10 Free, Must-Have Windows Security Downloads

10 Free, Must-Have Windows Security Downloads
Graphic: Diego Aguirre
To use an Internet-connected computer is to be insecure and place your privacy in danger. Spyware, viruses, Trojans and assorted malware are everywhere on the Net, trying to hop onto your PC and cause damage. Snoopers want to get at your personal information for nefarious purposes, such as identity theft.

Operating systems of all kinds are under assault, but the prime target is Windows, because the vast majority of PCs worldwide use that operating system. If you use Windows, hackers have you in their cross hairs.

Luckily, there's plenty of free software for Windows that can help protect your privacy and security. I'm not talking about anemic, underpowered applications. I'm talking about industrial-strength tools that can do everything that expensive security software does.

With all the free stuff out there, which software should you choose? I've selected 10 of my favorite programs that can protect your privacy and security. Download and install them, and you'll be far safer against all the nastiness out there.

Secunia Personal Software Inspector

Some of the biggest security holes in your PC aren't directly related to Windows — instead, they're in the applications you run. As often as not, that's how hackers and crackers can get into your PC. For example, in the recent "Pwn to Own" hacker challenge, it was application vulnerabilities, not Windows Vista itself, that allowed hackers to crack Vista.

The best way to protect yourself from this problem is to keep your applications updated with vendor-issued patches. But you don't want to spend your life cruising the Web, looking for updates for every app you use.

Instead, get this freebie that does it for you. As a security vendor, Secunia keeps track of software vulnerabilities and available patches. The company's Personal Software Inspector (PSI) scans your PC, downloads a current vulnerabilities file, and alerts you to any software on your machine that is missing security patches. It also warns you if any software is out of date and no longer supported by the vendor. Out-of-date software no longer gets security patches, and so may be more vulnerable to hackers.

When you get a list of insecure software, you can get more details about each piece of software, open the folder where the software resides, or download a patch. Click the + sign next to the software, and you'll get even more details about it, often including links to any tools for uninstalling the software. You also have the choice of having Secunia constantly monitor your software use and notify you when patches are available.

Secunia says that some programs require tedious or confusing patching procedures, so by default it starts in a mode that shows you only "easy-to-patch" programs. It's a much better bet to have Personal Software Inspector tell you about all applications that need patches, not just ones that are easy to patch. To make the change, select Settings and uncheck the box next to "Show only 'Easy-to-Patch' programs."

Note that Secunia PSI is free for home use, but requires payment for business use.

SendShield (beta)

Microsoft Office documents often include data that can compromise your privacy or that you don't want others to see, such as hidden text or cells, document revision history, names of document authors and reviewers, and so on. When you send someone a document, they can easily see that information by viewing the version history and the document's properties, and in other ways.

It can be time-consuming and impractical to remember to review every document you send out via e-mail to make sure it doesn't contain privacy-compromising information. Instead, get Unedged Software's SendShield.

Whenever you send PowerPoint, Excel or Word documents via Outlook, it examines them to see if they have any of private information. It then details what it finds and lets you remove the information with a single click. It deletes the information only from the copy of the file you send via e-mail, not the original on your hard disk.

You can also have the documents turned into PDFs and sent that way instead of as Office documents.

SendShield is in beta, and for now is free. However, when it gets out of beta, there is a chance that it will become for-pay software. (The company provided no details on timing or pricing.)

Avast Antivirus

Many for-pay antivirus programs, such as Symantec's Norton AntiVirus, are system hogs, taking up far too much RAM and system resources, which slows down your PC unnecessarily. Not only that, but you have to pay an annual fee for using them.

There's a better way: Get the Avast Antivirus software from ALWIL Software. It's lightweight and takes up barely any RAM or system resources, it's simple to use, and it'll do everything you need by providing live, resident protection as well as scanning.

The software uses a shield metaphor for its multiple types of protection. There's an antivirus shield, one that protects against Web-based threats, another for e-mail protection and so on. You can customize the sensitivity of each shield.

Avast includes automated updates of virus definitions. The independent testing site AV-comparatives.org rates its effectiveness as Advanced+, the top level. I've been using the program for well over a year and a half, and it's caught every threat that's come my way.

Note that Avast is free for home use, but requires payment for business use.

HijackThis

Everybody should be using spyware-detection tools such as Lavasoft Ad-Aware or Spybot Search & Destroy — preferably both. But some malware is so nasty that it escapes detection from any spyware scanners — and can't be removed by them, either.

So what can you do if your PC is acting strange and you suspect that you've been victimized by malware? Try downloading and using Trend Micro's HijackThis, and with the help of experts, you may be able to track down the source of the problem and then fix it.

The program examines your settings and the Windows registry, particularly those sections that are most likely to be vulnerable, and then saves all those settings in a log file. Those settings are the key to finding out if you've been infected. Experts can analyze the log, and from what they find, determine whether there's a spyware infection.

Where do you find the experts? The program lets you upload your log file to the HijackThis Web site, where others will examine it, let you know if there are any likely infections and tell you how to rid yourself of them. There are plenty of other discussion areas on the Internet that will do the same; a Google search will turn up plenty of them.

The software will also delete suspicious items, and it includes other useful tools, such as one that will generate a log of all programs that run on start-up. Keep in mind that if you're not an expert, you shouldn't try to use this program on your own. Think of it as a last resort when standard anti-malware tools fail.

