How to Save your computer from getting hijacked
Posted on 14th April 2006 by Keith DsouzaFirst of all my Laptop (along with my Desktop) is the most precious object that remains with me almost 12-14 hrs a day and I hate it when it starts to throw up tantruns and goes into a frenzy, keeping from using it.
Yes I was careless enough once and my PC got hijacked by some stupid spywares and trojan horses all at once, well I did not suspect anything wrong till my PC started showing frequent high usage of the Processor.
What I mean while saying about your computer getting hijacked means, that some activity keeps on running without your knowledge and without you installing it, this is not a virus, a virus is a pc destroyer, while being hijacked is like slow poison, it keeps on eating up your precious resources without your knowing it.
Any unusual high usage in your PC must ring a bell to you too, that's why I am writing this.Ofcourse first I will talk about how you can prevent it.I'll start with the signs that tell you that you are under an attack.
Well in a normal computing day the CPU usage (read processor usage) at it's max may go upto 25 - 40% with it going upto 90% while your installing something. You may always see your RAM (Random Access Memory) usage pretty high but that's normal but if you are seeing a frequent high usage with the CPU then its time to start worrying.
Frequent Popups Occuring with Ads. Well yes those popups with ads are from adwares that are residing on your computer if you have been seeing those recently then you can be sure of some adware on your computer.
Prevention Tips
1. Use less of Freeware softwares.
Yes the freeware softwares that you install and run are the ones that regulalry comes bundled with adware softwares, the most famous bundled adware being Gator.
So if you are going to install freeware softwares make sure to read their License agreements to see any additional softwares that get installed with it, also don't forget to check their privacy policy.
2. Have a good popup blocker and disable downloads without permission
Well today most of the browsers that are existing come with a default popup blocker, if you don't have one then you can download many of the toolbar's that are avialable for your browser, most of them come with a popup blocker.
In addition to this enable all files to be downloaded with your permission only.
Here is how you can Set Download Permissions in Internet Explorer.
a. In your Internet Explorer click Tools -> Options and in that click on the Advanced Tab
b. In the Browsing option Uncheck Enable Install On Demand (Internet Explorer) and Enable Install On Demand (Other)
{mosimage width=300&height=250}
This will make sure anything being installed is with your permission only.
Disable Addons
Well most of the hijacks on your computer internet browser are installed as Addons, here is how you can disable addons.
a. In your Internet Explorer click Tools -> Manage Add-ons.
b. A list of addons currently installed will show each add-on's name, publisher, status, type, and file related to the add-on.
c. To disable an add-on, select the add-on and click the Disable radio button, to enable click on the enable radio button.
{mosimage width=300&height=250}
Keep on checking your addons regulalry the hijack happens here mostly so you have to be very careful as you may be doing online banking, email checking etc from here so this is very critical to you.
3. Check your start up programs
Most of the spywares, trojans add themselves to the startup of your computer, so you should keep a regular check on which programs are scheduled to run startup, usually these programs have weird names so they are easy to find, but have a complete look though.
Here is how you can check it,
a. Click on Start -> Run
b. Type msconfig and hit enter.
c. A new window will open, in that click on startup and check for any thing that looks suspicious to you.
d. To disable anything from starting just uncheck the box that's there next to it
{mosimage width=300&height=250}
4. Check Progams Installed Regulalry
This is one thing i do on a regular basis as it lets me know if anything is installed without my permission
Go to Contol Panel -> Add Remove Programs
A new window will open which will list the different programs that have been installed on your system, go through the list to check whether there are programs that you have not installed recently, If you are unable to access this you can ask your computer administrator to check this for you.
Remove programs that seem suspicious or which you never remember installing.
5. Install a Good Firewall
Well a firewall basically monitors incoming and outgoing connections and blocks anything it suspects, You may use the inbuilt firewall than comes with Windows SP2, setting the setting to medium will alert you about all suspect actions and ask your permission as to whether it should allow it or not.
To activate the firewall
a. Click on Start -> Run
b. type firewall.cpl and hit enter
c. In that click on enable firewall and your all set.
6. Check incoming and outgoing connections being made
You can use various network utilities to check which ports are being used for incoming and outgoing connections, who is conneceted to you and where your computer is connected to.
Well if you don't have any Network utilities you can run this check from the command prompt too, here is how.
a. Click on Start -> Run
b. type cmd and hit enter
c. In the window that opens run this command
netstat /a
It will show you something like this
Proto Local Address Foreign Address State
TCP nerd:ftp nerd:0 LISTENING
TCP nerd:http nerd:0 LISTENING
TCP nerd:epmap nerd:0 LISTENING
TCP nerd:https nerd:0 LISTENING
TCP nerd:microsoft-ds nerd:0 LISTENING
TCP nerd:1025 nerd:0 LISTENING
TCP nerd:2030 nerd:0 LISTENING
TCP nerd:2401 nerd:0 LISTENING
TCP nerd:3306 nerd:0 LISTENING
TCP nerd:5101 nerd:0 LISTENING
TCP nerd:9296 nerd:0 LISTENING
TCP nerd:1929 localhost:1930 ESTABLISHED
TCP nerd:1930 localhost:1929 ESTABLISHED
TCP nerd:2402 nerd:0 LISTENING
TCP nerd:3455 localhost:3456 ESTABLISHED
TCP nerd:3456 localhost:3455 ESTABLISHED
TCP nerd:4664 nerd:0 LISTENING
TCP nerd:netbios-ssn nerd:0 LISTENING
TCP nerd:3441 bay109-dav.bay109.hotmail.com:http CLOSE_WAIT
TCP nerd:3551 xxx.xxx.4.121:1863 ESTABLISHED TCP
In this Proto means the type of communication channel being used.
Local Address is the port on your computer where this connection is being made
Foreign Address is the computer your computer is communcating with from the port, this may usually be your local computer, one on your intranet (local area network) or one from the internet.
State tells you about what is the current state of the communication between your local computer and the foreign address.
7. Install Antivirus and Spyware Cleaner
Well the most common other things to prevent hijacks happening are to have a good Antivirus installed on you computer.Also keep on updating the virus definition on a regular basis, the best way is to keep the software to recieve auto updates.
This will save you from keeping on remembering to run those updates.Well regulalry running the antivirus scans are also necessary so spare some time in a week to do that.
Download a good spyware cleaner and run regular scans for that.
I recommend Spy Sweeper as it updates you if any one tries to add things to your computer startup or favorites.
Well as a good boy I will also let you know on how to get rid of it if your under attack, so keep commenting till then i'll be writing that soon.
Technorati tags: computer hijack, protect your computer, trojans, computer attack
Related posts:
You are right , but sometimes spywares also comes when we try to download some warez or serials from unknown sites . Faced a lot of problem with such stuff .
That’s why you should avoid downloading warez and serials as they bring onto lots of such things with it