Malware: types, protection, prevention, detection and removal

This article provides important information about the types, symptoms, protection, prevention, detection, and removal of malware (computer virus, ransomware, spyware, adware, rootkits, trojan horse, worms, etc.).

This article is the result of several well-known sources.

What is malware?

Malware short for malicious software is software that is specifically designed to damage or disrupt a system, steal information (spy on you), or destroy data. (1)

Malware is a broad term used to describe many different types of malicious programs.

Malware types

Common Malware types are:

Malware symptoms (signs)

Some Malware symptoms (signs)(11) are:

Malware protection tips

The BEST malware protection is YOU.

Look:

You can have the best malware protection on your computer, but even the best anti-malware (antivirus) software can fail to detect new malware. (12)

Malware threats have grown significantly in the past decade. These threats grow so fast, that antivirus programs take too long to catch up with malware (even the best programs). (13)

Therefore, the best protection is yourself.

You might be wondering:

What does he exactly mean?

Well, if you do any of the following:

Then there's a big chance that your computer will get infected with malware.

There's no better malware protection than yourself, so pay attention to everything you do, online and offline.

And now:

Antivirus software (free and paid)

You should always use antivirus software on your computer – even when antivirus programs can't protect you 100% against all malware.

But:

It's better to have some protection than no protection at all.

And:

Good antivirus software can protect you against most known malware.

You should always install and use only one (1) antivirus program on your computer.

Using multiple antivirus programs on a PC is a very bad idea! (14) Why?

There are so many free and paid antivirus programs out there that it's difficult to choose one.

The free antivirus programs I recommend are:

If you need more functions (e.g., multi-layer ransomware protection) and settings, then you can try a paid antivirus program.

Most antivirus companies offer the option to download and try their paid antivirus programs for free for 30 days.

The paid antivirus programs I recommend are:

Free second opinion malware scanners

It's also recommended to use second opinion malware scanners to get more complete detection coverage, because some programs may detect malware that others might miss.

The free virus (malware) scanners I recommend are:

If you think that your PC has a virus (malware) infection, then you can also try the following free virus (malware) scanners:

You can use these virus (malware) scanners alongside your current antivirus software.

You can use these scanners to scan your PC periodically (e.g., once a week) or when you think your PC is infected with a virus or another type of malware.

Malware prevention tips

You can prevent malware by following these tips:

trick to install malware on your computer

Malware detection and removal

I will show you step by step how to detect and remove (get rid of) malware from your infected PC in a few different ways using free second opinion malware scanners (malware removal tools).

The good thing about second opinion malware scanners is, that you can use them alongside your current antivirus software.

Important tips!

  1. Create a system restore point. If something goes wrong you can restore the mistake with a system restore point.
  2. Always scan your PC with multiple second opinion malware scanners to get more complete detection coverage, because some programs may detect malware that others might miss.
  3. Always double-check the results of each scan and make sure that nothing important is selected for removal. Even malware scanners can make mistakes and sometimes see something harmless as a threat.
  4. If you are having problems installing and/or opening second opinion malware scanners, then start Windows in “Safe Mode with Networking” and try again. How to start Microsoft Windows in “Safe Mode with Networking” (link opens in a new tab).

Recommended solution

If your computer is infected with malware (computer virus, spyware, rootkit, trojan horse, worm, etc.), and you want to be 100% sure that your system will be clean, then the best solution is to back up any data you might have and reinstall Windows or restore a system image backup that's 100% clean.

Why?

Well, if your antivirus (antimalware) software detected malware, then you will never know for sure if that's the only piece of malware that has infected your system.

Malware can nestle itself deeper into your system and hide so that it can't be discovered by your security software and it can also open doors to other malware.

And:

You also may end up with a damaged Windows installation.

Considering time and effort, sometimes it's better to wipe everything and start all over again. But, if you wanted to do that, you probably wouldn't be reading this article, so, follow the steps below.

With the following steps, I assume that you have access to your system or at least can boot into “Safe Mode with Networking”.

