Ultimate Malware Removal Guide -- Purge Your PC of Junk Files!
Posted 01/29/09 at 09:00:00 AM by Josh Kampschmidt
Comments
Print
Email
Malware is everywhere. You can't browse on any Internet tech forum without someone mentioning this word (with disdain), usually in search of a remedy after being infected with spyware. No matter how careful you are, we’re guessing that many of you have had malware inadvertently installed on your system and may have even ended up reformatting your computer as a last resort. While that may have been the most thorough solution, it is in a sense admitting defeat. Or worse yet, you took your computer to get cleaned and was charged anywhere from $50-300 -- a high price for humiliation. But don't fret, because you can actually purge your system of malicious software for free! Just follow our comprehensive guide.
Time = About 4 hours
What You Need:
|
1. Scrub your system with SUPERAntiSpyware
SUPERAntiSpyware is a great program to start with since it has such a high detection rate and can remove most of what it finds. Depending on how infected your computer is, you may want to run this program in Safe Mode.
To start downloading SUPERAntiSpyware, download the program from their official website. Download the file to your Desktop or wherever you choose. Keep all the default installation parameters to ensure it installs correctly. Just click the next button along the installation wizard. Choose your language, English is normally the default. After this screen, a new definitions window will pop up click Yes to download the updates.
On the initial setup window, click next. You don't need to enter your e-mail address on the next screen since you aren’t purchasing this program, but on the screen that asks if you want to automatically check for updates, make sure you leave that box checked. Having the program automatically scan for updates saves you time in the future. Do not send a diagnostic report to the company, so uncheck the box. Eventually you will be presented with a window wanting to protect your homepage.
If it is your homepage, click Protect Home Page, otherwise, don’t. When the program opens, click Preferences. Make sure your Preferences matches the following screenshot and select Close.
Click the Scan Your Computer button and then start a Complete System Scan of all your fixed drives. Remove everything that is found.
2. Scrub your system with Malwarebytes Anti-Malware
Similar to SUPERAntiSpyware, Malwarebytes Anti-Malware is a great scanning utility with excellent removal capability. You might also need to run this program in Safe Mode.
Download Malwarebytes Anti-Malware from this site. Save the file to your Desktop. Installation is relatively simple, just follow the installation prompts. At the end of the installation, you will be presented with a Finish window. Uncheck Launch Malwarebytes Anti-Malware.
The program will update and not launch until you request it to do so. Launching the program directly after the update could temporarily crash the program because of the malware present on the system. Double-click the Malwarebytes Anti-Malware icon on your Desktop. Set the program to do a full scan and press the Scan button. Malwarebytes Anti-Malware may look like it froze, but do not do anything, just let it scan.
Comodo cleans things up!
Submitted by dezingg on Sat, 01/30/2010 - 6:31pm
No wonder Comodo recommends that you perform a back up before you use it.
It cleaned all my icons off the desktop except the "recycle bin" and "my computer". Okay, no big deal I had too many icons on the desktop anyway.
But then I discover that most of my start menu links are missing too, even the system tools ones. Well, I probably had too many start menu links too, but I didn't relish rebuilding all the links.
In fact I decided to use system restore to go back 7 days. Big surprise, system restore no longer restores! I've tried several restore points. It goes through the motions and after the automatic reboot, it admits that no changes were made to the system. This is a really big deal to me. Messing with the system restore data should be a big no no.
All of my files and documents are backed up. But not the applications or logon scripts that I've been using the last couple of months. I had to reload Firefox and Thunderbird, so their defaults and settings have already been lost.
I don't remember changing any of Comodo's defaults. The missing apps bothers me, but losing system restore really makes me mad. Now I wonder if the option to reload the fresh from the factory image has been corrupted too?
Revo Uninstaller took care of Comodo for me.
- dezingg
Submitted by luvdr25 on Wed, 11/18/2009 - 10:25pm
Very nice very basic tutorial on how to remove most wimpy malware... However you might want to break out the big guns in cases where Rootkits have molested your system. I always start with a malwarebytes scan (quick scan) then remove anything that shows up and reboot the PC. Next GMER (checks for rootkits) www.gmer.net. Will check for rootkits on startup of the program. If GMER finds any rootkits it will warn you, just right click and disable them (they will appear in red), reboot, then open GMER again and delete them. If GMER doesnt do the trick RootRepeal (http://rootrepeal.googlepages.com/) is your best friend but can also be your worst enemy. Pay attention to what you remove using this utility. OH and something they forgot to mention... If you find that Malwarebytes or any other program wont start there is a simple trick to get them working. Go to the program files folder or wherever the main .exe file is and rename it explorer. The virus will think its explorer and wont block it from running. Once you get all the baddies removed, Run a full scan using your Virus Scanner of choice and remove any files that show up. Rootkits can be very tricky to detect and remove. A few of the most common ones are TDSS and UAC rootkits. Once you kill the main file using GMER you can remove the windows files by opening an administrative cmd window and simply typing in del tdss* /a/s and or del uac* /a/s.
