How to detect computer & email monitoring or spying software
Posted on August 16, 2007 at 1:46 pm
Make sure to read other posts from the Online Security series!
- How to detect computer & email monitoring or spying software
- How to protect your computer from hackers, spyware and viruses
- Lessons worth learning – How NOT to remain anonymous on the Internet
As an IT Pro, I routinely monitor employee’s computers and emails. It’s essential in a work environment for administrative purposes as well as for security. Monitoring email, for example, allows you to block attachments that could contain a virus or spyware. The only time I have to connect to a user’s computer and do work on directly their computer is to fix a problem.
However, if you feel that you are being monitored when you shouldn’t be, there are a few little tricks you can use to determine if you’re right. First off, to monitor someone’s computer means that they someone can watch everything that you are doing on your computer in real time. Blocking porn sites, removing attachments or blocking spam before it gets to your Inbox, etc is not really monitoring, it’s more like filtering.
Computer Monitoring
So now, if you still think someone is spying on you, here’s what you can do! The good thing right now is that neither Windows XP SP2 nor Windows Vista support multiple concurrent connections while someone is logged into the console (there is a hack for this, but I would not worry about). What this means is that if you’re logged into your XP or Vista computer (like you are now if you’re reading this), and someone were to connect to it using the BUILT-IN REMOTE DESKTOP feature of Windows, your screen would become locked and it would tell tell you who is connected.
So why is that useful? It’s useful because it means that in order for someone to connect to YOUR session without you noticing or your screen being taken over, they have use third-party software and it’s a lot easier to detect third-party software than a normal process in Windows.
So now we’re looking for third-party software, which is usually referred to as remote control software or virtual network computing (VNC) software. First, the easy thing to do is to simply check in your Start Menu All Programs and check whether or not something like VNC, RealVNC, TightVNC, UltraVNC, LogMeIn, GoToMyPC, etc is installed. A lot of times IT people are sloppy and figure that a normal user won’t know what a piece of software is and will simply ignore it. If any of those programs are installed, then someone can connect to your computer without you knowing it as long as the program is running in the background as a Windows service.
That brings us to the second point. Usually, if one of the above listed programs are installed, there will be an icon for it in the task bar because it needs to be constantly running to work.
Check all of your icons (even the hidden ones) and see what is running. If you find something you’ve not heard of, do a quick Google search to see what pops up. It’s usually quite hard to remove something from the taskbar, so if there is something installed to monitor your computer, it should be there.
However, if someone really sneaky installed it and nothing shows up there, you can try another way. Again, because these are third-party apps, they have to connect to Windows XP or Vista on different communication ports. Ports are simply a virtual data connection by which computers share information directly. As you may already know, XP and Vista come with a built-in Firewall that blocks many of the incoming ports for security reasons. If you’re not running an FTP site, why should your port 23 be open, right?
So in order for these third-party apps to connect to your computer, they must come through a port, which has to be open on your computer. You can check all the open ports by going to Start, Control Panel, and Windows Firewall.
Click on the Exceptions tab and you’ll see see a list of programs with check boxes next to them. The ones that are checked are “open” and the unchecked or unlisted ones are “closed”. Go through the list and see if there is a program you’re not familiar with or that matches VNC, remote control, etc. If so, you can block the program by un-checking the box for it!
The only other way I can think of to see if someone is connected to your computer is to see if there are any processes running under a different name! If you go to the Windows Task Manager (press Cntr + Shift + Esc together) and go to the Processes tab, you’ll see a column titled User Name.
Scroll through all the processes and you should only see your user name, Local Service, Network Service, and System. Anything else means someone is logged into the computer!
Email & Web Site Monitoring
To check whether your email is being monitored is quite simple. Always, when you send an email from Outlook or some email client on your computer, it has to connect to the email server. Now it can either connect directly or it can connect through what is called a proxy server, which takes a request, alters or checks it, and forwards it on to another server.
If you’re going through a proxy server for email or web browsing, than the web sites you access or the emails you write can be saved and viewed later on. You can check for both and here’s how. For IE, go to Tools, then Internet Options. Click on the Connections tab and choose LAN Settings.
If the Proxy Server box is checked and it has a local IP address with a port number, then that means you’re going through a local server first before it reaches the web server. This means that any web site you visit first goes through another server running some kind of software that either blocks the address or simply logs it.
For your email, you’re checking for the same thing, a local IP address for the POP and SMTP mail servers. To check in Outlook, go to Tools, Email Accounts, and click Change or Properties, and find the values for POP and SMTP server.
If you’re working in a big corporate environment, it’s more than likely that the Internet and email are being monitored. You should always be careful in writing emails or browsing web sites while at the office. Trying to break through the security also might get you in trouble if they find out you bypassed their systems! IT people don’t like that, I can tell you from experience!
[tags]detect spying software, detecting spy software, detect monitoring software, remote spying, anti-spying[/tags]
» Filed Under Computer Tips
Related Posts
- How to setup an FTP server in Windows using IIS
- How to access blocked web sites from school, office, or work using JAP
- How to setup Remote Desktop on Windows XP
- How to connect two or more computers to one monitor
- Vulnerability Tool – Check for open computer ports
Comments
114 Responses to “How to detect computer & email monitoring or spying software”
-
Pingbacks
-
Monday Morning Links Serving: The August 20th Edition | [Geeks Are Sexy] Technology News Says:
[...] -How to detect computer & email monitoring or spying software “However, if you feel that you are being monitored when you shouldn’t be, there are a few little tricks you can use to determine if you’re right.” [...]
August 20th, 2007 at 4:44 am
Pingbacks
-
5 ways to increase Internet traffic to your blog or web site Says:
[...] site, I was able to get well over 50 backlinks. Of course, I had to write something good, such as how to detect if someone is spying on you and how to create a locked folder in XP, but it really paid off! If you’re not a tech blog, [...]
