Best free (or paid) malware protection and outgoing firewall for Windows 10?

Hi guys,

Right now I’ve got a paid malware protection + outgoing firewall solution for Windows 10 and I’m looking around for the safest free alternatives.

Important to me are:

  • Firewall for outgoing connections that notifies you of outgoing connection attempts and offers you a choice to allow or block them.
  • Very efficient malware detection and protection, including browser guarding.
  • Tiny footprint and as few conflicts as possible with other software.

Your tips are very welcome, many thanks in advance. If a paid solution turns out to be simply the best, I’d very much like to know about that too.

Well, I’ve been in this crazy computer business for a very long time now … ahem … and I’ll go on record saying that these services are basically worthless. Here’s my advice:

(1) Remove(!) the “protection” software. Yes, you’ll find that it is very hard to do, but do it anyway.

(2) Immediately stop using an account which is an “Administrator.” Create a brand-new account – whose name is not “root” or “Administrator” – and make it an Administrator. Then, log on to that account and use it to remove Administrator status from whatever account you use every day. Do Not(!) respond to a request for an “administrator password” when you are logged-in to that account, unless you are damn sure where it actually came from.

(2a) If you routinely wear many hats, say at a small business, create a separate account for each “hat,” and apply file-protection rules to “wall off” its materials from anyone for whom “it is none of their business.” (I actually create separate accounts for each project … security rules or no, I find it very handy.)

(3) Purchase an external hard-drive at an office-supply store, learn about Windows-10’s now built-in backup capabilities, and immediately start using them to perform automatic scheduled backups.

(4) Of course you should have a firewall – and, so should the router that connects you to the Internet! Carefully review those settings at both places. Notice also that if you followed step #2, “the account that you use every day” no longer has the power to change the firewall.

Always remember: “the computer is terrible at knowing when to say ‘yes,’ but it is extremely good at saying ‘no!’”

All of this is generally referred to as the Principle of Least Privilege.

1 Like

I stopped using third-party antivirus altogether and now I just rely on Windows built-in antivirus which works just great. I don’t use its ransomware protection though as I’ve found it quite obtrusive and it needed a tremendous amount of training.
The only firewall I use, again, is the one that comes with Windows 10. I do use a third-app program to manage Windoes 10 firewall. In the past I used Tinywall but with Windows 10 I now use Windows Firewall Control (once Binisoft and now Malwarebytes).

Just my c.

1 Like

“Very efficient malware detection and protection, including browser guarding.”

For all of the above, i recommend Malwarebytes, not free but it’s very good (it has a free version just for scanning files - not real-time though).
I don’t know if there is a free app that does all what you want.

1 Like

Thanks for the tips guys, much appreciated!

1 Like

To be honest, the best way to go about it is disabling internet access for your work desktop. And use a secondary Linux device for internet needs. Every other virus/malware tracking solution will have performance impacts on your system.

Also you can install Adguard Home and use it as your primary DNS server since it will let you block domains. it is not just a network wide ad blocking solution although that is the primary way to use it.

1 Like

metin if u have a spare pc u can use it as IPS(intrusion prevention system) like pfsense in front of your internet connection. It can blocks some treats(exploits,maleware,trojans,etc ).Squid + snort. Unless u you know computer networking its real hard to setup but i heard that they also sell hardware too :slight_smile:

1 Like

On Linux my “never run as an administrator” advice translates to making sure that your usual, every-day user is not a member of the wheel group. Which means that it cannot execute commands lke sudo su, which would put you into #root mode using your password!

So … some malicious piece of software lures you into entering your password, tries to use it to do nasty things … and discovers the hard way that you have limited yourself. Because you haven’t allowed yourself to hop into a phone-booth and hop out wearing blue tights, neither can the nasty-ware.

Yes, Windows (and Linux, OS/X, and so on) now does offer a number of built-in features to automagically protect you against various kinds of potential malice, without committing the sins that classic “anti-virus software” did and does.

1 Like