Good luck and happy virus and malware hunting!
One Luv!
Tracking
Submitted by PhoneyVirus on Fri, 09/04/2009 - 9:12pm
I just make a UBCD and scan my PC that way no slowing down your PC with AV's now for Malware you should scan every day.
Submitted by jlhiatt on Sat, 07/18/2009 - 3:55pm
I agree, for the most part, that a clean reinstall is a good idea if your computer is heavily infected. It really depends on the nature of the infection, though. I recently had CyberDefender (a rogue anti-spyware program) on my PC and I decided the best thing to do was a clean reinstall of Windows Vista, update the drivers, install all Windows Updates, etc. not to mention the software that was installed. Took me a few days, too.
It is also worth noting that the nature of malware is such that it will often prevent LEGITIMATE programs from detecting the malware, let alone removing it. Also, much malware blocks you from going to security-related websites. In my instance, NOTHING would detect the presence of CyberDefender and trying to uninstall it using Revo Uninstaller was ineffective because the registry entries and so on are still there. I also had the iSearch toolbar on my computer once and nothing would detect it.
If your issue is related to toolbars/adware, you should download HijackThis! from Trend Micro. It is really for advanced users, though. But it will create a log file of processes and registry entries. You just have to be careful which entries you delete because the Trend Micro product won't inform you which are legitimate and which are the result of the infection.
Windows Malicious Software Removal Tool (updated monthly) is a good tool but it won't remove adware.
Spybot Search & Destroy used to be highly recommended but I have found it to be an inferior product. Your best bets are Malwarebytes Anti-Malware, Super Anti-Spyware, and the other tools I mentioned. AdAware is also declining in popularity and may actually conflict with other similar programs installed on your PC.
Finally, you might want to consider installing some of these programs and then burning them to disc and running them from the disc. That's what I do with Super Anti-Spyware.
Feel free to visit http://fixpcdisasters.blogspot.com for more discussion (I apologize if posting this link is against forum rules. If so, I won't mention it in the future. My bad.).
Submitted by pyramidfresno on Fri, 05/08/2009 - 6:20pm
there is no better way to get rid of junk and viruses than a clean windows installation. Once a system registry and system files have been altered by adware spyware and viruses you won't find a single app that will get rid of all the junk completelly.
Submitted by bkreeder100 on Fri, 05/08/2009 - 4:55am
I do approve of all the effort in trying to help people maintaining there PC Spyware free, But your effort should also include verifying the programs aren't Spyware Installers dressed up as Anti-Spyware.
Case in point I have run many antivirus programs and many have not impressed me in the least. I am not very impressed with Symantic in that it uses too many resources. And it has been disabled by many virus software. McCafee has also been disabled many times by viruses in my time. I am sad to say all of the COTS Antivirus Software I have purchased has been disabled by Viruses in one way or another.
Many Times I have had to rebuild computer systems of friends or family in the years. So I do test many Anti-virus software and Anti Spyware software.
The Malware Byte's Antimalware program was caught trying to install a trojan on my system, not once during it's scan but twice. I do not take kindly to that type of disinformation about programs. So please test the software using more than one box and more than one anti-virus program. My system uses Avast! which I highly recommend above any COTS Antivirus Program.
I will not test any of the other programs that you list do to what the Malware one did, but the Superanti-spyware seems to work and doesn't seem to raise and alerts from my antivirus so it can live.
Thank You.
Submitted by ThomFrost on Fri, 09/18/2009 - 2:16am
"The Malware Byte's Antimalware program was caught trying to install a trojan on my system, not once during it's scan but twice."
Sounds more like a false positive.
I have used Malwarebytes for over a year now and have not had any issues with it.
Malwarebytes is used by many companies big and small by their IT department to check for malware.
I like Malwarebytes for several reasons. I use to use SuperAntiSpyware but the scans take to long usually will take 30 minutes or more for a quick scan. Malwarebyte's quick scan will take less then 10. Malwarebytes gets updates 4 or more times a day. If you have your heuristics up to high you will get this with almost all antivirus programs.
Submitted by luvdr25 on Wed, 11/18/2009 - 10:41pm
Here is what happened... Malwarebytes found the Trojan and your virus scanners "real time" scanner popped up and told you that malwarebytes was opening a virus on your computer? No, Malwarebytes found the virus and the real time scanner just happened to notice the virus once malwarebytes started scanning it. Malwarebytes does not promote malware trojans rootkits tooth decay nor viruses of any kind. Better do a full scan instead of a quick scan on your machine and let malwarebytes remove those nasties!
Good luck!
Happy Malware Removing!
Why run programs in safe mode?
Submitted by OvenFresh on Thu, 04/30/2009 - 10:29am
Some of these malware/trojan files prevent popular anti-malware programs from running properly. I've seen one case where Malwarebytes would not run unless it's file name was changed. So thats the answer.