September 3rd, 2007 at 12:45 am
Good review of the more intrusive monitoring methods, but it just scratches the surface. Medium and large organizations typically have all the tools they need to perform very thorough monitoring of web and email traffic without ever touching or directly connecting to your computer because they control firewalls and routers through which internet traffic must pass. Not to increase the paranoia level of your readers, but I would advise everyone who works in a large or medium-sized organizaton to carefully read the organization’s internet use policy. Most corporate internet use policies explicitly warn that employees that they have no reasonable expectation of privacy when using corporate IT resources and that any computer use may be monitored. As the information security officer for a medium-sized organization, I would advise readers to assume that all activities may be monitored and act accordingly. Wait until you’re on your home system before emailing or browsing to anything you would prefer not to explain to your boss.
Hi John,
Good point. I wanted to make it clear though that I was trying to focus more on someone actually connecting to your computer terminal and watching everything on your screen as you do it, as opposed to simply capturing all the data that comes out of your computer (email, web sites, etc).
Definitely, there is really now way to get around web and email monitoring at a large or medium sized company, they have way too many checks in place, but usually no one really connects to an employees computer and watches what they are doing.
If you bypass the monitoring, be careful, cause the first thing they’ll think is that you are covering something bad you’ve done…
Absolutely mirror the first comment. Personally, I’m trying as hard as possible to setup things like SSH tunneling out of unfriendly corporate and educational networks. Encryption is another important component.
Thanks for the information, it was helpful. But what about Teredo being selected under LAN Settings/Services? Is that necessary?
Any advice for those of us on a Mac?
I’m trying as hard as possible to get some movies edited.
“If you’re not running an FTP site, why should your port 23 be open, right?”
Correction. FTP is port 21.. Telnet is port 23.
I had an IT guy just think that I tried to bypass webmonitoring once and he was not happy. BTW, don’t use putty to SSH into your computer at home. SSH can also be used to tunnel through proxy servers, which is what I was accused of.
freak3dot
Wanted to say thank you. I was able to track a remote vnc on my computer thanks to you. I thought my friend was monitoring me it turned out to be true. I now know he was watching me in real time. Also HE is more than likely a reason I was canned from my job. I confronted him but claims I’m paranoid. I have saved your info for future reference and will advise all my friends of your info. I think you should write more stuff on administration passwords/guest users on one’s computer. You see we get friends to do installs we don’t know what they are doing.
Thanks
Haha. Information is good but if really care about security would you not use Microsoft in first place? Thanks to it darkhats have so many zombie networks now need GUI tools to manage huge supercomputer clusters! Trojans have not handy system tray clues either! Anyway even Sony can install root kits now ok.
At work, microsoft has tools for your admin to watch and control the PC quietly (and remember also NSA backdoor still). Your work neighbor can just look over the shoulder.
At home, aircrack your wireless keys in 10 mins – some longer for WPA. Swap your router ESSID for mine and I can sniff all you p0rn traffic and bank account from my car!
Even if you not connected to network monitor can be read thru a wall.
Best thing is not to worry and be just good boy and girls.
Quick facts. 1 – Wrote a kind of story 10 years ago and due to approach to give evidence at the Cole Inquirey into the AWB in Australia 12 months ago, decided to get the story out. 2 – Techno mate of mine threw up this website for me and after 6 months pulled most of the content off due to approach by production company to put it into print and also do a doco. 3 – Problem was I had 2,500 people on my mailing list by then, so I’ve left up a few pages until everything comes out in December. BIG POINT number 4 – My office computer, home computer, laptop and even phones have been causing me grief. My ip account shows uploads of 300 + meg a day, when I average 2 meg. I’ve cleaned them all out twice. 5 – I use visual route to trace site hits now and then, and a literally get 30 a day from big brother – which is fascinating in itself. I never placed all content on the net, but backraces are revealing knowledge of material obviously sucked off my computers. 5 – lately the Chinese are really hitting the site a lot.
I really think these guys can just bypass any damn firewall they like. NSA chip or not.
port 23 is not ftp, it’s telnet.
I’m not a technical person and am only interested to know a little about IT. This article is really interesting & easy to understand but, GOSH, this is scary to think that anyone can peep in my computer.
i do not believe it was the author’s intention to provide a detailed network and computer security manual on how to detect intrusions. however, maybe it should be noted that there are several basic methods of access: 1) if i can touch your computer, you are hacked!, 2) if you access the internet 4 email or just surfing, your material are on somebody else’s computer, 3) if i have line of sight of your keyboard, i can steal your passwords > use video like in atm frauds. On the 1st mentioned category: i can duplicate you hard drive and recover all your deleted stuff and take my time to decrypt passwords and contents. i can attach a hardware keylogger to steal all your keystrokes, incl passwords. over and above the nice tools i can install and settings i can change on your system, i can run a few freeby password stealers and be off in less that 1-min with all your access codes, internet history, etc! what is the solution? be a good boy and dont do naughty things and use industry approved software tools to protect sensitive data. cyberx
a great logical way to keep your own eyes on your PC……keep up the good work…
?? are you serious man? This is such a noob approach. What if your work installs the application as a service, or runs it as system?? The best way to hide your traffic is through a VPN like hamachi, and ssh.
