SeaPort Service seaport.exe – Trojan Alert?
Since it is Microsoft, and I’m sure they already have a lawyer approved press statement justifying their actions, no one will call it what it is, but Microsoft has written and launched a trojan (A program that appears legitimate, but performs some illicit activity when it is run…Trojans often sneak in attached to a free game or other utility.) that installs software on the user’s computer without the user being told or having the opportunity to not install the software. (Actually, I’m sure that there is something buried in the bajillion page user agreement that I am laughably supposed to read before installing software.)
To skip ahead, search enhancement pack remove seaport.exe
The trojan program from Microsoft is the Windows Live software bundle. Installing any one of the applications from the bundle will result in an extra service being secretly installed on the user’s computer. The service, called SeaPort, is installed as an Automatic service and thus runs on startup each and every time the user boots their computer regardless of whether or not they are running the software that was ethically installed on their computer by request.
Searches done on both Google and Microsoft’s own Live search engine show no mention whatsoever of Seaport on Microsoft’s website except in a user community where another bewildered user asks, “What is Seaport and should I be worried?” Screenshots of the Seaport-less searches done on January 28, 2009 are here:
…..
…. 
As confused users arrive here in droves by asking seaport.exe what is (grammar isn’t a strong suit of the flummoxed searcher) one can only wonder how many millions of other users haven’t even noticed.
Enough is Enough
I have officially had it with software companies (and Microsoft is not the only one) installing any and all of their garbage on my computer whenever they feel like it because they think it will improve the experience for using software that I may or may not ever use!
I am now looking into starting a non-profit organization that monitors, publicizes, and when necessary pursues other actions against software companies for this and other unethical installation practices. If you want to be kept in the loop as it gets started up, grab the RSS Feed or shoot an email to wghubris@besthubris.com asking to be added to the email list. (I not only do not spam or sell your email address, I won’t even email for any reason other than this topic unless you state otherwise.)
Killing Seaport Search Enhancement seaport.exe
Still no word from our friends at Microsoft regarding the mysteriously appearing seaport service, seaport process, seaport.exe that was apparently tacked on to the update to Windows Live Writer regardless of which checkboxes you had selected.
When I originally installed Windows Live Writer, it was beta software and I carefully selected all of the options that I did not want. (I don’t recall seeing anything about Seaport or any other such service.) I was somewhat dismayed when I read elsewhere that there was an updated non-beta version of Windows Live Writer already released since I had frequently selected “Check for Updates” inside of my installed Live Writer only to be told that my version was up to date.
I installed Live Writer (and the new photo app) manually and de-selected EVERYTHING ELSE. There is no possibility that a checkbox when unchecked because there were several Live apps that I was just not currently interested in. (For example, I never chat with anyone anywhere, and I have long since setup Thunderbird to do exactly what I want email-wise so I did not need either of those.)
Like many others, I was concerned that some rouge software had installed a sketchy backdoor process when my defense program alerted me to the new process running on my system and then my firewall freaked out when it tried to port-scan its way around my Internet security.
I am not a Microsoft basher, I never have been. But, I do call them like I see them. I believe in security for my computer. Microsoft’s UAC was a colossal failure because it was a poorly implemented security system that did the right things. (For an idea of what a well implemented system of this nature looks like check out Comodo Defense+ which is what caught the sneaky seaport.exe process first on my PC.) One has to wonder, did UAC flag Seaport.exe like it did numerous other applications, or does Microsoft get a pass?
The only explanation of any kind is the description of the service:
Enables the detection, download and installation of up-to-date configuration files for Microsoft Search Enhancement applications. Also provides server communication for the customer experience improvement program. If this service is disabled, search enhancement features such as search history may not work correctly.
Seriously? I need to permanently dedicate 5MB of RAM to detecting and downloading up-to-date configuration files? Really? Can’t you just make it part of Widows Update or something?
Getting Rid of Seaport Like Killing Off a Virus
Here is what we do know. The seaport.exe process locks up around 5 MB of RAM permanently in order to do its configuration file detecting and downloading. For that kind of resource usage, there better be an important update to those configuration files every 5 minutes.
Seaport installs itself as an automatic starting service which means it runs on startup. This is ludicrous for many reasons, but the biggest one is that it runs whether you are doing something that has anything to do with search or not. Just logging on to check your email real quick? Seaport is running. Done using your computer for the day, but letting your virus scan run in the background? Seaport is there, slowing down your scan by using memory. Downloading a long list of files, running, bittorrent, or just plain letting the screensaver look pretty? Seaport is always there.
My first move, like most users, was to kill the seaport.exe process. At least Microsoft didn’t lock it as an non-terminating system process. Of course, as an automatic service, it will just restart itself.
In order to remove Seaport, you have to think like a virus. Go step-by-step to remove Seaport and you’ll be rid of it. But, you will probably have to do it again if your Windows Live software gets any updates installed.
- Shut down the seaport process. You can’t delete something that is running, so hit Control – Alt – Delete and go to the processes tab. Find seaport.exe and kill it. Say yes to the warning that pops up.
- Keep the seaport process from starting up. An automatic service will just restart itself, so you have to cut it off. Open Service Manager (Start –> Control Panel –> Administrative Tools for Windows XP) and find the seaport process. Double-click it and if it says “Started” then click Stop. Once stopped, change Startup Type to Manual.
- Delete the seaport.exe file. – The seaport.exe file is under \program files\Microsoft\Search Enhancement Pack\SeaPort. Delete the seaport.exe file, or if you want to be super-safe, you can rename it so that you can get it back if something goes wrong.
If you want to be aggressively sure about the death of seaport on your system, add it to your blocked files in your PC’s defense program and make sure to block it from your firewall too.
By the way, if you are worried about what will happen after you eliminate seaport once and for all, the answer is nothing. At least on my computer, I haven’t noticed a single issue. Of course, since I’m not exactly sure what “enhanced search services” does on my computer, I can’t tell what I’m missing out on. Nothing important I guess.
UPDATE: It looks like Seaport is now uninstallable via the Uninstaller by uninstalling “Microsoft Search Enhancement Pack.” You might want to try going that route first.
