One of the main characteristics of spyware programs is their secrecy. That infected computer, many users realize only after losing confidential information. Not to be among them, pay close attention to everything that happens on your computer. Any strange events, even the smallest, may indicate the presence of the computer Trojans.
Sometimes to find the Trojan helps the message of the firewall that some unknown program is trying to connect to the network. In this case, find out where to find its file and the autorun key. This can be done with the program AnVir Task Manager - it is very easy to diagnose the computer. Run it, open the Processes tab. You will see a list of processes showing their danger and the location of files and keys start up.
Open registry editor: start – Run, type regedit, and click OK. Using the information of the program AnVir Task Manager, find the autorun key. Then open the folder containing the program file and locate it. Now the program AnVir Task Manager and stop process of Trojan – highlight it with the mouse and click "End process". Then remove the program file, and a new startup key.
Many of the Trojans during the work did not manifest itself. To check your computer for their presence from time to time review the list of trusted applications on the firewall, one way of "legalizing" the Trojan is adding a process to the list. Better yet, check out the relevant lines in the registry: HKLMSystemCurrentControlSetServicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist.
To check network connections, open a command prompt: "start" – "All programs" – "Accessories" – "Command prompt"Processes", type netstat –aon and press Enter. You will see the list of network connections. The active connection will be marked as Established. In the column "Local address" you can check the port your computer used for this connection. In the column "Foreign address" is the ip address of the remote computer from which you are connecting.
The Listening status indicates that the program is waiting for a connection. Line of Close_Wait suggests that the connection is already closed. Carefully examine the list of processes, carrying out a connection to the Internet; among them may be the process Trojans.
If some processes unfamiliar to you, find out their purpose. To do this, note the PID process ID in the last column. Type it in the command line tasklist command - you will see a list of all processes in the system with their IDs. Find in this list the desired PID you know the name of the process. For all other information use the above-mentioned program AnVir Task Manager.
One of the most dangerous spyware are keyloggers that can steal keyboard input data – for example, credit card numbers, their expiry date and security code. Many of the keyloggers are detected by antiviruses and firewalls, there are good utilities for their search – for example, AVZ. Regularly check the computer by such programs.
Don't forget that properly designed Trojan program to detect it very, very difficult. So the best way to protect yourself against computer espionage is in compliance with safety regulations. Do not store sensitive data in the clear, better pack them in an archive and put a password. Never keep your browser passwords from accounts, always enter them by hand. For online purchases, get a separate Bank card with a small amount on it or use virtual cards.