Umm…. People amaze me of course are lives are being monitored.. We have always been watched closely by nerds geeks techys the goverment terrosist perverts, I’ts easy to hack someones system I know that all you older folks think that were spy free, WAKE UP! just better hope you don’t piss off any nerds in cyberspace… dont use the computer at WORK AT ALL!!!! NOT for personal use, because they can recorder all user names and passwords, record the information and use it against you or worse fire you. OF COURSE THEY WIL KNOW IF YOU BYPASSED THIER SETTINGS, you don’t know if theyre watching you in real time or just recording what you do , you dont know and I would not take the risk… I seen a woman at the bank sending and receiving personal emails on the bank computer, not smart , not smart at all.
dear
i visited this web first time & i glad to say that my searching is over. i like this web very much & i forward the link to my all friends
now to the point i want to be a security officer who restrict the persons who hack web or e-mail contain.
so i have to know how this things happen.will u teach me how to hack and restrict web or e-mail contain(passwords)??
i will wait for ur reply
good bye
I receive e-mails from good friends, yet they sometimes don’t designate me in the TO: Line, use Un-Known Reciepient! Is this for a reason of privacy or what?
Thank You.
well i just want to know how or if some one can go in my pc if i use thier wireless connection..and if so how can i do sumthing about it .. PLEASE HELP >>>>ASAP ASAP
I’m concerned that my “live-in” is tracking me. We have Verizon FIOS and are networked. I have firewall running but I heard his computer working last night when he had been in bed for hours and I was doing internet searches…any ideas?
Basic, if you are using someone else’s wireless connection, then you are always at risk because you’re on the same network as they are. There are too many ways for them to access your computer to write about here, but it’s rare unless that person is computer savvy.
Mary – What do you mean by tracking you? Are you talking about tracking your Internet activity? That is possible if they were able to use your computer. I would not worry about their computer running, that might be something else. To snoop on someone’s searches, they need to have software installed on YOUR computer, so make sure it’s locked when you are not around.
Be aware of this then:
snoopstick.com, undetectable if you believe their words.
I created a nice document to track info and someone in the IT dept hacked my comp, gave it to management and took the credit for it. The doc was nothing, stupid little spreadsheet but it kinda bugs me that someone has the audacity to do that. especially IT who is watching everything you do to make sure you’re doing your job.
how do I create the locked folders?
How ca i detect if someone has access to my mails via my email adress password.
How can you tell if a significant other has placed a monitoring software on your PC? I know it is an odd question but I am getting a lot of questions that are a little too out of the blue. Thanks in advance for the help.
I THINK SOMEONE IS SPYING ON ME THREW COMPUTERS CAMS, CAN YOU TELL ME WHERE THIS COULD BE!!!!!!!!!!!!!!!
PLEASE SEND BACK ANSWER TO anthonyegooding@hotmail.com
very important
Was wondering if anyone can help by explaining something.. Can anyone one put some kind of software on your computer without you knowing… Can co-workers plant something in your computer to take control of your mouse while you are working? Can they somehow speed up your computer? I have never before experienced it until last year and this year… I believe some co-workers are messing with me because when something is not working right, I hear snickers. I have informed a supervisor and they tell me there is no way that anyone can control it… I truely don’t believe that and was wondering if you can help me so that I can perform my work…It does get frustrating and it happens everyday.. I have changed passwords but they seem to get into my computer and control my typing and my mouse…I don’t know much about computers at all and need some advise on how to resolve it… I had an issue last year that arrived and was told I was paranoyd… I know that’s not true and I believe my co-workers are trying hard to get rid of me… Please help me!
Question….can a person install a program to monitor my computer by just me opening an email from them? And if possible would they be able to create chats or emails from my computer? Thanks for your response.
Is there no program that I can just install on my computer & that takes care of the spying business? All these technical terms are too much for a poor soul like me but I’m so depressed case I know I’m being watched.
I’m wondering how to tell if my computer is emailing my passwords and other info to someone. McAfee found a pws trojan the other day and deleted it, but it had been there for close to two months. I scanned all my files and everything was good. Then several days later it found a copy in my restore folder. So again I deleted it. I wonder why it took so long to find it and why it didn’t find both at the same time.
Anyway, I use Incredimail as my default mail client. Every so often, when I open it, it says Incredimail is not my default mail client. I live alone and no one else uses my computer. This has been going on for several months and I didn’t use to worry about it but now I’m paranoid that the two are related. It happened again this morning. Is this normal? Should I be monitoring my computer with something other than McAfee?
Thanks a lot.
Computer monitoring is in my opinion an invasion of privacy unless sanctioned by a law enforcement agency. IN NZ It is illegal to record a phone conversation without legal authority or the other parties consent. Following this line of thought therefore what is the difference. – Remember unless a forensic copy of your hard drive is taken, any so called evidence can and would likely be be thrown out of court. Don’t use work computer for anything else but work.
And can the tool block the email spying software?
People should be aware that many adult sites which allow you to interact with the models can see your files and even your name. One site ,mentioned the name of the person who owned the computer and his name is preety unusual. Stay away from interactive sites with cams even if you don’t have or use a cam they can see you, One site made fun of something on his machine that they could not have possiably have guessed at unless they can clearly see it probably all live chat including ebay and any company.When you install active x for youtube or anyhting like that you are being watched. don’t allow cookies or anything. when you make it inconvient for them by keeping your internet securiyt up to the top even if you can.t download anything they won’t see you so easily
also check you W-lan if it’s encrypted (and a WEP encryption (the thing with a 13-diggit-pass) is NOT secure, it’s possible to crack it in less than 2 min)
Hi,
How would I find out if someone has install one of those spying or monitoring program in my PC. I suspect that the program is called System Surveillance Pro 5.5. This particular program seems to be able to send via email all my activities I do with my PC (emails, website opened, keystrokes, screenshots)etc. Thank you so much for the help.
