AntiSpyware and AntiMalware
Computer security is a multifaceted endeavor. Every computer needs a good antivirus program, a firewall, at some point a password manager, and at least a couple of anti-malware programs. When we say anti-malware, we mean anti-spyware, anti-adware, anti-rootkits, anti-hijackers, and all other manner of malicious programs. These hide in the background and chances are you'll never know they are there until you go looking for them or they affect computer performance. Protecting against them is no easy job, and programs that attempt this tend to adopt different strategies for achieving the same end, so two or three programs will do a better job than any single one.
There are literally hundreds of freeware programs that specifically or loosely fall into the categories covered on this page. It is not possible for us to download and test each of these, nor would we want to. Many are decent programs, but not quite up to the standards we are looking for. Others are programming projects, entry-level programs or not-yet-mature-developments not worthy of recommendation. Too many are unsupported, and some, quite frankly, are vehicles disguised as programs, designed to install packets of malware into your computer. However, with all that said, if you do not see a program you like listed below, it does not necessarily mean it is a bad or devious program. It simply means it did not meet the standards we set for inclusion.
Of the programs we selected, there are those that launch a frontal assault on the malware and those that approach the problem from completely different angles. All of the latter use different strategies from one another, so there really are choices. We have selected five of the latter for your consideration and listed them first. When you get to Ad-Aware, you are into the more traditional anti-malware programs.
Another strategy for avoiding scam sites and all kinds of objectionable or irrelevant sites is to preview the site before you actually open it. Interclue comes very close to doing this, displaying a text summary, graphics, and the sizes and dates of any linked files. You'll also see a snapshot of the actual Web page and get a lot of useful stats and metadata. You can also bookmark or e-mail links from the preview window.
Small icons appear when you mouse-over links to warn you about dead links, Malware, Phishing sites, etc. If the link is valid, you get the previously mentioned information. Interclue also displays inline clues on search result pages from Google, Yahoo and Bing, including keyword tags from Delicious and Search Refinements from Surf Canyon. All in all, it's a pretty amazing browser add-on. It comes with a short, two-minute tutorial to get you started.
Unfortunately, it is at this moment only available for Firefox browsers, but the developers say versions are on the way for Internet Explorer, Safari and Opera.
MJ Registry Watcher
MJ Registry Watcher is a simple registry, file and directory hooker/poller, that safeguards the most important startup files, registry keys and values, and other more exotic registry locations commonly attacked by trojans. It has very low resource usage, and is set to poll every 30 seconds by default, although you can adjust this over a wide range. Most changes to keys, files and directories are reported instantaneously.
If a trojan attempts to change your startup settings, MJ Registry Watcher will alert you and you can prevent any changes being made.
Systems: Windows 2000, XP, Vista
Trend Micro HijackThis
Trend Micro's HijackThis is a free utility for advanced computer users. It generates an in depth report of registry and file settings from a scan of your computer. The program makes no distinction between safe and unsafe settings but merely generates the scan results and allows you to decide which settings to remove.
In addition to this scan and remove capability, HijackThis comes with several tools useful in manually removing malware from a computer.
After running a scan, HijackThis will display a list of areas on your computer that might have been changed by spyware. If you are not an expert you should not do anything until you've received expert advice. Just save the HijackThis report. A large community of users participate in online forums where experts help interpret HijackThis scan results to clean up infected computers.
Systems: Windows 98, ME, 2000, XP, Vista
Web of Trust (WOT)
One way to prevent spyware, adware, key-loggers and other malware from infecting your computer is to avoid sites that are "unclean." Web of Trust (WOT) helps you avoid bad sites in two ways. First, it allows visitors to a site to "rate it in terms of safe computing, family viewing and other areas, but also allows one to write comments about the site. The ratings are displayed on most search engines if you have the WOT add-on, helping you to determine if you want to visit the site or avoid it. Results feature a green, yellow or red icon. Stay away from red sites.