HELP HELP OMG
Submitted by Marsel on Thu, 05/07/2009 - 10:06pm
OMG! i have that virus right now. It would boot into a black srcreen with no taskbar or anything just cursor, but i could start cmd and i got more control. I could install SUPERantispyware unless i renamed it, and as soon a the installaion would be almost finished then i would go bluescreen, Now it will only boot in safemode, the normal one says "please wait" forever. Now i was looking for a solution and found this old article on my fav. site.Do you have any suggestions or saultions thanx
That's Right. YOU GOT PoWNeD! (not)
Proud owner of a Sony NS laptop, Jailbroken Ipod Touch 2g.
----------------------------------------------------------------------------------------------------------
Can someone tell me where
Submitted by Bless on Thu, 04/23/2009 - 3:20am
Can someone tell me where can I get the spybot, and is it a free program?
thanx
Submitted by NeoIce on Tue, 04/21/2009 - 6:34pm
Why would it be nescessary to run these programs in safe mode?
Submitted by enoughsaid on Tue, 03/10/2009 - 9:57am
I would be very careful talking to the above user it appears that in his message that he hasd an embedded code and his taunting of the advice given here is because "good advice gets in his way of his unethical work standards. If you will look at his post the first couple weeks in Feb there is a decent size gap between his stupid post and his signature. First off anytime I see a space as that in a series of text i highlight it to see if there is text that is invisible as it will be marked as if it contains something but nothing there. Use your cursor and highlight down the post. To the left side of it you weill see lines that indicate those lines of spacer are indeed being used. Also anyone proclaiming to be computer illiterate does not, find their way to a tech board, and refute the advice given by an expert Also it's quite common to use upper case in specific words and he is one of the the ones that uses the same type technique as I see personally. He has embedded some code and god only knows what it's to do. But I googled the name before I posted this and my what a surprise that Wikipedia has banned a poster with the same name but no number (just the ermil) no number for sock puppetry and accused him of fraud, identity issues on alias names, and not to forget a vandal. After arbitration of their board it appears they have banned him. That is a first for me to see and sometimes your intuition goes much further than your brain. I just think he is here refuting because they do that on various boards because it does disrupt their course of daily business for a victim to become aware. Probably would be a good idea if they checked that post and had it removed as anyone on this page isd subject to unwanted computer problems. just checked the last word in his post and would you know there is a business by that name that specializes in Java and platforms for desktop servers and embedded systems.
Actually I think this person has already been in trouble before due to his rhetorical harrassment. That word also means wood and that is what solidified who he is.
Submitted by ermill39 on Mon, 06/08/2009 - 3:39pm
For those who read these comments; I did NOT say any of these things. I said " The products that maximum pc uses did NOT work for me" at the then time. Second, I am NOT that computer savvy to do what enough said..said. I do NOT know how to embedd code, I did NOT nor am I good enough to make a "vandal". Third, my name used for this comment was googled BEFORE i picked it. And no...I do not harass or insult people who are experts in their field.
For the record; all I said is that I had a hard time using there suggessions. It was only recently, that another friend I knew, showed me what to do. No, I am not in trouble...nor do I look for it. I do not pretend that i am computer literate; i do make mistakes.
Whoever you are, please do not judge me. I am not god, and i can not judge others. I did not, nor have i done anything wrong. I try to understand everything i do. If somehow i insulted you...please hear what i have to say: I AM SORRY!!
Your Truly,
Edward R. Miller
ermill39@netscape.net
Submitted by drewdrick on Thu, 05/07/2009 - 4:57am
Schitzooooooooooooooo!
Submitted by enoughsaid on Tue, 03/10/2009 - 9:22am
This is good information and something we should all do a better job of. However, some of the stuff I have to deal with is people embedding things in ways that your computer does not recognize it as a bad guy. It lays dormant the majority of the time then 2 times to 3 times a day it will run and it will be some large data I see going across my network. I can see it via Wireshark. Although Wireshark is way over my ability to understand but it's enough I know it's not good and something is bad wrong. The best I can tell it operates at at a very primitive level i cannot get to. It seems to use the DOS while I simultaneously use Windows. I operate in a intranet environment, it seems. I am starting to suspect that it's in the monitor, mouse, and keyboard and basically among other things a BIOS issue. Now,I am a banker, I know absolutely not a dang thing about computers but what i have learned by this on going problem of ethically challenged people. I apparently have befriended the assailants and just a process of elimination until I uncover the root of the problem. I suspect from the data packets and the protocols being used the labels seem to indicate things that are in line with a bot net. It's been a long frustrating journey because most computer techs or law enforcement operate on a visual level. If its there you see it ...if its not well your just plain crazy. Trust me I run more stuff than the CIA and they still get in.....but here is my thoughts to how. These people have names that mimic commands and they will be in the form of some specific process like font names, json names, etc and will have numbers associated with it. Most numbers are like binary 1 0 11 or can be in the form of what appears to be a zip code. Google those names and most often you will find that it could be more to it than a birth date or zip...it could be ports and specific instruction. The need to click a link or down load a helper agent is gone. Now it appears that if they can get you to open a email that contains an image of embedded code and because it is nothing more than a bunch of font without an active ingredient your system does not recognize it as an intrusive agent or Malware. It only becomes active by the next series of events. An email is usual suspect. Once the email hits your in box and the name in the sender box......it activates the code in your computer like a remote. The script is now live and trust me I have witnessed this by cause and effect and observation. What I want to know is there any thing that a user can do? I can find all kinds of code i suspect that are executable but not knowing programming its all greek. Is there a converter of some sort that will take HTML or CSS and convert it to something I can read?