I have been a victim of a hacker who made a copy of my apartment key and installed a “I Spy” in my computer. I detected it because my emails were read before I even had a chance to open them. I was able to follow your instruction but when I go to tool, I can not locate any email accounts. Maybe I am looking the wrong way, can you help? I believe that the “I spy” is still there because I was just in a site and a message came up informing me that it was detected. Another think, would you recommend that I take my PC to a Best Buy and have it checked. Please advise. Thank you.
thanks for the info guys…
Today I noticed that while I was checking and responding to an email on yahoo that my mouse began to move on the page without me actually touching it. This surprised me!!
I have a person who has had complete access to my computer by way of setting it all up-adding/deleting programs–i am not a computer techie and therefore have no idea about a lot of things when it comes to computers. I just want to know if there is any way to find out if this person is ableto log onto my computer at the same time as me.
Also, a few months ago when I was having problems with my computer and he was trying to fix it he was able to figure out my password to yahoo without me having given it to him–he said he just figured it out but I was a little suspicious and changed my password. HOw easy is this to do?
My friend informed me today that if he has my IP number that it is possible for him to log onto my computer when I am on. Please tell me if I can prove this and how do i get back my privacy?
I have windows xp…that he installed for me.
Can you block spytech reatime remote spy with the above methods?
Hi guys
I share a network connection with my older brother who is the admin of the whole network..in which my younger brother uses is well…
I feel like i been spyed on dont no why just have that feeling….i dont trust him….
i installed spybot….i have firewall….i have eset security virus scanner….
i know he knows when im online….all he does is type the ip address in the web browser and a whole selection comes up…i only court a eye on it……
anyways when i go to show me all network folders on this computer i have personal folders that come up…and i cant delete them…..
is there anyway of findout if his spying on me…..i just like to have my feedom..as i also work from home its not nice knowing you are being watched……………….
This was an extreamly good review best one ive read on the net. It turned out that my my neighbour was monitoring my computer. I had this feeling because it always use to go slow and sometimes the mouse jerked and did its own thing. Must have been him accidently taking control. Anyway thanks very much. Could you also do a review on the opposite. Have you got any monitoring software that you would reccomend that is either free or fairly cheap. Thanks Phil
I checked my computer and noticed an icon in the task manager that said UPnP. So, I clicked on it to see what it was and a dialog box came up displaying different connections…it looked like something you would see under Network Connections or My Computer dialog box. As this dialog box displays I notice a connection with the same name of a guy that works in the office…the very one I thought might have installed something on the computer. However, as quick as a flash, the dialog box changes to display completely different information. I look at the task manager and the UPnP icon is no longer there. What does this mean? What do I do?
I’m not worked about who is watching me, I just concerned that while I am working in some applications on my computer for my job it appears that my computer is constantly locking up. Things that I type suddenly disappear, the pointer moves when I haven’t moved it. I am concerned this is a method of harrassment to an extent. Are you aware of similar activities reported in the past?
Should I have an exception in my Windows Vista Firewall checked called SCMP? I can’t seem to find out anything about it.
So this is good for the corporate world, but what about finding out if your mate is spying on you. Will these methods work with the new monitoring software that is out now b/c I realize this was originally posted a couple of years ago?
how do i know if someone is logging my conversations through messenger?
Once this guy told me that he installed something on my computer by hacking into it, and that he was spying on me from his house. He said he had logs of all my chats and what not. He then said sorry and took it all back, and was nice again. Recently, he go angry at me again. I now have a MAC but is it possible for someone with a PC to spy on someone with a MAC? I don’t have much security on this.
Hi, I am currently in divorce proceedings with my husband who is a network engineer who works for a large corporation so to speak and is in charge of their security and networking issues. I believe that he was cheating on me with several of his female co-workers and the divorce is not final yet and he has already moved one of his ex’s into our home. He would constantly tell me where I was at when we were together even if I just went for a drive to get away from it all and no one knew where I was.
My cell phones I use a prepaid nokia and samsung and try to change them as often as I can. I believe that he is currently monitoring me now. How can I protect my privacy?? Any help would be GREATLY APPRECIATED!! When I tell my friends what he is doing they dismiss it as not possible. I have helped him work on several projects in the past for his employer and I know that it is so totally possible and easy for him to do.
I am not very technical but I am intelligent and I do learn very quickly. The average “Joe” would never believe how someone with technical abilities can mess with someone’s life. I Really Need Someone to Help me with this that Knows what they are doing and what I am talking about.
Oh, wow I can’t leave this website. My eyes just keep reading your articles, Aseem. Good job!
My employer intentionally put softactivity monitoring software on my machine and others. I found where I could uninstall it however it is password protected. I can’t find the exact process to end it. I also found where all the screen shots are stored on the client machine. Spybot doesn’t detect it and neither does malwarebytes. How can I uninstall it and get rid of it – I can put it back when I’m done checking my personal bank account on my break which I think my boss has no business seeing my bank balance. Yes I can refrain from checking during business hours but it’s the principal of the thing.
I just found out today that my dad was having his friend watch my computer for him, and I didn’t know what to do because I was having trouble with spyware even before that, and then I found this article. Using this article, I was able to go to Control Panel, then Windows Firewall where I found weird software and blocked it. Thank you for your helpful article!
Good information for people being monitored.
But how to monitor emails? I want to monitor my employees emails for security reasons. Is there a free solution?
mkay. i was wondering if universities monitor personal emails like they do in the corporate world. i understand school email, but again, i was wondering if say my yahoo mail could be read? if so, is there anyway i can change that? bc sometimes my boyfriend can send some raunchy emails and i don’t exactly want everyone to know that! thanks!
Security Shield 2009 also done this job well!!!!
Key Features : Virus, Spyware and Adware Protection;Personal Firewall;Automatic Daily Updates;Parental Control;Root-Kit Detection;Spam Filter.
