10 essential (and free!) security downloads for Windows

F-Secure BlackLight Rootkit Eliminator

Rootkits are the most nefarious of all malware, giving hackers access to your entire PC without your knowledge. They use special techniques to hide themselves from many antivirus and anti-malware programs, which makes detecting and killing them exceedingly difficult. Because of that, just using antivirus software isn't enough. Instead, you need a specialized rootkit detector and killer.

That's exactly what F-Secure's BlackLight Rootkit Eliminator does. It scans your PC for hidden processes, folders and files, then reports on what it finds. If your PC is clean, it will tell you so. If it finds anything hidden, it tells you that as well and lets you clean it up. Double-click any entry, and you'll get more information about it, such as the file location, a description and company information.

F-Secure BlackLight Rootkit Eliminator.
Click to view larger image.

To kill a rootkit you've discovered, you have a choice of renaming or deleting the file using BlackLight's built-in tools. It's a good idea to first rename suspicious files, which gives them a .ren extension and prevents them from executing. Next, do a Google search for the file names to see whether they really are malware. Rootkits often hide legitimate files and processes, such as Explorer.exe, so make sure not to get rid of any legitimate ones. If you confirm that files are malware, then delete them.

Warning: Only very experienced users should attempt to clean their PC with this software, because if you rename or delete valid files, you can cause serious problems. If you're at all unsure about what you're doing, you might want to try a different free anti-rootkit tool called RootAlyzer, from the same folks who bring you Spybot Search & Destroy. It checks your PC for rootkits but doesn't offer tools for deleting them. (Note that RootAlyzer is still in the preview stage.)

NoScript

JavaScript, Java, plug-ins and other code found on Web pages can do serious damage to your PC. They can deliver interactivity and other useful features, but they can also be used to wreak a great deal of havoc. To keep yourself safe on unfamiliar Web sites, you'll want to turn them off, but doing so means that you'll lose some of the nifty features on some of your favorite Web sites.

NoScript. Click to view larger image.

The answer? A great Firefox extension called NoScript, which not only blocks scripts, plug-ins and various types of code, but also protects against cross-site scripting attacks. It lets you block scripts, plug-ins, and code on a site-by-site basis. You can control it to an exceptional degree, including whether to block scripts on sites on a one-time basis or permanently.

Comodo Firewall Pro

The firewall that ships with Windows XP or Vista simply isn't good enough to keep you safe — you need better protection. There are plenty of free firewalls out there, but my favorite is Comodo Firewall Pro, which provides top-notch protection from both inbound and outbound threats. It offers other types of protection as well, including what it calls Defense+, which keeps you safe in several ways, including locking down certain files and folders so that they can't be altered.

Comodo Firewall Pro. Click to view larger image.

Note that this firewall is more aggressive than many in asking whether you should allow connections. So when you first run it, expect to see a good many pop-ups asking whether you want to let through a particular application.

To help cut down on the pop-ups, run its Clean PC mode, which lets you scan your PC for applications and then register them as safe so that you're not inundated with quite so many pop-ups. In addition, there's an "install mode" that disables certain types of pop-ups for 15 minutes, allowing you to easily install new software.

Another very good free firewall is Online Armor. Computerworld editor in chief Scot Finnie prefers its paid version to any other firewall. The free version is excellent as well, with one shortcoming: To install a new version, you first have to uninstall the old version, then install the new one.