What Is Malware?
Malware protection solutions come in all sizes. Despite the word “virus” in the name, an antivirus utility aims to protect against all types of malware. Full-scale security suites expand protection to include spam filtering, parental control, vpn protection, and more. Some antimalware tools work alongside your main protection to provide added security against specific threats, such as ransomware. Before we explore the different types of protection available, let’s look at what they’re up against.
The term malware is short for malicious software, and it refers to absolutely any program or process whose purpose is harmful, even criminal. The earliest widely known form of malware was the computer virus, the name for a program that infects other programs with its code and replicates when the infected program runs. Many early viruses had no malicious payload; they just served to show off the coder’s skills or even to give a shout-out to a loved one. Because viruses were first, we still use the name antivirus for software that protects against all kinds of malware.
A virus spreads when someone launches the infected program. A worm spreads without any help. Worms have been around longer than the internet, with the first one, Creeper, hitting Arpanet in 1971. The infamous Morris Worm, released in 1988, was nominally intended to measure the extent of the nascent internet. However, due to a coding error, it crashed thousands of servers and earned its creator a felony conviction.
Modern malware coders are way beyond the “look at me!” attitude of those early virus writers. They’re in it for the money—period—and there’s not a lot of money in viruses and worms. Trojan horse programs can be more lucrative. This sort of malware appears as, and may even be, a useful program of some kind, but once you let it inside the walls of your computer, it turns loose a crew of nasties. They may send your personal and financial data to malware HQ, install additional programs to earn per-installation cash or do anything else the coders can think of to monetize their control of your computer.
Trojans that transmit your private information are one kind of spyware. Other types of spyware focus on tracking your web-browsing habits, or the way you use your computer. Keylogger spyware tools record the keystrokes you type, hoping to hit pay dirt by capturing your passwords. Some anti-malware tools include components specifically devoted to spyware protection.
Another common threat is what’s called a bot. Typically, the bot owner uses spam or drive-by downloads to infect many computers and then sells the services of this herd of bots. Customers can contract with the bot-herder for tasks including bitcoin mining, distributing spam, or participating in a distributed denial of service attack.
The current alpha predator of money-making malware, though, is ransomware—specifically, encrypting ransomware. If this kind of attack hits your computer, you’ll find all your essential files have been encrypted. The perpetrator of the attack will gladly decrypt them for you—if you pay the ransom. Worst of all, even if you manage to remove the ransomware itself, your files remain encrypted. It’s a nightmare!
How to Get Rid of Adware and Other PUAs
Most malware-fighting tools also handle the removal of potentially unwanted applications—PUAs for short. In many cases, you must choose whether to remove these. They’re not specifically malicious, but they may well be unwanted.
For example, you may have installed an ad-supported free utility without realizing just how invasive its advertisements would be. Or you may have clicked through screen after screen during one program’s installation, without realizing that by doing so you agreed to install a boatload of other programs. And it’s not uncommon for these programs to resist uninstallation. Companies like AppEsteem aim to eliminate these deceptive bundling practices, but if you’ve already been hit, you need some help to clean up the mess.
Is Microsoft’s Malware Removal Tool Good?
You need at least a basic level of protection for all your devices, and that means an antivirus utility. As noted, despite the name, these protective utilities do a lot more than fight viruses. They target every kind of malware, and some of them do a great job.
But, you may ask, doesn’t Windows 11 have antivirus built right in? It’s true that Microsoft Defender is built into Windows, and it gained more responsibilities with the updates of the last few years. If you have no other antivirus, Microsoft Defender turns on automatically. If you install a third-party antivirus, it goes dormant. Microsoft Defender has been getting better scores from the independent labs and in our own tests, but the best third-party antivirus apps, both free and premium, score way higher.
If you’re paying attention during Windows Update, you may have noticed the Malicious Software Removal Tool (MSRT) in passing. It sounds powerful, but its focus is actually quite limited. Each update to the MSRT checks for and removes specific malicious programs Microsoft has identified as currently prevalent. It isn’t by any means a full-scale antivirus or malware scanner.
The MSRT also sends telemetry back to Microsoft when it encounters a malicious or suspicious program. However, it doesn’t send any personal information.
Is There a Truly Free Malware Removal Tool?
Even though Microsoft Defender isn’t the best, you may be reluctant to pay for antivirus protection, given you can get it for free. As it turns out, quite a few companies offer free antivirus solutions, and some of them are quite good.
Most purveyors of free antivirus protection also offer a premium, paid edition. In some cases, the premium edition includes features not available for free or offers VIP tech support. Others make the full range of features free for consumers but require payment for business-related use. The best of these free antivirus utilities outperform all but the top for-pay competitors.
Avast One Essential is an unusual case. It’s a free security suite with support for Windows, macOS, Android, and iOS. It doesn’t include all the features of the commercial Avast One, but it does quite a bit without requiring any payment.
What Are the Types of Malware Detection?
You can launch a full antivirus scan of your computer at will to root out any preexisting malware problems. Most also let you schedule a regular scan. But the first line of defense is on-access scanning. For some antivirus utilities, the minuscule access that occurs when Windows Explorer displays a file’s details is sufficient to trigger a scan. Others wait until the file gets copied to disk or until just before it executes. The main point is that your antivirus makes sure no new malware can infest the computer.