111download.com/product/security-shield-2009-total-internet-security.html
How can I detect if someone has access to my mails via my email adress password.And can I detect when and where(place) he made access to my account? Can I know the servers adress, phone number via which the access has been done.
Thanks for all the tips and advice about what to look for when we are trying to find out if our computer is being monitored, etc. Very, Very good information. I appreciate you sharing your advice with everyone.
Regards, LR in TN.
ok, i have a real problem. recently my father has been monitoring my network acess and its gotten to the point where he will actually take control of my keyboard and mouse while im on AIM and actually talk to my friends while he is at work. he work for a communication company called cavium. he picked up lots of info and how to on network monitoring. i now have to walk to the public library just to get some privacy to so much as check my email. i just need to know how i can confirm it and end it.
I was on facebook chatting with some one and seemed to have gotten into my files. She seem to know things about me that I didn’t tell her. Could she have done this and how?
How do I prevent this from happening again and do the same back to her, how can I do that?
thank you so much for the information. However, what if the person you don’t trust is on the same network and owns the router?
A few useful tips.
The built-in remote desktop can allow another user to monitor your computer WITHOUT locking you out, and even when it does lock you out it only tells you your own username.
Useful tips! However it’s too complicated for some who are computer illiterate. We apply the employee monitoring software in our company. It can record all the online activites of staff.
pc-remote-monitoring.com
Hi, am so glad to read your tips. I was able to track down if someone is connected to my computer by clicking altogether SHIFT,CTRL and ESC …I actually saw all my names as a username but there were 2 image name with anonymous usernames are they could be my intruders? Because it happened many times to me that my printer is processing alone even without me touching it. If they could be my possible intruders what can I do to remove them away … I have my wireless network set up to WEP. Could you help me a tip how to secure WPA with my windows vista? Hope you can be of help … thanks ..
Hi, it’s me again as an addtional to my first comment can you tell me what is this csrss.exe? This is one of the two image name with anonymous username I saw in my Task Manager? As I search it came upon to me that this is like a trojan who allows attackers to connect to a computer and steal passwords and so on and on. How to delete it or is it enough to delete it to keep me away from intruders? Please help … Im really experiencing lots of weird troubles in my computer despite I have my anti-virus, firewall on and WEP secured. Thanks …
Hi Bee
I dont know much about csrss.exe but heres how to setup WPA.
First, you have to log into your router administration page. Mostly, it has network address of 192.168.1.1 and can be accessed from a browser. Enter your login details and look for something like “wireless settings”. There you should be able to select WPA. Select WPA-PSK [TKIP] and enter a LONG passphare. The longer the better. You could even select WPA2 but your hardware has to support it. Mine doesn’t.
After you have setup WPA on your router, you have to connect your computer to it. On Vista, right click on the network status icon in the system tray on task bar and select “connect to a network” and select your network from there. It will ask you to enter the passphrase that you set in the router configuration, enter it and your done!
You can disable remote desktop.. Why did you not mention that? My computer > Properties > Remote > uncheck all boxes
@bee:
csrss.exe is part of Cryptographic Services…http://www.theeldergeek.com/cryptographic_services.htm. But csrss can also be a trojan, it really depends where the file is. (windows\system32). That first google search made me laugh.. “this file is a trojan so click here to run a free performance scan to optimise your cpu, RAM, etc.”
Here is the wikipedia version of csrss:
http://en.wikipedia.org/wiki/Client/Server_Runtime_Subsystem
what if there is no Network connection ?? what if the spy software is running silently in the background recording every click of a key-board and then someone goes into your computer and watches what you I’ve been doing – everything? how do you detect that?!
I am no longer admin of my computer. I cannot change seetings or delete anything. IT guys can’t either, Its happened to every computer I have had here or at my business. I know someone has been watching me for a very long time and know who has been doing it. A manager I fired because I found out he was stealing from me and had opened an office just like mine. No one beleived me at the police dept. FBI , Ive lost millions of dollars in revenue because he has stolen my clients from me my leads etc…. I am so lost and no one to turn to for help. Who do I go to to have check out my computers that knows what you are talking about. All the things mentioned in here I have had on or done to my computers. They all say Im crazy .
@Sandy: Thats really sad to hear. Hope you get back to business soon mate! And this time, don’t let an employee take control over everything.
Is there software that you can install on your computer that tracks any other program installs silently? Thanks.
To SANDY:
I’ve been in a situation similar to you. The people who are saying you are crazy is either lying to you and knows you’re not crazy, or they are so naive and computer illiterate.
The best advice I can give you is to start reading and learning on your own how to deal with the problem. Read all you can find on the subject. Sometimes, you can’t trust no one but yourself….and have to just roll-up-your-sleeves and do it yourself. You’ll need a good website or book that is a “dictionary of computer terms” to keep by your side as you read….to help understand what you are reading. But you can do it.
It doesn’t take a brain surgeon. But it is a headache. Reading, determination, and lots of “how-to” websites will take you a long way. By the way, you are not crazy. Best wishes.
I found your blog on google and read about 2 of your other posts. I just added you to my Google News Reader. Keep up the great work Look forward to reading more from you in the future. With all best wishes
It was really very very usefull, thanks. But I have a problem. When I get to Control Panel – FireWall – Exceptions, I see the programs like Desktop Remote and RemoteDesktopVerbindung also Remoteunterstützung, I can uncheck it but it doesn’t let to block it and when I try to uninstall from the Start-Menu bar, it says “Waiting for confirmation from the main user”. What can I do and what is the problem? I know who is the user. It’s my aunt, I use her Lap-Top for years, so she has it. She lives just one floor down to me. Anyway. Try to e-mail me, thank you. h.haris7@gmail.com
Can my company see the search that i have done on my personal laptop using thier internet in the office? also does it get logged or in history,, how long does that last?
