means ‘open’, whereas that is not checked or unregistered means ‘closed’. Check the list of these programs and see if there are any foreign program similar to the program VNC, remote control, and so on. When you find it, you can stop it by unchecking the box.

Checking TCP

Checking the port is an important step and can assist in identifying and stopping the spy software. However, in some cases, software spy out bound only have a connection to the server.

On Windows, all out bound connections allowed. That is, nothing is blocked. If the spy software do two things namely the recording of data and sends it to the server, the software uses the connection out bound and will not appear on the list of ports mentioned above.

One way to ensure this is to check the Transmission Control Protocol (TCP). This protocol will display all connections from one computer to another. Sounds very technical? Not really.

To make things easier, you can download TCPView program that displays all TCP connections. You will see a box with multiple columns. On the left side is the name of the process, which shows the running program. You will see several programs such as Mozilla Firefox (or any browser of your choice), Antivirus, and other programs.

Look at the ‘State’ and you will see the process that included Established. It shows the connection open. What you need to do is do the filtering of various types of programs you do not recognize from the process list.

The process is very easy, you just need to do an internet search for the name of the process. The search results will tell you whether the process is safe or not.

Additionally, you can also check column Packets Sent and Bytes Sent, which directly identify the processes that send large amounts of data from your computer. If someone is watching your computer, they have to send the data to a place and you should be able to see it there.