Part of the reason I posted this in depth detail is simply to make you aware that if something does not seem right.....just because your security products do not pick it up does not mean everything. Any chat room, adult site, and social networking environment where there is direct connection ..be very careful who you talk to. Direct connection makes the job easy. Even the script kiddies can manage to get a hack in there. But the last few social networking sites I have been in are nothing more than a harvest of bots and it's amazing at the number of people that mean more harm than good. I just think its important to get the word out to their existence and I know I have had enough of it after three years and maybe some of you have as well. It would just be nice to know that I am not alone......
Submitted by Phated1 on Fri, 04/03/2009 - 9:32am
tl;dr
please learn to use your enter key
Submitted by Orionsword on Thu, 02/26/2009 - 6:27pm
This is why I went to Ubuntu got tired of using the raid bug spray on Xp
I still use window's xp for gaming
Submitted by royates2002 on Thu, 02/12/2009 - 7:17pm
Normal
0false
false
falseMicrosoftInternetExplorer4
/* Style Definitions */
table.MsoNormalTable
{mso-style-name:"Table Normal";
mso-tstyle-rowband-size:0;
mso-tstyle-colband-size:0;
mso-style-noshow:yes;
mso-style-parent:"";
mso-padding-alt:0in 5.4pt 0in 5.4pt;
mso-para-margin:0in;
mso-para-margin-bottom:.0001pt;
mso-pagination:widow-orphan;
font-size:10.0pt;
font-family:"Times New Roman";
mso-ansi-language:#0400;
mso-fareast-language:#0400;
mso-bidi-language:#0400;}
Okay...... I thought that I was smugly out of reach of any type of
Malware working on my desktop or laptop. I was wrong! I had looked at a site
that promised first run movies and inadvertently got slimed! Nothing slowed down no pop-up ads. All was fine until I ran a Spy Bot and A
squared scan. Several Trojans and malware things were found. I went paranoid because I had religiously updated and ran Norton SystemWorks (on
the laptop) and McAfee (on the desktop) neither are on the same network. SO ALL
THIS STUFF LEAKED THROUGH REGARDLESS OF EITHER PROGRAM!
I was once again feeling smug when I ran Spy Bot and A squared
in safe mode on both systems and got the okay that nothing was there.
After looking at your article I ran SUPERAntiSpyware and
more things were found. I then ran Malwarebytes Anti-Malware and even more
things were found that were not found on any of the other anti-malware
programs! I updated all of the
anti-malware programs and I then re-booted in safe mode until I got a clean
bill of health. Thanks for the article.
My bottom line is that the above proves that each
anti-malware program is different and does not provide a complete solution. Nor does the Major Programs like Norton or
Mcafee. So every week I update and then run Spy Bot, A squared SUPERAntiSpyware, and
Malwarebytes Anti-Malware. I have CCleaner automatically running on start-up.
Again thanks for a great article… Your Mileage May Vary!roy
Submitted by ermill39 on Wed, 02/11/2009 - 10:21am
I use to think that whenever a program comes out for the computer user, that things would get better. Nowadays,...I'm not so sure. I can say this also about your topic. Okay, I am not THAT computer literate; but I know enough to say that your topic is..spotty at best. I mean did you actually test these programs ?
I did. And I can tell you that it was a real...PAIN!!
I can tell you for sure...do NOT use pandaactive scan, if your system has more than 100 GB of hard disk space. You will be waiting for at least three hours or more. As for killbox,...you ought to be more specific in how to use the product. Also, the SUPERAntispyware...neds to be replaced. Malware bytes ...that's another story, for another time. Okay, I can say that it does its job....sort of.
Next time you decide to write something,...please have the decency to test it first BEFORE you tell us.
Right now, I am ready to go back and use Spybot & Ad aware. The only good program That I'd use for sure is Comodo registry cleaner. I could be wrong in this...but so far It works great on my computer.
Okay guys, tell me what YOU think. And please...don't spare anyones feelings.
Thanks.
EXCELSIOR!!
Submitted by Mikeytron on Wed, 02/04/2009 - 8:21am
This is all good stuff, but Spybot has the file shredder and it works quit well. We had a problem on our server last month and I had to get rid of a small web server. Somebody here got a drive by download and all hell broke loose. These lowlifes used an old WEBX program to try to look for financial info. To make a long story short it took a while to get rid of it, but I have seen this type of thing before. While I was on vacation a person here had disabled the firewall and downloaded this malware. Spybot file shredder enabled me to dump this malware by stopping the processes then shredding the files. But I had to manually "find" the installers. Still the stuff above is good.
