(Mostly) Free Security Software- A Primer

4) On-Demand Anti-Malware Scanners

Fortunately there are many free anti-spyware/anti-adware/anti-trojan (collectively called "anti- malware") programs that can scan your PC, and remove malware. These free scanners do not provide resident (real-time) prevention of infection, and lack a few features (automatic scans and updates) but they detect and remove much that your resident AV and A/S programs may have missed.

Because they do not load at startup or run in real-time (unlike your AV or firewall), these scanners will not conflict with each other, so you can install as many as you like. And you should consider installing at least two, since no single scanner excels at detecting everything. Most of these programs are available in both free and paid versions; the free versions will generally require that you update them manually, usually on a daily basis.

Highly recommended free scanners with malware removal capability include:

1) Malwarebyte's Anti-Malware (MBAM) Free: One of the best scanners currently available. Updates are issued several times daily, and problems are promptly addressed and fixed, usually within hours.
- Tutorial on MBAM here.
2) SUPERAntiSpyware Free Edition. More info here.

Recommended Free Anti-Malware Scanners>Downloads: 1) MBAM Free 2) SUPERAntiSpyware Free

Be aware that every on-demand AV, anti-malware or anti-spyware scanner occasionally makes mistakes, and will detect/quarantine/delete normal files that are not malicious and may in fact be essential to the proper functioning of some of your programs, or indeed your operating system.

Believe me when I say you do not want to delete or even quarantine these so-called "false positive" detections. Automatically deleting or even quarantining these files might cripple a legitimate program, or even crash your PC.

If your system is running well, I would recommend you configure your on-demand scanners to neither delete nor quarantine anything detected. Investigate the detected object first:
What To Do When An On-Demand Security Scanner Finds Something



These are programs that do not load at startup, do not run in real-time, and consume no resources. They basically work by making changes to your registry that block malware. They are not scanners, but generally do need to be updated from time to time.

SpywareBlaster is one such free program. It sets "killbits" in your registry that block the download of bad ActiveX controls one might inadvertently acquire while browsing with Internet Explorer. In effect it "immunizes" your Internet Explorer against known bad ActiveX controls. A tutorial on SpywareBlaster is here. (Note that SpywareBlaster is not recommended, nor necessary, for Vista users, according to this post, by Michael Burgess, MS MVP- Internet Security).

You can also block parasites, ads, and various other malware passively using free programs that alter your Hosts file; they override your browser when it attempts to load unwanted websites. A full discussion of how to do this is beyond the scope of this review, but one such very good Hosts file can be downloaded from MVPS.org. A full explanation and instructions are here:
http://www.mvps.org/winhelp2002/hosts.htm

Recommended Free Programs with Passive Protection>Downloads: 1) SpywareBlaster 2) MVPS Hosts File

It is important to know what programs load when you open Windows, and to have the ability to control them.

Many malware programs add software to your startup list; unfortunately many legitimate programs you install do this also. Quite apart from the security aspects, is the drain on resources and slowing of your PC that loading and running unnecessary programs entails. All you really need to automatically load are the programs that are essential to be running every time you start Windows: your real-time anti-virus, firewall, and anti-spyware, and possibly other security programs. Everything else can be loaded manually as and when required.

Fortunately there are free "watchdog" programs that allow you to monitor and manage your startup list. I am only going to discuss the one I use that I consider the best: WinPatrol from BillP Studios. It not only displays what loads at startup, but also allows you to control them. When allowed to run in the background, it will run periodic scans that will alert you to attempts to insert new programs in your startup list (both legitimate and malware), and enable you to allow or deny them. A tutorial on WinPatrol is here.

WinPatrol is much more than a startup list utility, and you can read more about its other useful features here.

***I consider WinPatrol a must-have free utility; Scotty the watchdog is your friend.***


All your security programs (firewall, AV, anti-malware, etc) will need updating from time to time, to keep abreast of new threats. Updates include 2 types: definition files (generally released at least once per day) and program versions (generally released infrequently). It is important to keep up to date with both. The paid versions usually can be configured to do this automatically; the free versions often require you do this manually.

Free programs that require manual updates include:

Free programs that can (and should) be configured for automatic updates include:


An excellent website to check for new security updates (both definitions, and program versions) is Calendar of Updates. Important updates for the above programs are also posted daily in the Virus & Spyware forum at Dell Community Forums.

While on the topic of keeping updated, it is important to stress that old versions of non-security applications can also pose a security risk. Outdated versions of Internet browsers, plug-ins, Instant messaging clients, media players, pdf readers, flash players, Sun Java, etc should be uninstalled and replaced with the latest, more secure versions.

There is a free program that scans your system to detect out-dated and insecure 3rd party programs: Secunia PSI. It can be configured to update all these 3rd party programs automatically. You can download it from here. Highly recommended!

This scan will also notify you of any security or critical updates from Microsoft you have not installed. Of course, you should have Automatic Updates turned on (in XP's Control Panel>Security Center), and configured to at least alert you when such patches are available: How to use Automatic Updates