The most thorough solutions that are generally recommended cover mutliple areas: Software updates, anti-virus, firewalls, and more. Multiple pieces of software are generally used to cover these different areas.
As later versions of software often contain improvements that eliminate older vulnerabilities, using later versions of software are recommended. Some software, including operating systems, contain a way to automatically check for newer versions and possibly to also install them automatically. For most users, at least enabling the check is recommended, and allowing the automatic installation is recommended for those who don't intend to rspond to notifications of new versions by manually investigating updates and then downloading and installing approved updates as appropriate.
The most important software to update is typically the software that is typically used when accessing a network. For many, this includes the operating system (such as Microsoft Windows), the web browser (such as Mozilla Firefox or Microsoft Internet Explorer), and the separate E-Mail client software (such as Mozilla Thunderbird or Microsoft Outlook Express).
Windows XP (perhaps with a Service Pack?) and newer versions of Microsoft Windows may support a feature of “automatic updates” which is recommended for many users.
Anti-Virus software is generally dedicated to taking care of viruses (which are designed to be unknowingly spread), worms (which are designed to spread automatically, without user intervention), and possibly other “malicious software” (which is called “malware”). Recommended is to use two anti-virus products: One based on the ClamAV code and a different one which provides real-time scanning as well as frequent database updates.
This section is for solutions that are free for not only home users, but also business users. (The next section includes some more options that are free for home users.)
ClamAV is free for not only home users but also business users. This is recommended for any users, however, as of this writing, real-time virus scanning is not provided by the ClamAV (nor the ClamWin) code. Therefore, using additional virus protection software that does provide that type of protection is recommended. Because ClamAV does not tend to conflict with other virus scanners (perhaps largely due to its lack of real-time scanning), and because ClamAV is one of the larger anti-virus databases which has sometimes added viruses earlier than other anti-virus databases, usage of ClamAV in addition to other anti-virus software is a good, recommended setup.
ClamWin is freeware that works with Win98/2K and newer. This software uses the ClavAV engine. (The October 27, 2004 version of the page and earlier also mentions NT as being supported, but the version from October 30 does not, even though the same ClamWin version 0.35.3 is mentioned on both old ClamWin pages (as archived by Archive.org).
It is important that users understand what ClamWin is good for (detecting viruses when a virus scan occurs), and what it isn't good for. Unlike alternatives that have a real-time scanner, ClamWin does not monitor file access in order to detect a virus whenever a file is accessed, such as when a program runs. (Many other virus protection software does support this.)
Winpooch Watchdog's SF.Net page indicates it is for “Windows (2000, XP, 2003, but only 32-bits).” (Unless that changes, it will be useless for not only users of Windows 98, but also the 64-bit release of Windows Vista). The software is designed to provide real-time services to files which, when combined with ClamAV or BitDefender, can provide real-time virus scanning.
This has not been tested by site staff, but it appears to be a free solution for those who it works for.
Currently, the software listed here, which is free to use, is generally not a comprehensive, total solution for most modern day systems. They are therefore not generally recommended for wide-scale deployment, and are largely mentioned here simply for reference.
This software may be limited, and so is not generally recommended for wide-scale usage, but it may be useful in some cases.
Limited to handling the viruses of Mydoom, and perhaps Doomjuice and Zindos (depending on the version), and varying in what operating systems this works on, this was later replaced with the Microsoft Windows Malicious Software Removal Tool which removes more software but doesn't work on as many operating systems earlier than XP. (If using an operating system supported by the Microsoft Windows Malicious Software Removal Tool, that tool appears to be more comprehensive and good to use instead.) KB836528 article expressed a lack of permission for people to redistribute the software, and so interested downloaders should get it from Microsoft. KB836528: Mydoom, Zindos, and Doomjuice Worm Removal Tool (v4.0).
Microsoft Security At Home has information about some of the above software, and other information about protecting one's self. For information about viruses, there is Microsoft's page on viruses.
AVGFree comes with a real-time scanner and is free for home users. It is also updated regularly. With versions earlier than 8.0, when installing this under Win98SE, a scanner that works in DOS is also installed. (This DOS scanner would have more up-to-date signatures than many other versions.) Because there are multiple versions that may be downloaded, the AVG-related software is available on a separate AVG page on this site.
Grisoft's announcement about Intel says that Intel Capital, afund of Intel Corporation, has invested in Grisoft.
Software by “avast!” has been released for multiple operating systems. There is a free cleaner. There is also a more full amount of virus protection offered which can require registration which is freely available for home, non-commercial use on some operating systems including Windows 95 and later (including operating systems newer than Windows XP) and Linux. Less free versions may be available for commercial use and other operating system platforms such as FreeBSD and Mac. This is covered in more detail on a separate page on this site: “avast!” software.
It is recommended to check the avast! Latest Program Version Matrix before downloading any of the hyperlinked versions. This is because several products have home pages with major version numbers in their URL, and so it wouldn't be surprising if newer software versions may have newer home pages.
Some of this software may support some sort of trial which may technically make it shareware (or trialware/crippleware/etc.), however payment is expected by home users in order for them to have sustained protection with updated databases.