Submitted by BrainLinq on Mon, 02/09/2009 - 11:41am
You do realize that while www.combofix.org appears to point to the real
combofix.exe (an excelent tool, btw) it also points to a piece of
software called "Spyware Cease" which appears to be a rouge anti-malware
application that pops up a couple of false positives on your PC and asks you to buy the software for it to clean the "infections".
The best place to get combofix is:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Good stuff!
Submitted by douglasnye@hotm... on Wed, 02/04/2009 - 7:30am
Alway's enjoy new cleaners that work well!
I am currently evaluating Windows 7 and the only one of these programs that work with it is Malwarebytes' Anti-Malware. But I am sure the other one's will be compatible soon.
Keep up the good work!
Douglas Nye
Submitted by smsherman613 on Tue, 01/26/2010 - 8:05am
Hello,
I am running 7 Ultimate 32 bit on my system.
I ran combofix, malwairbytes. superantispyware, ccleaner, all with no troubles.
At my company providing tech support and computer repair to home and small business users, we get 6 or more of these attacked systems a day. I wonder when NSA might try to do something about this attack?
Thanks for the article. I knew most of the products, but learned some more from it.
Scott
Submitted by Joshua.Palasz on Tue, 02/03/2009 - 4:52am
What happened to Adaware, and spybot Search and Destroy?? Dont anyone use them anymore?? I do use the CCleaner works well...the one thats decent for the average weekly clean.
Submitted by colinjm0517 on Sun, 02/01/2009 - 1:45pm
I'm still not using Combofix
Submitted by colinjm0517 on Sun, 02/01/2009 - 1:44pm
What I ment was that Panda active scan is NOT free, I didn't mean that it is malware
Submitted by colinjm0517 on Sat, 01/31/2009 - 12:53am
Combofix has been identified as MALWARE not ANTI-MALWARE, also panda Activescan wants you to purchase a liscense before it will let you remove anything
You are referring to rogue programs
Submitted by hackman2007 on Sat, 01/31/2009 - 6:12pm
Most of the online scanners do not remove the malware for free. A rogue anti-malware program is a program that gives false positives in hopes that the person purchases the product.
Combofix is not malware. Any detection of that program as malware is a false positive. Smitfraudfix for example can also be detected as malware, but in reality is not. Scanners don't recgonize the difference between certain files (like process.exe) since they can be used for legitimate and malicious purposes.
Combofix is actually a very useful program, but most users cannot take full advantage of the program because of the possibility of danger.
As for what Combofix does, look here.
Submitted by shellpc on Sat, 01/31/2009 - 3:00am
The article here tells you Panda's web based scanner will only scan, not remove malware. So how does that make that malware?
Alot of companies give out free versions of their software that have some functionality stripped out of them. This is no different.
Submitted by colinjm0517 on Wed, 04/01/2009 - 4:40pm
I NEVER said that it was malware.
Submitted by Muerte on Thu, 01/29/2009 - 2:21pm
Nothing is safe from the admin. Who do you think fixes all ofthis? They have to have that kind of control? Who do you think fixes a Mac? The person who can get into it to do the job. That person would be the defacto administrator. Well unless you have to wipe a Mac everytime something goes wrong with it.
Submitted by Queenof1 on Thu, 01/29/2009 - 1:40pm
great article. Looks like I have a few more tools to d/l. I have Windows Defender, Spybot Search & Destroy, and Ad-Aware. Of course, I have a firewall and antivirus and I stay away from pron.
Seems to have done the job
Submitted by 1Shot1Kill on Thu, 01/29/2009 - 9:13am
As the goto guy for computer problems I usually get systems that are pretty much DOA with viruses, malware, spyware, you name it. Well fixing them is not just a matter of wiping the system out and reloading the OS, nope, there are things they dont want to lose and saved 1st. It's here during the saving of stuff that I think I may have gotten some of the crud infecting the other systems in mine. Even though everything I used says my system was clean I always suspected there was stuff lurking about in my puter. My suspicions were comfirmed after running these apps and now I have that warm fuzzy feeling ya get knowing your rig is clean. So pass these programs around and maybe we can put a dent in all the crap thats waiting to leach onto your system.
Thanx for the good Info Maximum PC and hurry up with my next issue. . . .
Nice Overview ...
Submitted by JoWazzoo on Thu, 01/29/2009 - 3:53am
As a refresher or for a noobie - excellant job!!. Unfortunately, now we all are sometimes required to go far beyond the basics. MB & SAS are my immediate Step 1 at hand tools of choice. Unfortunately, now we oft have to go to Step 2 or 3. Prevention can also to help immensely! Firewall and IDS or HIPS. Obviously you are a bit more of an advanced user. If you haven't yet, check these out:
Process Lasso - see & control & kill what is going on. Small footprint - always in my tray.
Process Explorer - when you need to get deeper into what is going on than PL can do.
Everything - find stuff on your HD _really_ fast. Great for general use. Always in my tray
UnhackMe/Regrun - Next step up. Much better at Rootkits than MB or SAS.
