Wednesday 13 January 2016

Are you being spied on?

Are you being spied on

Is something nasty lurking on your system and watching your every move? Robert Irvine reveals how to expose hidden spies and remove them before it’s too late

Detect hidden processes that monitor you


Even the best anti-malware tools, such as Malwarebytes Anti-Malware (www.malwarebytes.org), tend to keep you waiting before they give you the information you want: namely, is something dodgy lurking on your PC or not? It can take more than an hour to complete a full scan of your hard drive (depending on when you last ran one), only to learn that everything’s fine and you needn’t have bothered. If you don’t have time to hang about, try a new tool called SpyDetectFree (bit.ly/spydetect388), which provides you with the answers to two simple questions: ‘Am I being spied on?’ and ‘Am I being monitored?’.


The first question is answered immediately and reveals whether unknown processes have installed ‘hooks’ on your system, which could be used to record your keystrokes and steal your logins, passwords and bank details. The second question takes 60 seconds to answer and looks for processes on your PC that might be monitoring the titles of windows you open. This might not sound scary in itself but, when combined with data stolen by keyloggers, it will tell cybercriminals exactly which sites you visit and how you log into them.

SpyDetectFree couldn’t be easier to use: just run the program and click Check Now to perform the two tests. Don’t be too alarmed if you receive affirmative answers, because the processes uncovered by SpyDetectFree may have legitimate reasons for monitoring your keystrokes and windows. Click Details to view the results and then look up any unknown processes on Google to find out what they are. On our work PC, SpyDetectFree merely highlighted the software that logs us into our office network, so we weren’t overly concerned. If it finds something that worries you, you can use your antimalware program to remove the threat.

Scan for rootkits using Malwarebytes Anti-Malware


Useful though it is, SpyDetectFree is no substitute for a proper scan with Malwarebytes Anti-Malware, even if it does take a while. We’re sure you’re already familiar with this powerful free program, but it’s worth tweaking its settings to ensure it works as thoroughly as possible in detecting possible threats on your system. For example, by default Malwarebytes isn’t set to look for rootkits, which can be used to conceal malware such as keyloggers and viruses. This is because the low-level and thorough nature of rootkit scans significantly increases the total scan time, and may not always be necessary.

If you’re worried about secret spies on your system, click the Settings tab in Malwarebytes Anti-Malware, choose ‘Detection and Protection’ and select the option ‘Scan for rootkits’. However, on the MalwareBytes website, the developers warn that although most rootkit detections can be removed in the usual manner, others shouldn’t be quarantined because “some rootkit infections may have unexpected results when removed” (bit.ly/malware388). Instead, they recommend that if you see the threat ‘Unknown.Rootkit’ in your scan results, you contact the Malwarebytes support team via support.malwarebytes.org for further advice.

Expose and block trackers on web pages


Over the years, we’ve recommended lots of tools that protect your privacy online by blocking snooping ads and invisible trackers embedded in web pages. However, few of them actually tell you which spies they’re blocking (other than providing a total figure), and their all-or-nothing approach sometimes filters elements that might actually prove useful. That’s why we were instantly smitten with Privacy Badger (bit.ly/badger388), which was launched last year by the Electronic Frontier Foundation.

This excellent tool, which is available for Chrome and Firefox, automatically detects and blocks the worst tracking cookies on web pages. Click its toolbar button to view details of the spies, accompanied by colour-coded sliders. A green ‘allowed’ slider indicates that the domain responsible for the cookie is harmless and unobtrusive, while a yellow one shows that the domain needs to track you to display content correctly. A red slider implies the domain is invasive and has therefore been “completely disallowed”. If you disagree with any of Privacy Badger’s conclusions – that is, you want to block an allowed domain or unblock a prohibited one – just drag the slider to the relevant position. The add-on also filters annoying social-media widgets, replacing them with markers (you can hide these, too, if you prefer), and can be disabled altogether on specific websites and white-listed domains. We love the badger logo, too!

Find out what’s running in the background


There’s lots of stuff going on in the background on your PC, most of which is essential for keeping your software and hardware working smoothly. But if malware does get onto your system, there’s a chance that it could be connecting to the internet without your knowledge, leaving you open to hacks, further infections and even your computer being used in a botnet attack. You can check there’s nothing dodgy running in the background using Microsoft’s brilliant free Process Explorer (bit.ly/process388), which tells you exactly which programs and processes are running on your PC, so you can close anything suspicious. Particularly useful is the option to right-click a process and select Check VirusTotal. This analyses the file using more than 50 anti-malware scanners to check if it contains anything nasty. If it does, rightclick the process again and choose Kill Process, then scan your system with your antimalware software.

If you only want to know what’s connecting to the internet in the background, you may find TCPView (bit.ly/tcp388) simpler. It lists all processes that are using network ports on your PC; tells you their local and remote addresses; and details the data they’re sending and receiving. If you notice any unusual entries or behaviour that implies there may be a spy in your midst, right-click the process and choose End Process or Close Connection.


STOP WINDOWS 10 SPYING ON YOU FROM WITHIN



We’ve already devoted plenty of coverage to the ways in which Windows 10 spies on you (and Microsoft’s insistence that it’s for your own good), so we won’t waste space here by repeating ourselves other than to say: you don’t need to put up with it! Since the nosey OS was released last July, plenty of free tools have been created to prevent Windows 10 from monitoring everything you do. These programs save you having to adjust your privacy settings manually and allow you to easily switch them on and off as required – for example, if you decide that you quite like Cortana after all. Our favourite Windows 10 privacy-boosting software includes O&O ShutUp10 (bit.ly/shut388) and Ashampoo AntiSpy for Windows 10 (bit.ly/antispy388), both of which offer nearly 50 privacy tweaks organised into clear categories such as Security, Location and Camera. You’ll certainly feel less paranoid after running one of these tools.