Run a proxy.
Also , there is some options in the Windows Xp something like “Allow remote connection to this computer”. Always keep this unchecked.
Somebody please provide details on this ..
What I am doing tonight with my computer, the next day in my office some people know what I have done. Let’s say about my yahoo messenger, where did I sent mail, what I sent, my facebook account etc. I am tired of changing my password all the time. Still I can not stop it.
I am not sharing my office net work at home. Once I gave my computer to my network administrator to setup my office mail for half an hour. So, he knows my lan ID Mac ID.
Please let me know how can I stop that…..
Can you email me a program I can download that will detect, block or track an invading hacker who has penetrated my computer for the purpose of installing a remote management tool and to take control of everything that I do on this computer? If there is a cost to do this, tell me how much and perhaps you could send me a disc that I could download myself, when the computer’s internet is disconnected so I would have privacy away from remote eyes during the process? I have tried 27 different types of anti-virus/anti-spyware to keep this individual out, and so far nothing has worked. This has been going on for the past three years and I am at wits end. Can you help me solve this once and for all?
Great piece of information! Hopefully it’ll help be detect any hackers or spies!
i totaly believee everything that you, and all the other users are saying. I was hacked for oover three months or more while i was on facebook using the family links and were related programs.It cost me over 1400 to fix. I saw the hacker connected to my computer eventualy, he or she was taking my files, even taking all my emails in the mail folder. This was scary to say the least. if you would like to email me ill tell you all about it. You would find it very interesting. I would never use FB in my life, after what I learned.
I have followed all of the steps aforementioned in the article. However, I went to disable a start up program and stumbled upon a program that I did not recognize. To make my paranoia intense is the program is from an Apple Computer. I do not have any needs for any Apple/Mac software on my windows laptop and to make matters worse I cannot disable this program. Is are there any steps that I can follow to disable/remove this program from my laptop?
Thank you,Thank you,Thank you. I am an 83 year old computer novice dummy! {And love it!} My Son has been trying to teach me, but to no avail. I grew up READING everything I could get my hands on, from trash to classics.
Perhaps that is why I gained more insight in 3o minutes reading your explanations, than 5 months of the verbal same from my son. THANK YOU ONCE AGAIN.
I think my wife installed an email spy on my laptop. Will the steps above detect it? If the steps above and detect it, but don’t does that mean it’s definitely not installed or is there email spyware out there that can be installed without being detected.
Just FYI, my wife is no IT specialist, so it would have to be something she found online.
Is it possible to know if someone is tracking your IP Address during a chat? How to monitor this?
everytime when i use to sign out from my mail account a window opens saying “you are currently signed out but someone enter from the same browser, to ensure safety you have to log in again”.
and sometimes my system hangs when i am wisiting websites and sometimes whole pages just automatically disappear right in front of my eyes. Is my pc being monitored? please reply soon.
my internet always shows busy, the green light keeps blinking, where does it send the data?
I have had just about anything that can happen to a pc happen to mine. I was also accused of being paranoid and crazy. I had trojans, viruses and outright hacking done to me before most people even knew what they were and long before the multitude of antivirus, etc. programs out now. I have learned alot due to attempting to block them out.
On occassion, some files weren’t erased, and I was able to track hidden password protected path to a porn site in my business name. I got too excited, and had it shut down before I looked at it. I always regretted that and have also realized that it probably was reopened within the hour in another place. I’ve had someone go online and play my game on a game site while I was on and playing. I got the error message and the frozen screen while the intruder continued to play my games.
I’ve had artwork missing, deleted files replaced, 3 layers to my trash (2 of which files were hidden and I had no access. It goes on and on. There is no truly safe point in computing. It is an ongoing struggle to preserve your computer’s and your own integrity. Be vigil, back up everything in more than one media (flashdrive, cd, dvd, external HD, etc.)Don’t put anything on a computer that has access to the net. Keep one computer for those sorts of files, and one for the net.
I am finally coming to that point myself. Once I realized there is no way to be able to stop a really savvy hacker, I accepted the fact that expensive or not, it is worth having a desktop and a portable of some sort. Keeping my work on the one internet free.
There is one or two things I question on this pc. In the registry it shows that things are being auto copied to excel in office 11. I had trial tested office 11 suite, but it ran out and I had removed it. Now the program is installed, and the 2003 suite that was bought and I always use, only has an icon in the start menu and is not listed in my programs folder. I can run it, but the registry uses office 11.
The thing that I found in the effective permissions master list in the advanced section of the security tab, is the guest icon has a down arrow in a box attached to the ligit guest icon. I’ve never seen one like it before, and Microsoft has no idea what it means. Usually the groups, users, or others that have active permissions are tagged with the computer name. That usually included The SYSTEM account, but this time it is not tagged with any computer name. Also, the EVERYONE account has active permissions, and also has no tag. It appears to me that someone may have found a more suttle way to access my computer, and track everything I do. I didn’t find the usual signs of compromise,however, it still feels like it may have been. There are quite a few other things,but it would take too much to relate them all.
I will say that to do a search is not reliable. I have done so for things I know for a fact are on my pc, but searching finds nothing. I don’t know enough about the registry to pinpoint where the controlling info is and how and what to change the settings to. Could there be something embedded in pictures (which appear to be referenced for use by files) such as java or an applet?
If anyone can give an explanation for these, or a suggestion as to how to uncover possible super hidden files, I would appreciate it.
respectfully,
quicksandymurray
You sure get a lot of response, I read and understand how many of these folks don’t have alot of knowedge about hacking and how to control it. There are many free utilities people can use to try (notice I said try)to control others from doing this. I beta tested VNC from Bell labs when it was first released and I’ve been in the business for 30 years. Anyone nowadays that wants to do these things, and we know there are lots of them, makes their footprint on your pc invisable, the popular way now is through something called a rootkit. Do properly most of the antivirus programs sold can’t detect them.