A solution by Microsoft which can be paid for, Wikipedia's page on Windows Live OneCare: Criticism section has some interesting information, including a quote from a member of the Microsoft Security Research and Response (MSRR) team saying results will “results gradually and steadily increase until they are on par with the other majors in this arena.” (This, of course, implies they weren't on par.
Some substantial names in the world of virus protection are McAfee and Norton. Many people have become familiar with them due to having versions of the software installed on their computers, bundled at a low cost (and possibly even free), only to find the software later becomes a nuisance when it continually asks for the computer's user to participate in paid-for updates. The companies are also noteworthy for working with Fortune 500 Enterprise companies, and making statements in mainstream news press releases when computer viruses are the subject of mainstream news. The E-Mail software may change a user's E-Mail settings to use a local proxy, which may be good in theory except for the large number of cases when this made software stop working.
Users of this software may wish to look into other options that receive updates more. These are generally not recommended, but are listed here for reference.
At least some of the software on the DOS-based Anti-Virus Software page fits this description.
Sometimes features such as Anti-Spyware are included in software that also performs an anti-virus function. In other cases, software manufacturers have released separate, specific software packages. (The key reason for doing so is to justify the sale of an additonal product.)
In addition to software that calls itself AntiVirus software, there are now other scanning software applications available for other tasks such as an Anti-Spyware software.
Some people are concerned about web sites tracking web surfing behaviors. A generally bigger concern, though, is when software designed to track users (“spyware”) or display advertisements (“adware”) may update itself and include code which is more malicious, becoming more similar to a virus or worm which can not only gather non-personal information, but can also gather other information or perform other unapproved actions such as participating in an Internet attack. The code in adware and spyware is often not needed for basic functionality and may be called a “potentially unwanted program” (“PUP”) by anti-spyware. (The reason that PUP is used, instead of a more condemning term, is that some companies who have released such software have claimed legitimacy and threatened lawsuits about libel.)
Anti-Spyware may commonly find a large number, even hundreds, of browser cookies which the software identifies as “potentially unwanted”. These typically take up an amount of disk space which is generally considered to be a small amount of space. Some people consider such things to be a terrible invasion of privacy while others accept such automated, generally non-personal gathering of marketing data to be a common, harmless business practice. Some Anti-Spyware software has obtained a large amount of respect, partly from people who were simply ignorant of how commonplace such browser cookies have become and became surprised when hundreds of files that were “potentially unwated” were identified.
This software was formerly known as Ewido before being acquired by Grisoft.
Found on May 4, 2008: http://free.grisoft.com/ww.download-avg-anti-spyware-and-anti-rootkit “As AVG Anti-Spyware and AVG Anti-Rootkit are now only included in commercial versions of AVG 8.0. Updates will soon be discontinued.”
Old FAQ for AVG / ewido Anti-Spyware: FAQ 1277 was “Does AVG / ewido Anti-Spyware work under Windows 95, 98 and Me?”. The answer was: “Unfortunately the AVG / ewido Anti-Spyware only works with Windows 2000 and XP as it was developed to use many of the features introduced with Windows 2000. Also we currently can't and most likely won't provide a version for older Windows versions in future.”
AVG Anti-Spyware 7.5.1.43, AVG Anti-Spyware 7.5.1.43 (found from AVG Advisor cache), AVG Anti-Spyware 7.5 PDF File Hippo's download area for AVG Anti-Spyware, an unofficial third party site, has download links for some older versions including Ewido products. “AVG Anti-Rootkit Free” download page http://free.grisoft.com/filedir/beta/avgarkt/avgarkt-setup-1.1.0.42.exe
Both the origial German “developer's site” for Lavasoft (as identified by a forum post) and American download site for Lavasoft now simply point to the main Lavasoft.com page which identifies Lavasoft as “The Original Anti-Spyware Company”.
Ad-Aware SE appeared to be more popular than its successor, Ad-Aware 2007, based on forum comments such as Lavasoft.com forum post. Ad-Aware SE worked on more systems than its successor, Ad-Aware 2007, when the latter was released. For more details, information on downloading the older version, Ad-Aware SE, or other versions, see the local Lavasoft Anti-Spyware page.
Anti-Rootkit functionality may be separate from anti-virus and anti-spyware software, or it may be bundled with anti-virus and/or anti-spyware software. AVG has released a separate Anti-Rootkit. (For now, see the AVG Anti-Spyware section for details.)
Sometimes rootkits are simply handled by software which scans for viruses and/or software which scans for “spyware”. However, some software companies, such as AVG, have been known to release Anti-Rootkit software separately. If there is a separate bit of software available for detecting these, getting them is recommended.
There may be some misunderstanding as to what a “rootkit” is. A rootkit is a program that is designed to maintain superuser/administrator access by allowing a backdoor and often doing so while hiding itself by replacing key files that are frequently used to detect whether a rootkit is installed or not. Some people believe that a rootkit is designed to gain initial superuser/administrator access, and so that may someday be true for some software that calls itself a rootkit, but that certainly is not what all rootkits are about.
There are various strategies to having a firewall, including using a hardware firewall device or a dedicated computer. Additionally, a computer can simply run firewall software.