Your Complete Guide to Windows Security
Note: our picks are hardly exhaustive, and no amount of security software can replace good habits, like keeping your OS up-to-date, running regular scans, and avoiding scams that bypass security software and prey directly upon your gullibility. With that said, even the most paranoid and cautious of us occasionally get caught in the crosshairs of a hacker, or get infected by a virus. Read on to ensure you've got the best contingency plan for when good instincts just fail.
Anti-VirusThe first thing that comes to mind when most people think of security software is anti-virus protection, the backbone of any good security setup. (Anti-virus software is not optional.) In addition to protecting you from viruses -- one of the original and still popular incarnations of malware -- these programs also protect you from a host of other malicious programs like Trojans and worms. Good anti-virus software will scan any new data as it arrives, including files downloaded from the Internet, as well as USB drives and iPods. It will also continuously watch for strange behavior, so, if a program starts acting like a virus, even if it isn't on a list of confirmed troublemakers, the anti-virus will shut it down. We recommend you update your anti-virus and run a scan at least once a week.
Microsoft Security EssentialsBelieve it or not, the best free anti-virus program on the market is made by Microsoft. It lacks some advanced features that other anti-virus products have, but its threat-detection and -removal is second to none. Using the suite is a no-brainer.
AVGWe've sung the praises of AVG before, and, while it's no longer our top pick for free virus protection, it's still a top-notch solution. It is effective, frequently updated, and relatively easy to use. As an added bonus, AVG is also available for Android and Linux, making it a viable solution for cross-platform security.
Anti-MalwareThe line between traditional anti-virus software and the more generally titled anti-malware (which once upon a time was referred to as anti-spyware) gets blurrier with every passing day. Anti-spyware and -malware tools are still more effective at identifying and removing some threats and annoyances than a program like AVG. These annoyances include popup ads and keyloggers; instead of preventing infections, anti-malware programs often catch and remove malware missed by anti-virus suites. As with your anti-virus program, update and run a scan at least once a week.
MalwareBytesThe current reigning king of malware removal is fast, simple and incredibly effective. It even dismantles locked, infected files that often choke other removal tools.
SpybotA stalwart of the industry, Spybot Search and Destroy made a name for itself when "malware" was still called "spyware." It's not quite as effective or simple as MalwareBytes, but it has a number of interesting features like "vaccination" against known infections and TeaTimer, a registry watcher that alerts you when a program attempts to change the registry.
FirewallAs you might remember from our tutorial on firewalls, the purpose of the Great Barrier of Flame is to control the flow of data to and from your PC over a local network or the Internet, thereby preventing malicious software from stealing your data or infecting your machine. Additionally, it can block hackers from getting access to your PC and files -- largely by monitoring your network connections for suspicious behavior. If any incoming presence appears awry, your firewall will shut it down.
Frequency: Runs constantly doesn't need to be "run"
Windows FirewallMost modern operating systems, including Windows, have a built-in firewall, and the firewall included with Windows 7 and Vista is quite effective. It lacks some advanced configuration tools that standalone products might have, but it's more than adequate for the average user who just wants to set it and forget it.
ComodoIf you'd rather tweak your firewall settings yourself in order to ensure the best possible connections for your finicky online games and file-sharing programs, give Comodo a try. While it is for advanced users, the firewall successfully keeps hackers at bay, and offers plenty of options for configuration.
Data ScrubberCrucial to staying secure is protecting your privacy and data as you flit about the Net. A good data-scrubbing utility should do two things: automatically identify and remove sensitive data such as browser history and temporary files; and delete files in such a way that not even a forensic data expert could recover them.
Frequency: Run as needed/wanted no recommended schedule
CCleanerWe've written about CCleaner before, and little has changed since we last recommended it for download. It still tracks down logs, cache, temporary files and errant registry entries and clears them away with little trouble.
EraserIf you want to wipe your data into the netherworld, Eraser is your friend. It will delete files, then write over them with dummy data several times to ensure they've been properly removed. It can even be scheduled to clean "empty" disk space to ensure that any files you delete are actually gone for good. (Deleted files aren't actually deleted; they're just hidden from view until new data is written over their physical location on the hard disk.)
Password ManagerAs you've likely been told before (and, we've said it several times here on Switched), having secure passwords means having a unique, long, (seemingly) random string of characters for each account you keep. Problem is, unless you're a savant, you probably can't remember several dozen random strings of 10 or 12 characters. Password managers simplify the process by remembering them for you. They keep your accounts safe by encrypting your data and hiding it behind a master password, which you should make easy to remember but incredibly difficult to crack. We suggest a famous quote, perhaps with some letters swapped out in favor of numbers (e.g. "A5k_n0t_wha7_y0ur3_c0un7ry...").
KeePassWe love KeePass. It's cross-platform (covering Windows, Linux, OS X, Android and even iOS), extremely secure, and dead simple to use. It even comes in a portable package that you can run from a thumb drive or your Dropbox account.
LastPassThis Web-based password manager is every bit as good as Keepass. There are extensions available for every major browser, as well as apps for Android and iOS. Plus, it autofills log-in credentials and forms, and offers to automatically remember anything you enter.
VPNIf you like to work or shop from your local coffee spot -- or anywhere with an open Wi-Fi hotspot -- you'll want to set up a VPN (Virtual Private Network). These remote connections allow you to feed your data, in encrypted form, through your home PC, keeping it out of the reach of would-be hackers. They require a bit of tech savvy to set up, but you certainly don't need a computer science degree to figure out how to use one. Besides, they're the best option for protecting yourself on a public Wi-Fi hotspot.
Windows VPNIt doesn't get a lot of attention, but Windows 7 actually has a rather serviceable VPN utility built-in. It's not loaded with extraneous features, and does require some know-how to set up; yet, for many, it's all you'll need.
HamachiThose who are intimidated by the built-in Windows VPN or who want more bells-and-whistles should check out LogMeIn's Hamachi. This full-featured VPN service feeds your traffic through Hamachi's servers. It's secure, and as easy to use as a VPN gets.
EncryptionIf you've got sensitive data (or an embarrassing porn collection) that you want to keep from prying eyes, the best solution is to encrypt your data. This scrambles the files in such a way that your dirty little secrets can't be decoded without the proper key. By setting a strong password to protect your files, only the most skilled of hackers will even have a chance at getting a peek.
Frequency: Once your data is encrypted, it's encrypted. No need to schedule.
TrueCryptThere are plenty of options out there for encrypting files, but our favorite (by far) is TrueCrypt. It uses PGP (which stands for Pretty Good Protection), the industry standard for securing data that doesn't originate from deep in the bowels of the State Department. It's easy to use and frequently updated to ensure it always provides the best privacy possible.
Hijack ThisHijack This has trouble fitting into one of the other categories in this list. It's not really a malware removal tool... because it doesn't actually differentiate between malicious and safe files. It's not even a detection tool, as it doesn't tell you what viruses or malware might have infected your PC. What it does do, however, is create a thorough log of registry entries on your PC, and then dumps them in a single place, offering the ability to remove them if necessary. As we've written about Hijack This before, it can be a dangerous tool in the wrong hands, but, if you know what you're doing, it can be your best friend for routing out stubborn malware.
You might not need every utility on this list, but a paranoid completist probably will. All these programs will help keep you and your data safe, but, as we said earlier, there is no replacement for good computing and Web-browsing habits. After all, no anti-virus program can stop you from e-mailing your bank account number to that Nigerian prince who's always desperately trying to get hold of you.