But:

If you cannot access your computer then I recommend Kaspersky Rescue Disk (located in the “Free Tools” section).

Once you have the ISO file you can install it on a USB flash drive with the help of a free tool called Rufus and then you can boot from the USB drive and use the rescue disk.

Let's continue with the next step.

Step 1: Find out if your files are affected by Ransomware

If you cannot open some files on your computer or you see files with missing or weird file extensions (e.g., .cry, .crypto, .locked, .kraken, etc.), your system is probably infected by Ransomware.

If your system is infected by Ransomware, the first thing you should do is to check if your files can be decrypted.

But to do this, you first need to find out which Ransomware has infected your PC.

To find out which Ransomware has infected your PC, look at the ransom note, or look at any messages on the screen or look at the encrypted files and the extension they have.

If you cannot find out which Ransomware infected your PC you can visit ID Ransomware by MalwareHunterTeam and upload the ransom note or an encrypted file.

You can also visit a cybersecurity forum like BleepingComputer.

On this forum, you can find a lot of malware analysts that you can talk to.

You can post something in the forums and upload one of your encrypted files.

They might be able to tell you whether or not you can decrypt your files.

You can also download the Bitdefender Ransomware Recognition Tool to find out which ransomware has encrypted your data and then get the appropriate decryption tool if it exists.

You can visit NoMoreRansom.org or the free ransomware decryptors page on Kaspersky.com and check if they have a decryptor tool for the ransomware that infected your PC.

Step 2: Make a backup of your files

If your files were not affected by ransomware or you were able to decrypt your files, then you should make a backup of your files.

You can use a free backup program like AOMEI Backupper Standard or copy your files to a USB flash drive or external hard drive.

Step 3: Disable startup programs in Windows

1. Open Windows Task Manager.

Three ways to open Task Manager:

2. Click on the Startup tab.

Note: if you don't see the Startup tab then click on More details located at the bottom left of the Taskmanager window.

3. Disable everything that you see here, including your antivirus software.

To do this, right-click on the program and then click on Disable.

Disable startup programs in Windows

Step 4: Disable services in Windows

1. Open Windows System Configuration.

Three ways to open System Configuration:

2. Click on the Services tab.

3. Check (select) the Hide all Microsoft services option located below the list.

4. Click on the Disable all button.

Disable services in Windows

5. Click on the Apply button.

6. Click on OK.

7. Click on Restart to restart your computer.

Step 5: Scan your computer with malware scanners

You can use malware scanners to scan your computer for malware, and hopefully, also remove malware.

Malware scanners can run alongside your antivirus without any problems.

The free malware scanners I recommend are:

These malware scanners work pretty much the same way. You download them, open them, and then click a button to start a scan.

Make sure you double-check the scan results, in case they found something harmless, and uncheck everything that's harmless before you click to continue the removal process.

Hopefully, you learned enough about malware to keep your PC clean and secure. If you want to learn more about computer and Internet security (cybersecurity), then you can visit .


Maybe you're also interested in:

Important computer and internet security tips

Computer virus: Types, symptoms, protection, and removal

Windows 10 security tips and is Windows Defender good enough?


References:

Wikipedia: Malware

Webopedia: Spyware

Wikipedia: Adware

TechTarget: Rootkit

Kaspersky: Trojan Horse

Norton: Worm

Kaspersky: Computer viruses vs worms

TrendMicro: Ransomware

Webopedia: Keylogger

Norton: Botnet

HeimdalSecurity: Warning signs that your computer is malware-infected

LastLineLabs: Antivirus isn't dead, it just can't keep up

GCN: Is antivirus now useless?

Kaspersky: Why using multiple antivirus programs is a bad idea

Microsoft: SMBv1 is not installed by default in Windows 10 Fall Creators Update and Windows Server, version 1709 and later versions

TheWindowsClub: Why and how to disable SMB1 on Windows 10/8/7

Webopedia: Cryptomining malware

YouTube: How to clean an infected computer