There are some really good people trying to help this; I recommend some steps that won’t cost you anything. 1 online scanners are good for the first step; microsoft saftey scanner, bitscanner online are two. 2 download clamwin from sourceforge ( only from sourceforge ) and set the sceduler up to scan daily for 1 am ( I like this one because of the built in rootkit scanner ). Also download and install Microsoft security essentials, again setup the scheduler daily for 4 am. These aren’t the best out there but they are free and will provide a minimum of security. 3 turn off some of the back doors on your pc, rclick “my computer” choose properties in the drop down menu, there should be a remote tab at the top, uncheck the “allow remote assistance”
the other advice here about firewalls is valid, the rule of thumb you should follow would be “close everything and only allow what you want”. these steps should help you out and the scans will pickup any of the spyware/malware that is on your pc…..hope this helps
I think I have just discovered that my personal computer is being monitored by the person who I got the computer from and set it up for me. A friend. What can be done about this and how do I make it stop? Surely this is not legal….any help would be appreciated.
how can i tell if i am on a mac? i have the little binocular icon on the top right hand corner of my screen, and i always thought that was for remote desktop viewing. it’s not always there. i just noticed it today. and i have been suspicious that someone has hacked into my facebook, too, so this just made me more suspicious.
what to do??
While many of you have mentioned strange monitoring or your mouse moving at random times I wanted to add something just in case anyone still reads this post. There are software applications that can be installed almost invisible that allow another person to control a computer. Some schools use this type software to control computer labs and classrooms. The software can be changed for hacking use if someone knows what they are doing.
Hi, Thanx a lot first of all. I have learned a lot from this as I am not a Tech person.. well I came to this site as ” Norton History shows ” Unauthorized access logged”, Open Thread..just after the time I log out from the system.. it also shows that i has blocked intrussion from 202.56.230.6 and some times from 202.56.230.5? what does tha mean is my system being hacked? I have checked every option mentioned by u. Can u help or let me know who can help? could it be the internet service provider?
Thank you so much for your honest to goodness desire to help – your website, your follow up responses to questions regarding the informative articles you post – very classy, and very appreciated – God bless!
Retired (medical) IT Consultant, Australian Capital Territory.
So in my long retirement, I’m fairly expert on the above issues.
1) Anti-virus, keylog, w-lan, root-kit criminals are alays at least a few steps ahead of the do-gooders, paid & unpaid. The famous brands are like everyone else: taking at least a few days to outwit the vandals & criminals.
2) 27 A-V programs … that does not protect you from the more common tricks.
3) Work or home, use a USB-stick with a USB version of Linux; it works on Apple & Windows computers. Beginners might choose “PCLINUX OS”, since it is fast simple, easy, flexible & reliable.
4) Most Linux operating systems have the free-ware version of Microsoft Office: “OPENOFFICE”.
5) If your boss or colleague is trying to snoop, or steal your work, save the data on your USB-stick, and perhaps encrypt both the stick and the data files.
6) Apple & Windows at work/ home can access the USB-stick, if you know the password(s) for it.
7) OpenOffice has it’s datafiles far better than anything from Microsoft. Stay with that. When you need to show others, it is very easy. Run Powerpoint presentations, etc directly off your USB-stick. Or convert it so that others can read it easilt with whatever standard (low-grade) software they might b using.
9) There are so many versions/ brands of Linux (generally compatible with each other), that the criminals/ pirates won’t be able to devise breaking your privacy.
10) National governments & professional investigators everywhere are watching ALL internet traffic. Be open, honest, transparent & accountable, very clearly. The Australian secret police have already put me away for a non-crime (1975-81).
11) W-LAN: CHANGE IT FREQUENTLY, OR HAVE A FEW PROFILES switching around. Use directional aerials, instead of the standard non-directionals.
12) To the forthcoming-divorcee: you are probanly being tracked by your mobile phone, or a GPS recorder unit (small, hidden, software or hardware), on your body item, car or mobile phone. Much of the scary stuff you sense is fake or guess-work, to de-stabilize /upset you more.
13) There are many hardware spy items, cheap, small on eBay e.g. the Christian, jewelled brouch, which is really a video and/or tape recorder. Or wrist-watches, pens, “toys”, “clocks”, … which are similarly used.
14) Any and every GOOD business executive (my past careers) uses these busines tools. You need to know what is available (changes every week) to spot if these spy gadgets are watching you. Google-product & eBay search “spy recorder” regularly.
15) In my nursing home life-style, I watch with LOL as the C20 law-enforcers are seen not using the hardware & software of C21. As a victim of carer-abuse, I’ve purchased many of the above items. My mentees (mentor to many internationally successful CEOs) keep me informed of the worth of my recommendations.
hello, well my little sister and i were on msn + we thought we had her friend’s e-mail but instead of putting .com at the end we put .co.uk ad we had someone else’s email the woman was just like hi and my sister said hi aswell then my sister said ‘so what did you do today?’ and she said ‘oh nothing much, just went swimming, yourself?’ and my sister said ‘just came home from school.’ then te woman said what school do you go to?
and my sister said ‘st.Kevin’s Gns’ and the woman said ‘oh cool’ we thought it was my sister’s friend but it wasn’t and my sister said ‘what school do you go to?’ and she started naming collages! then my sister said ‘woah, what age are you?’ and the woman said ‘i’m 21′ and i said ‘ oh i’m sorry, we have the wrong person’ and had my sister block her and delete her as a contact, is it possible for this woman to find my sister’s location and find what school she does go to and whereabouts it is!
i’m so frightened, as i go to a different school then her and what, with all the perverts and kidnappings going around i can’t help but loose sleep! i would realy appreciate if you would respond to this as i am ever so worried and am thinking of contacting the police! PLEASE RESPOND! thankyou.
