Digital Home Advisor

What do I do if I suspect someone is controlling my PC? When my IP address has been changed without my knowledge? My boot-up process is getting harder unless I unplug the Ethernet cable and the CPU is at 100 per cent every time I open any program. There is also a new connection to the Internet that is between my connection and the net I know was not there a month ago. When I try to register my e-mail address the programs say it's invalid and does not match whatever it has to compare it to. -- Teresa Hurst.

It sounds like some spyware or other unwelcome software has gotten installed on your computer. You need to do some process of elimination to see where the problem is. I would recommend that you start the computer without the Ethernet cable being connected and to start up the operating system on your computer in "safe" mode to minimize what is getting automatically started.

If you are comfortable with using a network sniffer such as Wireshark or one of the commercially available packages, try putting a hub (not switch) between the infected computer and your internet connection and let Wireshark tell you what it is finding. This could help in identifying the exact cause of the problem and serve as a good learning experience in terms of doing some detective work on finding the cause of a problem.

On a different computer, download several different anti-spyware utilities such as Spybot and Ad-Aware. There are several very good packages out there to choose from. The main thing is to run at least two different packages, preferably three, because no single app will remove all the spyware in the wild these days.

Burn these apps onto a CD and then install them onto the computer you have booted into safe mode. Since you are running without a network connection for the time being, you will also way to download any signature or other updates and install those before running the software for the first time. After you have run each of the spyware detection programs each once, run them at least one more time apiece until you have a clean report from each. This may sound like extra work, but I have seen where one spyware removal program will remove a particular package allowing the same or different spyware removal package to see another piece of spyware/adware that went previously undetected.

Once you have done this, do the same thing with anti-virus software. McAfee offers a basic detection/removal package that will go after the nastier viruses out there that is free for downloading. ClamAv, an open source virus detection/prevention package, is another one that I would suggest trying as well. Once you have received a clean report from the different packages you have tried, you should be able to connect the ethernet cable back to the computer, reboot it and be back to fairly normal operation.

Once you are back to normal, I would suggest periodically running the spyware/adware detection programs. Make sure you have the latest signature/program updates installed so that you have the best chance of catching/preventing problems. You should also run a software firewall, but not the Windows Firewall that comes with XP/Vista - It can still let some bad things happen. I would suggest using either ZoneAlarm or Comodo Firewall Pro as these can alert you to outbound access that doesn't appear to be normal and they go one step further and that is to learn what is "normal" for your computer.

While you are trying to identify the cause of the problem, I would also suggest looking at www.spywarewarrior.com. I have used this Web site in the past for good information. Depending on what you find, you may be referred to additional utilities as Hijack This, which I have used in the past to find/eliminate additional problems not found by some of the other tools that I have mentioned here.