The best free antivirus programs

Free antivirus started life nearly two decades ago as security’s poor relation, little more than a way of ensnaring users with limited features that would give them an excuse to upgrade to paid-for software later on. A number of software vendors built their marketing on such products, even if the bigger brands were sometimes too sniffy to dare offering something as lowly as a ‘free’ product.

Then the Internet happened, the browser became the dominant application, and websites emerged as a major means of distributing what became known more generically as ‘malware’. Malware included old-fashioned viruses, but also mass-distribution worms, Trojans (a major new class of program), and a cluster of applications designated as ‘spyware’.

Suddenly, the threat wasn’t just good coding it was bad coding too, with the industrialisation of malware that could exploit software vulnerabilities in the OS, in apps, and especially in browsers and browser plug-ins.

Paid-for AV products found themselves doing a lot more work at a lot more layers of the software stack, and diversified into today’s suites that do everything imaginable, including encryption, firewalling, backup, spam filtering, browser trace deletion, parental control, IM and P2P control, web, file and app monitoring, and all before old-style hard disk scanning is even mentioned.

The problem for security companies is that many pieces of this security jigsaw are at least partially done by free programs, starting with browsers, now secured using layers of settings and URL checking. A reasonable two-way firewall comes with Windows 7 (Vista’s is one-way), and of course the basic AV is handled by free utilities that many users swear by.

The fascinating thing about ‘free’ is how much users get without having to reach for the credit card. But how much is really enough security and which features does the average user need and perhaps not need?

The firewall

Firewalling is a complex issue, and in principle will de done by a gateway device such as a wireless router. In truth these are often complex to configure and understand, leaving most users relying on a desktop firewall that monitors traffic in and out of a PC. Windows 7 ships with a perfectly serviceable one included and the numerous free choices are also excellent to the extent that it’s hard to see why anyone would pay for one.

Frankly, we wouldn’t see a huge point in using a third-party firewall-only product unless you’re still using Windows XP, in which case look to ZoneAlarm or Comodo (which includes optional antivirus), both of which are easy to use, and do what they say on the tin. Whichever product, watch out that is doesn’t hit CPU. And that the Windows version is turned off before installation.

Patching

This tends to be an ignored aspect of security. Windows performs its own update once a month at least, as will individual programs, but out-of-date software, unpatched against known security issues is still a major problem, especially on systems that are not used every day.

A number of free programs exist to examine applications for out-of-date versions, perhaps the best of which is Secunia’s Personal Software Inspector (PSI).

Browser plug-ins

Browser security is much improved but still far from infallible, which is why plug-ins have appeared to address specific problems. There are hundreds of these, nay thousands, and each one s specific to a different browser.

Noscript (Firefox)

Noscript is a Firefox extension that stops Javascript (a major target for security flaws) from running without permission, blocking exploits such as clickjacking and XSS; whitelisting feature lets the user select named sites that can run scripts. Can be a bit intrusive but worth it for the security-conscious.

Trusteer Rapport

Installs in all major browsers and verifies using a small green icon that a website is genuine using built-in lists or those added by the user. For partners sites – banks say – it can also encrypt the keyboard to website communication for secure login, though only small number of sites are covered for this. Even when not using this feature, is a useful and non-intrusive shield against website spoofing.

LastPass

An absolute must and by far the best browser-based secure password store out there. As well as acting as a database of web-based passwords (and a replacement to having them stored insecurely by browsers), it automates logins, stores form data, and has plenty of control over how to treat different sites in a more or less automated way. Can be access from anywhere by any PC using a single master password.

The free antivirus scanner

A basic malware scanner downloads signature files every day which it uses to perform retrospective scans of hard disks for bad files at defined intervals. It will also offer some level of realtime protection against the incursions of rogue software and spam attachments, often by complementing browser security settings. It will also usually monitor for dodgy URLs, though again this is done by browsers and, with lesser reliability, by search engines themselves.

Microsoft Security Essentials

Microsoft dabbled with paid-for security then threw in the towel and came up with this free gem only last year. It has garnered good scores in tests (that is about the same as paid-for products for basic antivirus scanning), uses little in the way of resources, and is extremely simple to configure and use. Basic, yes, but not cut-down in terms of the core features which are file scanning, realtime process monitoring. Will scan inside archives and removable drives, but use in conjunction with browser security add-ons because it does not monitor URLs or watch what’s coming in via email. No frills.

AVG Antivirus Free Edition

The granddad of free, AVG is probably the most popular unpaid antivirus program going. Very similar to the Microsoft product with the addition of an optional browser link-scanner and the ability to create a rescue disk. Not as light on resources as Security Essentials but still more than capable.

