Free Tools To Secure Windows Against Malware

Tools For Safe Web Browsing

Most people need only the browser, most of the time, for entertainment or work. That means browser security is almost as important as the security of the underlying operating system.


Right now, the most secure Web browser available by default is Google's Chrome. Whether that will change in a year, two or five, however, remains to be seen. Nonetheless, Chrome consistently comes out on top in browser hacking competitions.

That doesn't just happen by accident. Chrome has a strong sandbox system that isolates every tab or extension into its own process. This can lead to an increase in memory usage that many people have complained about; however, it gives a great advantage in both security and processing performance (because each process can be run independently by the CPU, avoiding browser lags).

When each Web app or extension is isolated as much as possible from the others, it dramatically restricts the damage any website can do to your browser or your PC.


WOT is a nice little browser extension that allows people who use it to rate how secure a website is on the Web. It's essentially crowdsourced malware protection. While more technical users may be more careful about what links they click on, most regular Internet users might not, and they could be going to unsafe sites.

WOT attempts to warn users about bad sites and green-light the safe ones. It's a tool that comes in handy, especially on websites such as Google and Twitter, where you may see many links but don't know how trustworthy some of them are.

These days, most browsers come with their own filters for malware websites, but you only get warned when you've already clicked on the link. I like the "prewarning" WOT gives on links as well.

HTTPS Everywhere

HTTPS adoption has been increasing rapidly, but some sites may still default to plain-text HTTP connections, which are not secure — both from a privacy standpoint (others can intercept your traffic) and a security point of view (you can be attacked more easily through nonsecure connections).

The Electronic Frontier Foundation has built a tool called HTTPS Everywhere that ensures all websites connect over HTTPS as long as those websites support HTTPS (but doesn't redirect most users to it).

HTTPS Everywhere also acts as some sort of user-centric alternative to the HSTS (HTTP Strict Transport Security) protocol, which mandates that the connection is done over HTTPS. However, most HTTPS websites don't "strictly" enforce their HTTPS connections, which could make some man-in-the-middle attacks easier by downgrading the connection to HTTP.

The extension also recently received a feature that could be very useful: the option to connect only to HTTPS sites and block all requests that happen over HTTP (such as third-party trackers that can work over plain HTTP even on top of an HTTPS site, therefore weakening its overall security).

However, unless you visit only a handful of HTTPS websites every day, then enabling this might be a little too inconvenient for the casual Web user for now. When most popular websites are HTTPS, then users could fully secure themselves by enabling that feature as well.


How To

Enable OpenDNS by opening the Control Panel, then go to Network and Sharing Center and select your Wi-Fi/Ethernet connection. Choose Properties and InternetProtocol Version 4 and use the following DNS addresses: /

OpenDNS' "Enhanced DNS" free service is another great security tool you can use to protect against websites that are infected with malware either intentionally or by getting hacked by malicious attackers. All you have to do is replace the DNS addresses with the ones provided by OpenDNS, and you'll benefit from an extra layer of security.

The aforementioned tools are not a 100-percent foolproof solution for Windows security, but together, they offer a reasonably high level of security for users who don't want to struggle to learn how to use more advanced and complicated tools. They're also completely free.

Most of the aforementioned tools require only installation or an initial setup. After that, they "invisibly" protect users behind the scenes, which is just about ideal for the vast majority of Windows PC owners.

MORE: All Security ArticlesMORE: Best VPN Services Of 2015MORE: The Pros And Cons Of Using A VPN Or Proxy Service

MORE: VPN Services in the Forums

Lucian Armasu is a Contributing Writer for Tom's Hardware, covering News.

Follow Tom's Hardware on Twitter, Facebook and Google+.

Lucian Armasu
Lucian Armasu is a Contributing Writer for Tom's Hardware US. He covers software news and the issues surrounding privacy and security.
  • humus
    EMET does not support Windows XP.
  • humus
    SuperAntiSpyware and ESET On-Line Scanner - both are free and effective stand alone tools.
  • mjmacka
    @EMET Microsoft doesn't support Windows XP anymore. There is no way to secure that OS. You should be running a newer version of Windows or Linux instead of XP.
  • John J Miller
    to those that say switch to Win 7 or 8... there are some of us out here who can't afford the required hardware needed to run either one correctly.
  • computertech82
    Avira is rated #1 this year. SuperAntiSpyware is pretty good at malware, usually better than malwarebytes.
  • alpha27
    heh im running mse, comodo and avast, I think my cpu handles them well...heh i7
  • jacobian
    Rather sadly, much of the history of Windows security vulnerabilities is due to poor security practices among the users and software developers. Not using administrator account by default could have saved many headaches, and we had Windows 2000, a fine multi-user OS, since when, 1999? (I don't mention NT4 since it wasn't meant to be a consumer-level OS)
  • gerr
    16034431 said:
    to those that say switch to Win 7 or 8... there are some of us out here who can't afford the required hardware needed to run either one correctly.

    If Windows 8.1 can run on that, you must really have an old system.
  • atwspoon
    to those that say switch to Win 7 or 8... there are some of us out here who can't afford the required hardware needed to run either one correctly.

    Wait what? name a system in the past 10 years that cannot run Windows 7. I have installed the OS on numerous laptops and premade desktops from 2006-present. If your machine is more than 10 years old, you're doing it wrong.

    "If you want to run Windows 7 on your PC, here's what it takes:

    1 gigahertz (GHz) or faster 32-bit (x86) or 64-bit (x64) processor

    1 gigabyte (GB) RAM (32-bit) or 2 GB RAM (64-bit)

    16 GB available hard disk space (32-bit) or 20 GB (64-bit)

    DirectX 9 graphics device with WDDM 1.0 or higher driver"
  • gravewax
    to those that say switch to Win 7 or 8... there are some of us out here who can't afford the required hardware needed to run either one correctly.
    win 7 and 8 have very low hardware requirements. if you have a machine purchased in the last 15 years it mostly probably will run just fine, if in the last 10 it will almost certainly work.