SpywareBlaster

Of course, the best way to protect yourself against spyware is to make sure that it doesn't install in the first place. That's where SpywareBlaster from Javacool Software comes in. It stops the installation of ActiveX-based spyware, browser hijackers and other malware, and can also block spyware cookies.

It includes extras as well, such as disabling Flash running in Internet Explorer. And it also lets you create a system snapshot, so that if at some later point you get infected with spyware, you can always revert to a clean system.

Note that if you don't use Internet Explorer, there's no need to install this software, because Firefox, Opera and Safari don't use ActiveX.

F-Secure BlackLight Rootkit Eliminator

Rootkits are the most nefarious of all malware, giving hackers access to your entire PC without your knowledge. They use special techniques to hide themselves from many antivirus and anti-malware programs, which makes detecting and killing them exceedingly difficult. Because of that, just using antivirus software isn't enough. Instead, you need a specialized rootkit detector and killer.

That's exactly what F-Secure's BlackLight Rootkit Eliminator does. It scans your PC for hidden processes, folders and files, then reports on what it finds. If your PC is clean, it will tell you so. If it finds anything hidden, it tells you that as well and lets you clean it up. Double-click any entry, and you'll get more information about it, such as the file location, a description and company information.

To kill a rootkit you've discovered, you have a choice of renaming or deleting the file using BlackLight's built-in tools. It's a good idea to first rename suspicious files, which gives them a .ren extension and prevents them from executing. Next, do a Google search for the file names to see whether they really are malware. Rootkits often hide legitimate files and processes, such as Explorer.exe, so make sure not to get rid of any legitimate ones. If you confirm that files are malware, then delete them.

Warning: Only very experienced users should attempt to clean their PC with this software, because if you rename or delete valid files, you can cause serious problems. If you're at all unsure about what you're doing, you might want to try a different free anti-rootkit tool called RootAlyzer, from the same folks who bring you Spybot Search & Destroy. It checks your PC for rootkits but doesn't offer tools for deleting them. (Note that RootAlyzer is still in the preview stage.)

NoScript

JavaScript, Java, plug-ins and other code found on Web pages can do serious damage to your PC. They can deliver interactivity and other useful features, but they can also be used to wreak a great deal of havoc. To keep yourself safe on unfamiliar Web sites, you'll want to turn them off, but doing so means that you'll lose some of the nifty features on some of your favorite Web sites.

The answer? A great Firefox extension called NoScript, which not only blocks scripts, plug-ins and various types of code, but also protects against cross-site scripting attacks. It lets you block scripts, plug-ins, and code on a site-by-site basis. You can control it to an exceptional degree, including whether to block scripts on sites on a one-time basis or permanently.

Comodo Firewall Pro

The firewall that ships with Windows XP or Vista simply isn't good enough to keep you safe — you need better protection. There are plenty of free firewalls out there, but my favorite is Comodo Firewall Pro, which provides top-notch protection from both inbound and outbound threats. It offers other types of protection as well, including what it calls Defense+, which keeps you safe in several ways, including locking down certain files and folders so that they can't be altered.

Note that this firewall is more aggressive than many in asking whether you should allow connections. So when you first run it, expect to see a good many pop-ups asking whether you want to let through a particular application.

To help cut down on the pop-ups, run its Clean PC mode, which lets you scan your PC for applications and then register them as safe so that you're not inundated with quite so many pop-ups. In addition, there's an "install mode" that disables certain types of pop-ups for 15 minutes, allowing you to easily install new software.

Another very good free firewall is Online Armor. Computerworld editor in chief Scot Finnie prefers its paid version to any other firewall. The free version is excellent as well, with one shortcoming: To install a new version, you first have to uninstall the old version, then install the new one.

McAfee SiteAdvisor

The Web is filled with sites that harbor adware, spyware or worse. It can be almost impossible to know ahead of time whether you've visiting such a site. Making matters worse is that many of these sites also have legitimate information and software for download.

McAfee SiteAdvisor is a great way to make sure you steer away from those sites. When you do a search in Google or Yahoo, it places a small icon to the right of each search result, indicating whether the site is safe, questionable or known to be harmful. A red X indicates danger, a green check indicates the site is safe, and a yellow exclamation mark indicates that it's questionable. If McAfee hasn't assessed a particular site, it displays a question mark.

Move your mouse over the icon, and you'll get a pop-up with details about the dangers, including whether it has dangerous downloads, whether it links to other dangerous sites, and whether it will send spam if you register at the site.

Click More Info from the pop-up, and you'll get much more information, including a list of the dangerous downloads and malware or adware that infects it, what sites the site links to and more. It even tells you the site's "annoyances," such as what third-party cookies it installs.

The SiteAdvisor software works even when you don't do a search. As you browse the Web, a small icon sits at the bottom of the screen and tells you whether the site is dangerous or not. Click it to get more information.

CCleaner

CCleaner does double duty: Not only does it help protect your privacy, but it also keeps your system clean and running well. To protect your privacy, it removes traces of your Internet history, such as your temporary Internet files, browsing history, autocomplete form history, and cookies. In addition, it cleans Windows' Recent History list.

It's great at cleaning your system as well. CCleaner gets rid of many different kinds of unneeded files, such as temporary files, Windows log files, chkdsk file fragments and a lot more. It can also check your Registry and clean it of bad or broken entries and help you stop programs from running on start-up.

For anyone who wants to keep their browsing life private — and keep their system clean and running smoothly — this is a must-have download.

What's your favorite free Windows security software? Let us know in the article comments.

Subscribe to the Security Watch Newsletter

Comments