@Ellis
It sounds like a misunderstanding to me.
@all
I want to know how to find commercial spying applications that try to hide themselves. Are they usually normal rootkits? I find it astonishing that my google searches don’t find information on specifically how to do that.
Hy,
I’m having a weird problem. Last week i tried to login to my server account, and server firewall blocked me. I checked the status, and my ip was blacklisted. When i took a look at log attempts on my server, i got approx 300 attempts in time frame of few minutes with my ip, which i never made. I suspect, someone or some third party program is using my ip to get into my server. How can i detect this actions and most of all, block this from happening? Every time i get my ip unblocked from servers blacklist, it puts me back there again the same day couse these uncontroled login attempts happen over and over again.
Thanks,
Jack-d
hey this is great, but how do you find out if someone is doing this on a macbook?
Hi,
I have an iMac. I was just wondering if someone that knows your IP address and wanted to link to their computer to get a high speed internet. Can they hack into my computer and see what I’m doing on my home computer? what can I do or get to block them or to see if anyone is spying on my computer..Thanks.
I was wondering if there is a way to find deleted yahoo emails. I have lost some very important ones.
Is there anyway to monitor all the computers in our house through the wireless router? I don’t want to buy or download 5 separate ones.
The info you provide is great.
Thank you in advance for any help.
The company I work for has a published policy allowing them to monitor our company computer usage, including emails. I often check my personal home email from the office. Can that be monitored as well because I’m using the company computer to do it?
If VNC is installed on a workplace laptop that is never connected to a LAN, but is used to work at home connecting to ISP through Netgear wireless router, can employer still monitor web sites visited and personal email if they never remotely connect to the laptop? Does/can VNC automatically send data back anytime I boot?
Hi everyone I’m a newbie for all of this and one of my “family members have said “I’m monitoring your e-mails”. She works for a government company. This is not important to people on here.
What is, is how to check my system. I greatly appreciate all the information that has being posted and given.
Why did she say this? Well it’s a long story, but to make it short? “To TICK ME OFF”
I don’t know how she did this but she showed me a e-mail I sent to a friend of mine.
It was only a regular mail, but it go to me.
I have “ZoneAlarm Security”, but it still eats away at me thinking someone is reading my mails
I checked for all that was listed and came up with nothing.
I’m sorry but as a new person, can someone tell me what a “FTP site” is?
Thanks again for the great articles and great web site.
Dan
I know my boss is monitoring my computer and I’d like to let him know I know (seems like the right thing to do) but he’s such a control freak I’m afraid he’d be mad at me for knowing it.
He is blaming a problem on me and I am certain it was his doing. Please tell me if the following could be possible.
I went to open a document on my computer and found it had been overwritten by a document I had never seen before. I’m sure it was nothing that was ever on my computer, nor had it ever been emailed to me. It was a document that my boss would have found useful for a project he was working on. I believe that while monitoring my computer he came across it and intended to copy and paste it to his computer but erred and overwrote it without noticing it. When I told him that a strange document had appeared on my computer, he was very defensive and insisted that the only way it could have possibly happened was that I had overwritten it.
I’d like to thank you for this information. It was really a lot of help. Though I’d like to ask something more. I’ve noticed that after downloading some music from 4shared.com, that someone had changed my computer name from “this computer” to “w.” Is it possible that this has been a hacker’s doing? I reinstalled my firewall and did another scan with my Norton Internet security software but I am still afraid that’s not enough.
Could you please help me?
Thanks in advance.
Friend just installed my new Gateway Computer. He was making a copy of my numbers under the Computer Manager Tab. He also knows all my passwords. I have nothing to hide but feel like my privacy is being invaded. What should I do?
Hi there!
Interesting article. I’ve been suspecting that my boss might be snooping around my office computer. Now, of course, I don’t have indisputable evidence but it does seem like he knows a bit about what’s been happening in my life. He’s never making direct remarks but too many indirect remarks that suggest he might have an idea. Of course, he could be psyhcic–har! har!.
My biggest suspicion is that I had the remote connectivity option on my office computer switched on i.e. he could connect to my hard drive using his unique official user ID remotely. What I’m truly concerned about is not what is normally on the office laptop but stuff like internet access info by which he could log in to my internet accounts.
How easily can one trace someone’s internet history (especially user ID’s and passwords) by logging on to their machine with a different userID? What kind of files would he be able to access on my machine that might disclose vital info?
Any answers are welcome.
Best, PM.
OMG, thank you so much. Using this guide I was able to find out exactly how my husband whom I’m divorcing was getting information on my personal and social life. I absolutely couldn’t believe he’d be so deviant but hey, it’s a divorce… Anyway sir, thanks.
Hi, when I typed “Google” into my browser, I then typed into my search bar [what I was looking for] & noticed at the top right just below my browser on googles page the following.
“nuketime37@gmail.com” /just to the left of “settings & logout”
This is the second time I’ve seen someones email account name on my computer. The first one was “mtndewguy363@yahoo.com”, no quotes with the email name.
Is there someone watching me? Signed “Worried”
P.S. I save my emails, back in July, I noticed that all my saved emails were gone from June 18th 2010 & before.
What if you cannot uncheck the boxes in Exceptions (Windows Firewall), including when logged in as Admin? How else can one verify spying?
Thank you.
Lots of questions, no answers for macs.
How can I tell if someone is accessing info from my mac at work.