GMER - when you really, really, really need to find the Bad Guyz. Not for the faint-hearted nor noobies - i.e. if you don't know what you are doing don't use it.
Cheers ... JoW
Submitted by MacimumPC on Thu, 01/29/2009 - 1:50am
I have a MacBook that happily runs Leopard 10.5.6 and runs it virus/malware/spyware free. This is because OSX is a closed system much like Linux. There are Mac viruses (or virii?) out there, but they are so few and far between that they're nearly nonexistent compared to the thousands of Windows viruses out there that affect Windows users daily. Yes, Microsoft took about 7 or 8 years to finally catch up with the idea of safeguarding the system by incorporating an "allow/deny" type setup with UAC (Your body wishes to breathe in oxygen. Allow this process? Do not Allow? Yeah it's nearly that anal), but apparently viruses can still easily affect Windows as it is still heavily recommended that you install these types of programs even for Vista and 7.
From what I understand of OSX from my experiences, is that nothing (not even an administrator) touches a system file without being prompted for a password. From what I can guess of this setup is that if a malicious website wanted to download something to my system, it would require a password (regardless of the fact that it might only really affect a Windows system) just like I do when I edit a system file...which the malicious code is not smart enough to even bother trying to figure out. It probably assumes that every system is a Windows system whereby it can simply download itself wherever it wants to and then run amok. If it can't get in...it just waits patiently for the next hapless average joe Windows user to come by so it can wreak havok.
Let me put it this way: In the OSX system folder, you cannot create new folders/files or copy new folders/files to the system folder without being prompted for a password. In fact you cannot actually create a new folder in the system folder at all. It's not even an option. I just did a test on one of my XP machines and created a folder in the Windows directory and a few others within the Windows directory (system32 for example). Here's Window's major malfunction. Windows is just plain unsafe and unsecure...and yet the majority of computer users, use Windows. Here's the second major malfunction: OSX and Linux are build to protect the system from everyone...even the admin. Windows...is not. It's like a conspiracy theory almost. "Pst, hey Microsoft, we is riting thowsans uv viruses...and u has a huge market share...so just keeps da Windows security 2 a minimum kthnxbye". Or on the other hand, "Pst, Virus writers! It's us, the Anti-virus programmers, yeah we need like tons of money so keep writing those viruses and we'll keep trying to thwart you to protect the cyber citizens of the world, but really we're just in it for the money kthnxbye." Yes, I know there are freeware virus scanners, but most of them have a "pro" version that isn't free that scares most people into buying them when the free version is probably good enough (though don't hold me to that).
Maybe if Microsoft gets it's head out of the ground and starts actually writing a proper, truly secure closed system, this could actually stop the need to have 20 different virus/malware/spyware scanners on your Windows machine just to keep it afloat in a sea of viruses. It may not completely eliminate the need for security updates from Microsoft as hackers are always looking for leaky spots in the system to exploit (yes there are even some of these leaky spots in OSX), but for the most part it would eliminate the overall virus threat.
This is not meant to be a "Macs are better than PCs" post...I have both and like both, but I appreciate the fact that I don't have to deal with this type of thing on my Mac whereas even with protection on my XP machines, I still get viruses and malware/spyware that slip through. I try all kinds of different programs too and it seems like none of them are 100% guaranteed to catch everything. I can usually fix the problems even after infection, but still its a royal inconvenience.
Sorry for the novel, but I just don't understand why, in this day and age, this is still a problem for Windows.
Nice point. Havent seen a
Submitted by WindowsXP on Sun, 02/01/2009 - 9:16am
Nice point. Havent seen a primary Mac user here before. Maybe MS needs to learn from you guys about security.
PS: It was an insightful "novel". :)
*Sigh* Another Latee Sipping Apple Mac Bastich
Submitted by winmaster on Sat, 01/31/2009 - 5:21pm
Ok, here is the deal: There is 1 (ONE) reason, and 1 (ONE) reason only, why a Windows computer is more prone to viruses than any other computer. That reason is that more people use Windows than the other kinds of computers combined. People don't use Macs because you can't run hardly any programs on them besides the ones on it. Also, people want the freedom of doing whatever they want to their PC. Maybe I want to just copy some file into my Windows directory. That should be my right as a computer user. Microsoft doesn't restrict the freedom of computer users/software developers like Apple does. On the other end of the spectrum, Linux is the most open platform out there, but somewhat irritating. Nobody wants to go messing around in a command line just to install a simple program. No, they want to just double-click an installer. Windows offers the best balance of usability to accessability. Because of all this, criminals write viruses for Windows for two reasons: 1.There is actually someone to infect. 2.They use Windows themselves and they kinda need a test platform so they know their virus will actually do something.
I'M A PC AND A NERD.
--------------------------------------------------------------------------------------------------
The quick brown fox jumps over the lazy dog.
Submitted by spidercio on Thu, 01/29/2009 - 11:37am
More secure my arse!
Have you heard about the pwn 2 own hacking compitition?