But how does it know? How does it tell if a program is malicious? The easiest method involves what’s called a signature—a kind of fingerprint that identifies known malicious files. Early antivirus tools simply checked the numeric hash of entire programs against a blacklist. Malware coders responded by making threats polymorphic, so every victim received a slightly different file. And antivirus researchers, in turn, responded by making signatures more generic so that all variations on a particular malware strain would still fit the profile. Generative AI tools like ChatGPT can reframe a program’s code to change everything but its effect. They can even translate the code to a different programming language, creating a completely different malware version.
Is there any end to the cat-and-mouse game between malware coders and antivirus researchers? Yes, quite possibly there is. The definition of malware is software that performs some type of malicious action. Behavior-based detection systems don’t check programs against a list of known offenders. Instead, they watch all unknown programs for malicious behaviors. This kind of detection works against any malware attack, even a brand-new zero-day exploit.
The Best Emergency Malware Removal
There’s always the chance your antivirus might miss a very new, very virulent malware strain. You also may run into trouble when you try to install antivirus protection because the malware already entrenched on your computer fights back. In either of those cases, you can call on the many free cleanup-only tools.
Malwarebytes Anti-Malware is our current favorite in this realm. We’ve seen tech support agents for other companies call on Malwarebytes to get rid of infestations that thwarted their own antivirus. It’s not the only choice, though. Norton, Sophos, and Emsisoft are among the others that offer similar free malware cleaners.
Most security companies also offer a free rescue disk, typically in the form of an ISO file you burn to a CD. Windows-based malware only works when Windows is running, after all. Booting from the rescue disk puts you in a different operating environment, typically a Linux variant, with a malware scanner built in. You may find the rescue scanner awkward and unfamiliar compared to its slick, Windows-based cousin, but if it does the job, you can ignore its lack of polish.
What Do You Need Beyond Malware Protection?
Antivirus is one kind of security for your computer, but there are many other possibilities. A firewall fends off hack attacks from outside and prevents programs from abusing your network connection. If your email provider doesn’t filter out spam, a local spam filter utility can help. Parental control software steers kids away from inappropriate websites and keeps a lid on their screen time. Rather than choose all these components separately, with the risk they won’t play nice together, many users opt for a security suite that integrates a variety of security components. Of course, malware protection is at the core of every such suite.
There are many other ways security software can protect your computer and your privacy. Backup is, in a way, the ultimate security for your important files. Even if a piece of a deorbiting satellite smashes your computer to smithereens, you still have your backed-up files. Cleaning up exposed data on your system, stuff that could reveal your habits is another way to protect privacy. Password management helps you attain the goal of using a strong, unique password for every website. Most security companies offer a higher-level suite that adds many more security-related features. We call these feature-packed programs mega-suites to distinguish them from the basic, entry-level suites.
Protecting your privacy and security on your desktop or laptop computer is dandy, but what about your other devices? If your household teems with devices running Windows, Android, macOS, and iOS, you may want to consider a multi-device security suite. Protection for Windows and Android devices is the most important, as these are the big targets for malware attacks. Even macOS devices have suffered crippling attacks, though they’re not as common. And while iPhones and iPads are intrinsically safer, some security features, such as password management and URL filtering, are platform-independent.
You also need to think about protecting your data as it travels between your devices and the web. If you’ve connected to an unsecured Wi-Fi hotspot, another user (or the sneaky owner of the hotspot) could sift through your data stream. Using a Virtual private network, or VPN, protects your data in transit and has the added benefit of masking your IP address. More security companies are beginning to include a VPN component, though full access may require an additional subscription.
As noted earlier, an antivirus with protection only against computer viruses would be absurd. In general, a utility that only blocks viruses, adware, spyware, or any single malware type would be pointless. Ransomware, however, is another matter.
If your regular antivirus misses a brand-new Trojan and thereby lets some crook steal your credit card number, that’s bad. But you can get a new card, and an antivirus update (or a remote remediation session with tech support) should wipe out the Trojan. However, if the antivirus misses a ransomware attack, your files are hosed, and removing the ransomware won’t help. Because of that, we recommend a second line of protection against ransomware.
You may find your antivirus or security suite has some degree of ransomware-specific protection built in. Some apps simply ban unauthorized programs from making changes to files in certain protected folders. Want to edit a document with your word processor? No problem! But when ransomware comes knocking, it won’t get in. Others add a layer of behavior-based ransomware detection to catch anything that gets past the other malware protection layers.
What we find most interesting are the dedicated anti-ransomware tools starting to crop up. They work alongside your existing antivirus, with the sole aim of detecting the behavior of any ransomware that gets past other defensive layers. Alas, some of the free offerings in this realm have been withdrawn. Check Point ZoneAlarm Anti-Ransomware is our top pick for ransomware-specific protection.
What Is the Best Malware Removal Tool?
In this article, we’ve identified programs that will help keep malware off your computer. We made a point of including several program types from many security companies.
Clearly, these aren’t the only apps you should consider. We’ve reviewed dozens in different categories, and many of them are just as good as the ones mentioned here. This article links to collections of antivirus tools, security suites, and other types of malware protection. Follow those links, read the reviews, choose the one that suits you, and install it now.
Editors’ Note: Based on the increasing censure and criticism of Kaspersky by US government agencies, foreign agencies, and informed third parties, we can no longer recommend Kaspersky’s products. We continue to evaluate these products on their merits and report on them for those who wish to decide for themselves.