You can also right-click any link to check itís rating. This works in e-mail, on link pages, on search engines listings, and anywhere links are available to your mouse. If you click on a link determined to be malicious, WOT will display a warning so you can avoid the site.
The WOT add-ons attach to your browser, so it's where it needs to be to be useful.
Systems: Internet Explorer, Firefox, Chrome
WinPatrol does a darned good job of doing what it does. You can inspect startup processes to disable malicious programs before they can establish their defenses, examine programs running in the background, and monitor browser toolbars and cookies for threatening activities. It periodically checks files for additions or alteration and alerts you if detected so you can remove them.
WinPatrol is good, but is not a definitive program and should be used in conjunction with more robust programs.
Systems: Version 18.1 (31 May 2010) supports 64-bit Windows
Ad-Aware Free Anti-Malware
Over 400 million users have trusted Ad-Aware over the years to detect and aid in the removal of Adware and certain forms of spyware. Now Lavasoft, the makers of Ad-Aware, have taken their free version to another level by adding multifaceted anti-malware support.
Ad-Aware Free Anti-Malware protects your computer from password stealers, keyloggers, hijackers, spyware, rootkits, trojans, online fraudsters, identity thieves and other potential cyber criminals. With one click, it also erases tracking cookies left behind while you surfed the Web on browsers such as Internet Explorer, Opera, and Firefox.
Ad-Aware Free Anti-Malware features Lavasoft's heuristic-based Genotype detection technology to provide real-time detection, protection, a rootkit removal system, e-mail scanning on Outlook, automatic updates, and more. It works on today's threats and detects emerging ones. By detecting deceptive application real time, Ad-Aware Free suspends suspicious files and blocks malicious processes to prevent their further integration into your system. Ad-Aware's Neutralizercombats malware that attempts to restore itself even after a system reboot with this advanced removal tool.
Ad-Aware Free lets you decide how to interact with Ad-Aware: Simple Mode allows you to "set and forget", whereas Advanced Mode will let you customize all the settings as you choose. You can easily create and save a personalized scan profile so only areas you select are scanned, automatically if configured to do so and with recommended actions for found infections. Finally, you can submit suspicious files to Lavasoft researchers for analysis with one easy click and automatically receive fast, continuous threat updates when released.
The jury is still out on how good an anti-malware solution Ad-Aware Free actually is, but it always has been a must-have program for adware control. Lavasoft has simply made it better than ever.
Systems: Windows 2000, XP, Vista and 7
avast! Free Antivirus
avast! Free Antivirus now includes an anti-spyware engine, real time anti-rootkit protection, avast's File System / Mail Shield, Web Shield, Network Shield, IM / P2P Shield, Behavior Shield, and Script Shield.
In independent tests, avast! scored very good at detecting viruses but slightly less at cleaning them up. It also scored very high at detecting spyware and malware, but slightly less at removing them. But the program has some impressive features. It checks programs running in memory each time it starts up and offers to run a boot-up scan if it detects malware running. The boot-up scan runs immediately, before Windows even loads, preventing rootkit techniques from working; most malware is removed before it can defend itself.
The program installs quickly and easily, but requires a reboot. It scans at three degrees of thoroughness, depending on your desire. These scans are typically faster than comparable programs and, as stated earlier, are very good at detection. While it may not be as thorough at cleanup as other programs, it does completely remove the malware executables but leaves behind registry and other trace debris. Once avast! removes active malware from the computer, it does an excellent job at preventing reinfection.
Systems: Windows 2000, XP, Vista and 7
The Cleaner 2011
MooSoft's The Cleaner is a high performance application that protects, prevents and recovers your computer from malicious software (malware) attacks, including: trojans, spyware, adware and other harmful programs. The Cleaner detects and removes malware that is often missed by anti-virus software. It delivers one of the quickest and most thorough scans on the market. It will scan your computer in under eight minutes making it an excellent addition to your computer's defenses. It has on-demand scanning for single drives, folders or files or it can scan the entire computer.