It took 2 minutes to gain full control of a macbook air...
Stupid mac fanboys.
Not again!!
Submitted by pcwizmtl on Thu, 01/29/2009 - 9:20am
Once Macs will have a reasonable market share, your novel will be irrelevant.
I thought this was already discussed countless times... as well as the fact that most Mac users wouldn't even notice if they had a virus or not (ie: my girlfriend :P).
IMO if you want to do 5 or 6 things with your PC and not learn anything technical, get a Mac PC, if you want to escape big brother and screw all trends, you slap a linux distro on a PC and finally, if you want the best of both worlds, get a PC with Windows
and go deep because you CAN very easily, unlike a mostly closed system.I run AVG free, Windows Firewall, Windows Defender, and am behind a router. I'm sure I get viruses at the same frequency a Mac user does except for this main difference, I notice when I do because of my security (not to mention my experience). When on the other hand, everytime I logged into my email from a Mac machine no matter which machine it was, I came home to find some Spam in my inbox a few hours later logging from my home PC. I never thought much of it until I noticed the Spam was in french this time, and the last Mac machine I logged into was a french Mac. (I could be wrong.)
The only reason I want Jobs to make more sales is so that Mac users STFU. Macs = PC's and PC's = same sh*t different pile.
Sorry for the smart reply, but I just don't understand why, in this day and age, we are still discussing this.
Dig the article BTW, good job guys.
-----------------------------------------------------------------------------------------------------------------------------
What do you get when you mix 1 pound of ice cream and 1 pound of manure? 2 pound of manure.
love this....
Submitted by gww on Thu, 01/29/2009 - 12:37pm
why would you come onto a discussion like this to talk about how smart you are to use a MAC? Everyone reading this article is interested in cleaning up spy/mal ware from their PCs. We don't need to listen to the pompous likes of you, bragging about your wonderful Mac. You obviously are drinking the mac-grape flavored Kool-aid, "go sell crazy some place else, we are all stocked up here. "
Macs have strengths, and (plenty) of weaknesses, just like PCs. There were also more critical security issues with MAC OS then with Windowsin the past:
http://www.zdnet.com.au/news/security/soa/Apple-Mac-less-secure-than-Windows-in-2007-/0,130061744,339284674,00.htm
Macs gaining in popularity will only continue to expose their security issues, and increase in Mac Malware in inevitable,
For Example:
http://tech.yahoo.com/news/nf/64230
gww
Submitted by festiva_man on Thu, 01/29/2009 - 2:25am
If u were to write (for whatever reason) viruses for a program which would you write it for. 80% of computer users or 20% of computer users. It has nothing to do with open or closed systems it is just the fact that noone cares to right malware to run on a site that maybe only 1 out of 100 visitors are affected by. When and if ever Macintosh takes the throne as Windows has then they will have the same problem. Vista was the example here, it flopped and so the target remains XP. I use Vista myself and don't have to worry about viruses, my wife uses xp and has to worry about them. If win 7 is just like vista as far as security but takes up alot more of the market then they also will have a crapload of viruses. Not being a fanboy here btw just spitting the truth.
Submitted by MacimumPC on Thu, 01/29/2009 - 2:39am
I already basically covered this point by acknowledging that Windows has a far larger market share than OSX. However, it's far harder to insert something into the OSX system folder than it is to insert something into a Windows system folder. This is likely the real difference and reason that hackers write viruses for Windows and not OSX/Linux.
Obviously having the huge market share that it has, Windows is far more susceptible to hackers writing viruses because it will cause the most damage, but shouldn't it be noted that you and I can simply go into our Windows system folders and do what we want? Basically allowing anyone to do the same? Like I said, this is not an easy task in OSX. You can copy and paste new files into the system folder, but you need a password to complete the process. In Windows, this is not the case. So any malicious website can slip a mickey into your Windows system folders and boom...we have vundo and a host of other malware/spyware essentially gangbanging our systems...whereas with OSX...they'd be stopped by something so simple as a password prompt.
I'm not being a fanboy either, btw, but also just spitting the truth. This is indeed happening to Windows for two reasons. Two reasons I already mentioned. 1. Huge market share. 2. Ease of injecting malicious code.
Oh...and...something.
Submitted by shellpc on Thu, 01/29/2009 - 3:16am
Windows XP admin account you can copy things in, but did you try it with a limited user account? Unless a limited user account has read/write access it can't touch those or, if the admin wants, any part of the drive.
Plus iirc, this is part of what UAC and the virtualstore prevents. If an app tries to install something into programfiles or a system directory it gets placed into a kind of sandbox and only thinks it installed itself into a system directory. That way if it does turn out to be malware, only the account is infected and not the whole system.
In a corporate environment most users are going to be running as limited users anyways and the admins likely won't even be using thier pcs in situations that would get them infected. For consumers, well thats what Vista, UAS, and the virtualstore were designed to fix.