Panda Cloud Antivirus (PAV)

A bit of an untested option at present but a curious one. Panda runs in small footprint ideal perhaps for netbook users, thanks its makers claim to its part-signature, part cloud-based intelligence.
It has a lot of features free programs tend to lack. It scans email (inbound and outbound attachments), IM and web browsing, claims to block rogue scripts, and protects against vulnerabilities (although which ones will obviously depend on the remote database), all of which are launched in an on-demand way. It also has an optional firewall and can create a rescue disk.

If Panda Cloud has a problem it is lack of feedback and no scheduled scanning which might bother some. Apart from the occasional update request, it’s barely noticeable, even when browsing websites other programs would take issue with. It did, however, prove its worth against one fairly common Trojan, while the beta version suffered a single false positive.

Conclusion

The best antivirus program from these for light use of resources is Microsoft Security Essentials, the best for features-at-no-cost undoubtedly Panda Cloud Antivirus. The cloud client-server model is an interesting direction others will surely follow in the near future. How does Panda offer a free product tied to an expensive datacentre? Presumably, the malware it detects through the consumer products help it improve the paid-for business version.

More widely, it is clear that stumping up £30-£50 ($47-$70) for a full suite is not necessarily the best option for users even if they are happy to throw money at the security problem. The suite will do everything – a good recent example is Kaspersky’s Pure which includes encryption, backup and parental control – but not necessarily as well as separate programs. Suites tend to be more complex, more resource-heavy, and inevitably elements of each are mediocre.

Any one of these and other free antivirus programs (BitDefender, Avast!, ESET) will do a perfectly good job when complemented with a secure password database, judicious use of encryption, and browser controls.

One Comment

  1. ◾PROTOCOL SHIELDERS◾
    HELLO, I am COREY RODRIGUEZ by name,the only CEO of protocol-cyber-shield-hackers.  In this message, we will explain how you can almost avoid SCAMMERS and stay safe,  plus how our organization works. Read it carefully,Its reading will not take more than 10mins. 
    We kindly URGE you to not respond without have read the entire text. Those who mail without have read everything, ask questions that are been answered here.

    ⚠️WARNING:
    MOST HACKERS YOU SEE HERE ARE FAKES AND SIMULTANEOUSLY INCONGRUOUS. 
    It tears US up when we receive bitter mails of Jobs attempts proposals from most clients with hacking issues but never get close to having them done, thereby wasting a lot $ in the process, 
    EXAMPLES: 
    ➡️MOBILE PHONE HACKING.
    ➡️BINARY FUNDS&BITCOIN RECOVERIES.

    ➡️SOCIAL MEDIA ACCOUNT&EMAIL HACKING etc....
    if you in a haste to have any of these done by seeking hackers yourselves,you will only get ripped.
    PLEASE PAY ATTENTION TO THIS ARTICLE AS YOU READ THROUGH IT.

    HOW WOULD YOU KNOW?? 

    TAKE NOTE AND PRECAUTIONS:

    1. you see uncertified email accounts carrying numberings likeiamhacklord1232@(gmail,yahoo or hotmailDOTcom)  pls flee from them, BIG SCAMMERS.

    They take your money and never do your job.

    2. you see posts like "do you need to spy on spouse?" All fake!just a way to lure you towards getting ripped!. 3, posting fake testimonies and comments to trick you into feeling safe. Pls endeavour to ignore!! 

    ➡️NOTE: beware as we urge you not to make respond to any "IVAN HONG,PETER SANTOS,MONICA HART (impersonating with our articles pretending to work under us)
    WE ONLY HAVE 2 EMAILS WHICH ARE LISTED BELOW THIS ARTICLE TO ATTEND TO ALL MANNERS OF CYBER HACKING ISSUES.

                           ◾VERY IMPORTANT ◾
    For years now, We've helped  organizations  secure data base,  so many sites USE US AS SECURITY BACK UP TEAM BECAUSE OF OUR METHODS OF  HANDLING CYBER MISHAPS. 

    "iPhone&ANDROID HACKS"

    "CLEAR CRIMINAL RECORDS"   

    "FUNDS RECOVERIES" AND LOT MORE BEEN DONE IN SHORT TIMING.
    these are significant EXPERIENCES & RECORDS a good and effectively fully recognized organization must firmly ascertain. 

                            ◾OUR AIMS HERE◾

    1◾to assign a qualified agent of specific rank to particularly any sort of cyber issues you intend dealing with in short and accurate timing.

    2◾ to screen in real hackers (gurus only) in need of job with or without a degree, to speed up the  availability of time given for Job contracts given to us.Thus an online binary decoding exam will be set for those who seeks employment under the teams Establishment.
     write us on:
    ◾Protocolhacks@gmail .com
    ◾Cybershieldnotch@gmail .com
    COREY ROD, 
    SIGNED...
    Thank you..

    ReplyDelete

Back to Top