Version 220.127.116.1110 features DeepScan, a new technology to find unknown malware that is similar to other known malware. In this way new and emerging threats can be detected early. (Publisher's Description)
Systems: Windows 2000, 2003 Server, XP, Server 2008, Vista, 7
Emsisoft A-Squared Free
A-Squared Free is the little brother of Emsisoft's commercial Anti-Malware engine. A-Squared has been around a number of years and has a mixed reputation. Some say it lacks muscle while others rate it near the top of the freeware scanners. It does do a decent job of detecting and removing malware, including trojans, dialers, worms, spyware, and adware, but is manually initiated and not the fastest program in this class.
The Security Status page is the control panel, as it were, of the program. Here is where you select your language (20 choices), initiate scans, update the program, and access the program's knowledge base. The latter is quite useful if malware removal proves problematic.
The scanning options are the usual trio (here called Quick, Smart and Deep) and Custom. The Deep scan is quite thorough while the Quick is fast but hardly provides security surety. Since A-Squared is a malware detector and remover, not a live fire, real time malware blocker, doing anything but the Deep scan is a waste of time and electricity.
A-Squared does provide a no-frills anti-malware detection and removal solution. Emsisoft provides frequent updates, but the free program does not come with auto-update.
Systems: Windows XP, Vista
Malwarebytes Anti-Malware monitors every process and stops malicious processes before they even start. It is a surprisingly fast and effective anti-malware tool capable of scanning multiple physical and networked drives.
The program sports an array of context menu options. It can scan individual files or directories on demand, remove locked files, restore quarantined files, and download updates which are released daily. You can populate an ignore list for both the scanner and protection module and utilize some extra utilities to help remove malware manually.
Unfortunately, real-time protection and the scan and update scheduler are not supported in the free version. Even without them, Malwarebytes Anti-Malware is an effective malware remover that works together with other anti-malware utilities to provide broad and deep protection for your computer.
Systems: Windows NT, 2000, XP, Vista and 7
Microsoft Security Essentials
Seven years ago a rampant worm epidemic threatened to metaphorically push Redmond, Washington into the sea. Microsoft responded with Firewall, a competent, no frills program that stopped the vast majority of worm attacks. In 2009 Microsoft decided to upgrade its security image with Security Essentials, a four-pronged attack against viruses, trojans, spyware and malware that subsequently replaced Windows OneCare and will probably eventually replace Windows Defender. Again, Microsoft has fielded a competent, no frills package that will protect most computers from most things. As with their Firewall, if you want bells, whistles and the pig's grunt you will have to get them elsewhere.
Security Essentials allows you to run or schedule Quick, Full or Custom scans. You can preselect the actions to take against identified threats, create White Lists of trusted files or file types or processes, adjust the settings for real time protection, create restore points, scan archives, control accessibility to the History tab (where all Detect, Quarantine and Run items are cataloged), and more. The program will also install a menu option for on-the-fly scanning in Windows Explorer.
Critics say the scans are slower than industry averages, but if they detect and destroy the bad guys then that should be the essential consideration. They do. They also seem to speed up start-up, restart and shut-down operations by a couple of seconds.
This is a program for those of you who want to install basic, competent, constantly updated security and then forget about it. It has a simple, easily understood interface that will not overwhelm the average user as some gold-plated program interfaces might. But, if you like the look of a nuclear power plant control room interface and just love to tweak things ad nausea, Microsoft Security Essentials is not for you.
Systems: Windows XP (500 MHz+), Vista and 7 (both at 1 GHz+ and 1 GB+ RAM)
PC Tools ThreatFire
Computers are faced with emerging threats on a continuous basis. Signature based scanners can only detect what has already be found, analyzed and signature-defined. PC Tools ThreatFire is one of those programs that provides behavior-based protection to guard against new, unknown forms of malware traditional scanners might miss.
ThreatFire runs in the background, monitoring each program's activities. It quarantines known malware and alerts you about those it considers suspicious. Its user interface is both intuitive and well designed, making it easy to use. It is pre-configured for optimum effectiveness, but you can tweak it to your heart's desire.