Submitted by MacimumPC on Thu, 01/29/2009 - 3:22am
I do not use Vista very much and I am figuring out most of how Vista works by my experiences with the Windows 7 beta...so most of my Windows knowledge is from XP and earlier. I was not aware of the extra measures utilized in Vista/Win 7 along with the UAC interface.
However, you do bring up an interesting point. Yes, in a limited user account in XP, system files are safe from tampering from the user and perhaps external sources. This still does not save the system from the admin though. This is also true in OSX. In the user's folder, you can actually create new folders and not have any access to the system folder, however, the system files are still safe from even the admin (to the extent of needing the admin password) and external sources. However, if Vista/7 are working on new ideas to trick or stop viruses/malware/spyware...then I'm all for it, but I have a feeling the fact that Windows Vista/7 still tell you to download a virus scanner...still leads me to believe the problems are still far from resolved. Perhaps Vista/7 are stepping in the right direction though. Thank you for the heads-up.
Submitted by TheZomb on Thu, 01/29/2009 - 8:06am
Vista does everything you describe OS X does by limiting control to system files with passwords and prompting users for permission to access or change and goes a step further to do the same with the program files folder. Yet microsoft still recommends you to use virus software. Why, they dealing with millions of people and there are two sure things about that group of people. They will be smart and stupid and stupid people will click on things to get them off the screen no matter they are and smart malicious people are happy to exploit. In short they can't account for everything by closing off system files.
I bet if you call apple right now and ask them whether you should use anti virus software they would tell you yes. You do acknowledge that windows has more viruses because of its higher amount of users, but some other information you don't know is that many more vulnerabilities are found per year on mac and most of them are more severe than their windows counter parts. Apple also does not report or acknowledge security vulnerabilities it has. So in general your Mac has vulnerabilities, apple won't tell you what they are, apple won't tell you when they fix them, they can be exploited any day without proper firewall/ anti virus software.
P.S. XP is a 9 year old OS your comparing to a brand new one.
Submitted by pcwizmtl on Thu, 01/29/2009 - 9:30am
I love all this info...
What are the Best
Submitted by Keith E. Whisman on Thu, 01/29/2009 - 1:27am
What are the Best AntiSpyware/AntiMalware and junk file removers that work in Windows Vista 64bit? I tried to install Adaware anniversary edition and it laughed at me. "You want to do what? LOL.."
What free programs out there specifically work with Vista 64bit?
Thanks..
Submitted by B.A.Frayd on Sun, 03/01/2009 - 6:02pm
Malwarebytes works well, as does CCleaner. I use both on my 64 bit Vista machine. AVG antivirus also works fine.
One other program that should have been mentioned in the article is SpywareBlaster. SpywareBlaster is different from the others because it actually prevents infections by blocking bad items before they can get into your system.
To remove java and a lot of other cr*p....
Submitted by ghot on Thu, 01/29/2009 - 12:29am
.....google Jv16 Powertools the last free version (for XP users, that is).....its one of the best registry cleaners made and can remove Java easily, as wel as many other hidden installed apps. For Vistsa....you'll need JV16 Power Tools 2008. Another great program is Glary Utilities (just google it)...Glary has all the Windows tools in one easy to find location, a track eraser, a mild registry cleaner and a startup program listing, with check boxes for easy remove or replace. It also installs a "wipe with Glary Utilities" option to any right click menu, and lastly has an uninstaller also.
JV16 Power Tools is like glary Utilities on crack! If its on your comp it shows in JV16. Not only will JV16 allow you to remove it, but it will also allow you to remove all associated entries. Further it has a great registry FINDER....just type in the box what items you want to find and run it. Nothing is removed by JV16 w/o your allowing it. It too has a startup program list and is the most powerful registry cleaner I've ever used....and I've tried them all.
....I'm sure everyone that knows about this site also knows about Unlocker.....it installs an option to any right click menu also and allows you to delete files even when they can't normally be deleted because they are in use.
I also use and recommend all of the programs mentioned in the article...I have used them for years and never had an issue with any of them.
But a day w/o JV16 Power Tools is like a day w/o.....Maximum PC :)
Take efficiency, and edit out all the intelligence and what you have left is a post-XP Microsoft operating system :)
Must Read Articles
Feature
Review
Feature
Feature
Feature
Most Popular Articles
This Month's Issue
FEATURE Build a Crazy-Fast $647 PCFEATURE Six Single-Band 802.11n Routers ReviewedHOW TOTweak BitTorrent and FirefoxFEATUREClose Look at ClarkdaleWHITE PAPERLCD Panel Technology
Technology News
Computer Cooling Fans
Computer Cases
PC Game Controllers
PC Games
Computer Hardware
Headphones
MP3 Players
Stream Video
Computer Mouse
Monitors
Motherboards
NAS Storage
Networking
Laptop Computers
DVD Burner
Digital Cameras
Portable Storage
Computer Accessories
Smartphone
Antivirus Software
Sound Cards
Speakers
Computer Systems
Thumb Drives
Video Cameras
Video Card Reviews
Water Cooling
Gadgets
- Keyboards
© 2010 Future US, Inc. All rights reserved.
