Effective Spyware Removal Action

It is very frustrating if your PC have bad virus / spyware infection. A number of people I came across have so many spyware until they can't even access the Internet without being harassed by these spyware. All they get were annoying pop ups and bogus anti-spyware messages asking them to download their software.

One of the drastic action to get rid of these threats is as follows:

1) Turn off System Restoration Option at "My Computers" --> Properties --> System Restore.

2) Install Search & Destroy, LavaSoft Adware, Sunbelt Counterspy, Spywareblaster, CCleaner and the latest AVG Anti-Virus. Get the latest updates for all these software. (**Good news: Software mentioned above are freeware / trial version**)

3) Go to add/remove program and delete all suspicious software - those that you cannot identify.

4) Stop all irrelevant services at "My Computer" --> Manager --> Services and Applications.

5) Ensure the PC is off-line from Internet (e.g. shutdown the broadband router) and reboot the PC in safe mode.

6) Run all these security software and use CCleaner to remove all the files that are not important.

7) Reboot your PC in normal mode and test connecting to Internet.

This will take a long time as the PC had to run these security software. Don't be surprise if loads of cookies, spyware, some viruses are detected, cleaned or moved to temporary anti-virus folder for further action.

Another way that is sure to remove all threats: Hard format the PC hard disk, delete partition and reinstall the operating system. But this is the last resort and ensure you have a proper backup of your data !

If you also have spyware nightmares or have other ways to remove these threats, I am glad if you can share them too.

I am the author of www.comsectutorial.com. This site is setup to provide information, recommendation on hacking prevention, controls to minimise security threats from viruses, trojans, spywares, hacking based on real life experience.

Thanks.

Gabriel

Computer Security against Hacking

There are absolute essentials such as Firewall, Anti-Spyware, Anti-Virus that a PC or server requires against Internet threats such as Hacking, Viruses so on. From my observation, most corporate PCs or servers had installed only Anti-Virus and firewall. That's it.

I will not cover the essential of firewalls. These are a must or else anybody can sail through the network. It is like a house with the front door wide open with a sign, rob me !

Assumed Firewall, Anti-Virus installed.....
What about folders and files ? Are you sure those sensitive files are not able to be accessed by all of your office staff but only trusted Sr. Managers or yourself. Say a technical savy personnel happen to have some knowledge of hacking, high possibility that your most valuable data in your server may be compromised.

Further, the vendor that installed the server and application, does he/she has the admin password ? What services are installed in the server ? Intruders may exploit the services vulnerabilities to gain access into the server.

It is difficult to to know where or who is the Intruder. Are they the intruders from the Internet only ? These are attackers that need to break into your firewall and IPS (Intrusion Prevention System) before getting their hands on the servers. There are those that can break into even the most advance security systems. Fortunately, the numbers are not many. However if they are your personnel, temporary staff, vendors, contracts, dispatch personnel. This will be easier as it is an insider job. Someone that have knowledge of your application, server or network. You will never know.

Windows Hacking
Checkout this video on how a basic penetration is done using Windows.
Windows Hacking in YouTube.com
There are many more ways of doing this for those with Linux/Unix machines.


So what to do ? I have observed banks and large companies taking the trouble to view every folders, files in their servers and ensure only authorized IDs are allowed to access these servers.

For example, to check world writable files and directories in Unix servers and output to a file for analysis, use this command:

find / -type f –perm -22 –exec ls –l > /home/Gabriel/worldfiles.csv \;

find / -type d –perm -22 –exec ls –l > /home/Gabriel/worlddirectory.csv \;

I will cover more on Unix security in my next blog.

Windows Hardening - part of Security Assessment
As for Windows, use DumpSec ACL to retrieve the relevant files for analysis and Nmap, Nessus for services. I did security assessment for a number of companies and they were surprised to find IDs of staff that have resigned still active in their servers. Worst still, most of the files that contained critical data are also read and writable by everybody. If the person with ill intention did what the video above demonstrated, he/she may have access to these files already.

Please refer to this site www.comsectutorial.com for more on basic security and Windows Hardening tips.