International Journal of Research and Reviews in Information Security and Privacy (IJRRISP) Vol. 1, No. 1, March 2011 Copyright © Science Academy Publisher, United Kingdom Manual Removal of Malware – Is It Still Relevant? Syed Nasir Alsagoff Department of Computer Science, Faculty of Defense Science and Technology, National Defense University of Malaysia, Sungai Besi Camp, Kuala Lumpur, Malaysia Correspondence should be addressed to Syed Nasir Alsagoff syednasir@upnm.edu.my Abstract – Any software that can disrupt the operation of the computer such as a virus, worm or spyware can be defined as a malware. Previously, in early 2008, a paper titled “REMOVAL OF MALWARE WITHOUT THE USE OF ANTIMALWARE SOFTWARE [1]” was published by this author. At the time, Windows Vista has just been introduced for a year so the dominant operating system is still Windows XP. Windows Vista has been designed from ground up to improve the security of Windows operating system. Since then, Windows Vista was introduced in 2007 and Windows 7 was introduced in 2009. With improved security of the Windows operating system, this paper aims to discover the relevance of the methods presented in 2008. If the methods are still relevant, this paper will also examine if the method needs to be updated to keep up with the changing times with new threats and operating systems. 1. Introduction 1.1. What is Malware? Malware, or Malicious Software, refer to various types of software that can damage or disrupt your computer. It is usually installed without user knowledge or approval. 1.2. Current State of Malware – Now and Then The now and then comparison will be based on the yearly and half-yearly report by Symantec Security Response. The reports are - Symantec Internet Security Threat Report Trends for January–June 07 and Symantec Global Internet Security Threat Report Trends for 2009. Table 1below shows the now and then state comparison. Table 1. Now and Then Comparison 2009 Yearly Report [2] 2007 Half Yearly Report [3] Symantec created 2,895,802 new malicious code signatures in 2009, a 71 percent increase over 2008; the 2009 figure represents 51 percent of all malicious code signatures ever created by Symantec. In the first half of 2007, 212,101 new malicious code threats were reported to Symantec. This is a 185 percent increase over the second half of 2006. Of the top 10 new malicious code families detected in 2009, six were Trojans, two were worms with back door components, one was a worm, and one was a virus. Of the top ten new malicious code families detected in the first six months of 2007, four were Trojans, three were viruses, one was a worm, and two were worms with a virus component. Trojans made up 51 percent of the volume of the top 50 malicious code samples reported in 2009, a decrease from 68 percent in 2008. During the first half of 2007, Trojans made up 54 percent of the volume of the top 50 malicious code reports, an increase over the 45 percent reported in the final six months of 2006. In 2009 propagation through file- sharing executables accounted for 72 percent of malicious code that propagates—up from 66 percent in 2008. In 2007 propagation through file-sharing executables accounted for 22 percent of malicious code that propagates. 1.3. Impact of Newer Operating Systems As seen in Table 1, the number of malware has more than quadruple since 2007. This trend will most likely continue in the future. At the time the 2009 Symantec report was made, the operating system market share is in Fig. 1. Comparatively, the operating market share in 2007 is in Fig. 2. The still dominant operating system in 2010 is Windows XP as shown in Fig. 1. Table 1 has shown that the introduction of Windows Vista and Windows 7 did not stem the tide of malware. As a result, Microsoft released Microsoft Security Essentials, a free antimalware for home users in 2010. Figure 1. Operating System Market Share in 2010 [4]. Science Academy Publisher