Free virus and trojan protection for PCs

With all the PC viruses and trojans that were going around in April, I started trying out a few free programs to keep my PC safe from infection. I had heard from some people who got infections on work computers running Symantec and lots of firewalls and all that other juicy protection most home users can’t afford. I discussed this with some IT people I know, and the general consensus was: there’s no such thing as 100% protected. The hackers just never stop trying to outwit the anti-virus people. It’s actually amazing the anti-virus software does as well as it does.

(This article updated August 31, 2009.)

Good practices

It may seem like I’m putting last things first, but before we talk about software to protect your PC, you should know that if you get infected, the very best thing to do is reformat your computer. People treat this as a last resort desperate measure, but this recent round of trojans was so difficult to remove that more than a few users decided they just wouldn’t feel safe until reformatting. Virus removal programs were reporting that the PCs were clean, but they kept getting Google searches redirected or other weird things that meant the viruses were still there, hiding from the software. Reformatting is the only absolute guarantee your machine is currently clean.

So take steps to make sure you can reformat in a hurry if worse comes to worst:

• Do regular backups, especially of files that change a lot. There are many ways to do this for free – MakeUseOf covers several in this article, and I concur with them on Comodo Backup, my current choice. (In fact, you’re going to be hearing a lot about Comodo’s free tools throughout this article.) These systems are set up to work with CDs, flash drives or external hard drives which are not free, but there are online places where you can store for free. Do a web search for “free online backup.”
• Keep your various installation discs together so you’re ready to grab them and start reinstalling stuff as needed.
• Install less stuff to make this task less cumbersome. I actually like to reformat my computer once a year, virus or no, because it runs faster with a clean start. So when I can use a web application instead of installing software, I do. I keep many of my pictures, videos and documents on CDs and external hard drives and just access them as needed.

Good surfing and file opening practices are important, but not always enough. You’ve probably already heard rules like don’t open emails from people you don’t know and don’t visit gambling or porn sites. This is not bad advice, but it’s not enough either. Many Trojans are able to get into your friend’s email and email themselves to you and everyone else in your friend’s address book, so an email that appears to be from a friend could have something malicious attached. And while gambling and porn sites are known for downloading baddies onto your computer, as we saw in this latest round the hackers found a way to redirect perfectly innocent sites to their skeazy sites, and unless your anti-virus applications blocked it from happening, you got infected.

The “best program” is always changing. Every year when the people who test these programs for us release their results, the top names have shifted around. There is no single “best” anti-virus or firewall. And what’s good today may be halfway to useless tomorrow (ZoneAlarm, for example, has slipped bigtime in the last few years, and AVG Free goes back and forth in ratings). Also, one program may slow down your PC but not someone else’s, because of what programs you run on yours.

Types of security applications

There are several types of software that protect your computer from infection, but the primary are the firewall and anti-virus programs. Sometimes these products are bundled together, and you want to make very sure you understand what you’re using because you never run two firewalls or two anti-virus programs at once. They’ll detect each other and get confused and then you end up less protected than you thought.

• Firewall. The firewall is your first line of defense. It’s supposed to detect, for example, a trojan included in an application you just downloaded, or an email attachment. It also notifies you if a program is altering a registry key. Firewalls can be confusing to new users, but I’ll try to de-mystify them in a minute.
• Anti-Virus. The AV is supposed to catch whatever the firewall missed – or whatever you may have allowed through the firewall, not realizing what it was. Many AVs also include scanning of online sites and incoming email to protect you from drive by virus downloads. It’s essential to get an anti-virus program that includes real-time virus protection. If you rely on daily scans, you’re giving something up to 24 hours to do its thing in your PC before catching it. Another consideration with AVs is finding one that doesn’t slow down your system.
• Other scanners. There are also some scanners that sit on your computer looking for viruses in slightly different ways from the firewall or anti-virus.

Firewalls

Windows comes with its own firewall, which is certainly better than nothing. But one of the highest-rated firewalls (see the Cnet review) is actually free: Comodo (don’t worry that it’s a bundled firewall and AV – you can activate just one or the other). I’ve been using it for a few weeks now, and I’m very pleased with it. The documentation is thorough and easy to understand. On every setting, they recommend one and explain why, so if you’re completely lost you can just go with the recommended setting.

What this firewall does – like Windows, only more often – is pop up a window and ask you if something happening on your computer is a good thing or not. You choose whether to allow that thing to happen. With some firewalls, this is a very confusing process – how do I know if the application I’m installing should touch that registry key? Well, Comodo gives you some help there. It offers a threat assessment based on how many users have blocked or allowed whatever’s happening now. If it can’t provide a threat assessment, it explains as best it can what the file is trying to do on your machine.

Anti-Virus

Comodo’s Firewall is bundled with its Anti-Virus, which I’m currently using and also really liking. But many users will use just the Comodo firewall and another anti-virus with it because Comodo’s anti-virus is fairly new and therefore less tested than other brands.

The top free anti-virus choices are Avira and Avast. I’ve used Avast before, and am debating going back to it (Comodo’s scanner recently choked on a few files, freezing my system in a big way). Avira has some very dedicated fans. I’ve avoided it in the past because the free version seemed to lack a lot of features Avast (and Comodo) did have (see the chart at the link above) – in particular, an email scanner. But Cnet highly recommends it, and they’re in a better position to tell what really works (who wants to test an AV on the home PC? Not me!).

Avast handles pretty much every task you’d want, plus it has this neat scanner that you can set to work while you’re booting up – that’s the very best time to catch trojans in action, before they’ve disabled your detection software.

Other stuff

There are a few scanners you can use in addition to your anti-virus and firewall for extra security. They basically scan and look for things the AV and firewall have missed or might be about to miss.

• BOClean is a free alternative to Malwarebytes Pro. It catches the baddie as it’s about to load into the memory – that is, just before it’s done its thing. Anti-virus software often only catches stuff as its doing its thing, so BOClean adds an extra layer of protection, and on my system at least, there’s no slowdown at all. BOClean was bought by Comodo a few years ago, and is soon to be bundled with their anti-virus and firewall program. BOClean is no longer standalone – its functions are built into Comodo’s anti-virus/firewall program. Since I’m satisfied with Comodo’s real-time scanning, I haven’t paid for Malwarebytes (the paid version is real time, whereas the trial version you have to run manually), so I don’t know if they play well together. But I do keep the free version of Malwarebytes and run it whenever the computer does something weird, just to be safe.
• Threatfire is highly rated for finding baddies based on their behavior. That means that even if its programmers aren’t aware of a brand new virus, it might catch the virus just based on what the file is trying to do. It’s also designed to carefully work with your AV and firewall instead of conflicting with them. You could also use this alongside BOClean.

There are tons of other free applications out there – I recommend BleepingComputer for more information. While most of the users there are not experts, a lot of them can tell you what they’ve been using successfully. You’ll find good advice about programs that work well together and others that don’t, and you can always ask your own questions there, too.

Subscribe to Bohemian Revolution!
Email Post | Print This
Posted in Featured Articles, Technology on May 4, 2009