ThreatFire is ideally suited to supplement antivirus and other security software to provide a layer of protection in an area often sparsely covered at best.
Systems: Windows 2000, 2003 Server, XP, Vista
PC Tools Spyware Doctor Starter Edition
Spyware Doctor SE is anti-spyware software that provides advanced technology designed especially for people, not just experts. It is automatically configured out of the box to give you optimal protection with limited interaction so all you need to do is install it for immediate and ongoing protection.
Protection against: spyware, adware, spyware trojans, keyloggers, identity theft, hijackers, tracking threats, spybots, rogue anti-spyware, unwanted software, phishing, pop-ups, and bad Web sites. Starter Edition is a free version of Spyware Doctor, with full scan and remove, basic real-time and no time limit. (Publisher's Description)
Systems: Windows 2000, XP and Vista
Spybot Search & Destroy
Spybot Search & Destroy has been around many years and has a very dedicated following. Old fans seem to love the Secure Shredder (destroys files), Hosts File (adware blocker) System Startup (inspects your startup routines for things that shouldn't be there), Resident TeaTimer (a process monitor, always running) and Immunizer (blocks inbound trouble) settings.
When people criticize the program, it usually is because it issues more false positives than most. Is it better to err on the side of caution? Perhaps. Spybot S&D will occasionally block a perfectly safe site the user has been visiting for years. The reason for this could be the Immunization setting or the download blocker in Spybot S&D. Whatever the cause, one can configure Spybot in the Internet Explorer Tools menu to require blocking confirmation and then choose "Allow" for the website in question.
Quirks aside, Spybot S&D is a pretty good program. True, one can find a more robust and reliable security suite, but it isn't all that bad. Besides, if you cut your teeth on Spybot S&D it could be hard to give it up.
Systems: Windows 95, 98, ME, NT, 2000, VP, 2003 server, Vista, 7, Linux Wine
SpywareBlaster is an effective anti-spyware tool. Unlike most anti-spyware programs, it does not scan the hard drive for spyware. Its strategy instead is to prevent modifications of your files and settings. For example, it can block browser toolbars from installing themselves.
SpywareBlaster can be used to prevent changes to Windows' hosts file. It also has a System Snapshot feature similar to Windows' System Restore. SpywareBlaster will report any changes to your system since the last snapshot.
SpywareBlaster does not have to remain running in the background to work, and is especially good at blocking active-X vulnerabilities.
Systems: Windows 98, ME, NT, 2000, XP, Vista, 7
Spyware Terminator is bundled with Clam AntiVirus and can be optionally integrated into spyware scans, updates and the real-time protection. Spyware Terminator scans for known spyware threats and delivers easy to interpret findings that include a rating and a classification to facilitate removal decisions. It will then remove all threats so chosen.
Spyware Terminator allow you to schedule spyware scans on a regular basis to ensure computer integrity. Scans can be scheduled daily or weekly at any time.
Users can download and install updates automatically after dictating how often updates are checked and how they are applied.
Finally, free email and forum support is included.
Systems: Spyware Scanner on Windows 32- and 64-bit systems; Real Time Protection on 32-bits only
Over 30 million users might just know something. SuperAntiSpyware has consistently polled as the best free anti-spyware product available (your mileage may vary). It doesn't do it all (no free program does), but it comes closer than do most. It detects and removes all varieties of adware and spyware, but it also removes dialers, hijackers, key-loggers, parasites, rootkits, rogue security programs, trojans, worms, and most other forms of malware. It examines and compares dozens of critical settings each time your system starts up and shuts down to ensure any anomaly is quickly corrected before threats can infect your system.
This is a fairly slim program for such a heavyweight performer. However, the free version cannot be set up for automatic scans even though it does run real time to blocks active attempts on your system.
Systems: Windows 98, 98SE, ME, 2000, 2003 Server, XP, Vista