Need some help/suggestions...

I'm in need of a security setup for non technical end users (more home environment then business) that is free and doesn't give the user a lot of pops but is secure well still letting them user use their pc like they are used too.

I've tried many different things but haven't found "the" setup/suite that accomplishes this.

 

You lack to mention the operating system. This is always a good start.

 

Also depends on what type of security you want . . .
Layered defense? or a simple setup, maybe snapshot type of protection?

 

Oh man, you are in league with so many of your peers.

For true non-technical, it is hard to achieve. If it were me, I would get them a light AV and maybe MBAM. While the AV does rely on signatures and can be "behind", a lot of things they might pick up will be found, avoiding the easy situations. MBAM as an on-demand scanner will clean up a lot of issues and it really easy to use.

For the rest of it, it is a hard call. The best bet would be to put them in a User group only, and show them how to use something like SuRun. Next would maybe be using UAC, but you still have to take into account that UAC just pops up a prompt that says "can I do this? Ok ? Click OK, OK?" And they click ok, and you know the rest.

You could use Sandboxie in conjuction, the only real downfall is the users have to understand what a file structure is and how Sandboxie will keep all they do "separate" from the real system, and they have to "recover" what they want if they want to keep it.

There are many many other ways to go about doing it of course. I tend to use those I stated for people who have had problems in the past. I had to tell them, if you want my help (usually free) you have to learn a little something. They can't just keep on clicking whatever they want and expect to stay problem free. Most of them are willing, but it also requires a good teaching technique to avoid the "glossy eyed deer in the headlights" reactions with many such users.

HTH>

Sul.

 

Adding to what Sully suggested, using a dns service like ClearCloud could be an option.

 

LUA + SRP works too.
Just install the basic programs that people generally use, set the rules necessary and ready to fight malware! (IM, Browser, Few Games and you're ready to go).

 

Didn't mention an os cause it varies, xp up to win7 (most of the win7 machines are 64bit). Everything had been fine for awhile, but the fake AV and AS programs seem to be a problem lately for these people. I'm having a hard time putting something together that stops/catches them without affecting how the user uses their system (I think this is a catch 22 though...).

In terms of what I'm looking for, a suite or layered defense (but it has to be free, finding it hard to talk these people into putting money down for security......). I figured I'd try here (been a lurker for years) since I'm having trouble nailing this down. The big thing is that it has to have minimal affect on the user side, otherwise I'll have more calls/emails with questions on what should be done then I'd get calls for malware warnings/infections.

 

How about Comodo Internet Security with alerts suppressed?

 

first things first...

imaging and/or backup should be top priority.

you never know when the stupid husband/wife/kid is gonna click "Install" on that shiny rogue fake AV.

with a good imaging/backup plan you won't hear "i lost all my pictures".

 

Don't for get patches for the OS and 3rd party software. Educating the user would be another good thing to do...

 

Microsoft Security Essentials
Prevx Facebook Edition (block keyloggers incase they do get infected)
Malwarebytes (show how to update and scan - most will never do this even after you show them several times)

You're asking the golden question no-one here can answer adequately. Paid is obviously the way to go for non-technical users. Paid prevx (great support and detection of rogues), or paid malwarebytes (blocks rogues and excellent removal), or paid Hitman Pro (easy to use, great detection, ease of use) to run at startup. At least one of these.

 

If you're asking for paid, i would recommend Norton Internet Security!
Light, easy to use and offers good protection!

 

I thought you were going to recommend Emsisoft Anti-Malware

 

Hahaha, EAM offers top notch detection but it's BB and Surf Protection can be annoying for average users

Anyways, EAM is a very good option too and it's extremely cheap when buying multiple license!

 

comodo internet security..

 

If these people are clicking on fake AV programs and other social engineering malware, you are fighting a losing battle. You have to educate them or walk away. I guess there's a third option, and that's to enjoy being needed.

 

Comodo would be a bit too much
He wanted something simple for average users

 

Windows auto updates.
Windows FW.
avast! Free.
MBAM Free on-demand.
Pretty basic & should keep them out of most trouble.
Any deviation from the above begins to violate in some manner your predefined rules of free, non-technical and no popups.

 

I agree with Sully and phalanaxus.

Lightweight AV (Avast/Avira Free AV) + Windows FW + MBAM (Free) + Norton/ClearCloud DNS

 

Got this setup on a co-workers PC,they've never called me since it was installed on their PC 2 years ago. No problems,period.

http://www.returnilvirtualsystem.com/ Free version

+

Malwarebytes Free Version

 

A setup that I suggest is:

1. AVAST Free or AVIRA Free
2. MBAM (Malwarebytes Anti-Malware) On-Demand
3. Sandboxie Free (Automatically Delete Sandbox Contents, Drop Rights enabled)
4. Norton or ClearCloud DNS
5. Macrium Reflect Free (Routine Backups to DVD(s) and/or internal or external hard drive)

 

First, I'd like to make my own personal note regarding Sandboxie. I use it my self to isolate certain stuff. I also installed it to some relatives, but I had the time to verify every and each process needing access in each sandbox.

After some trial and error, I got the applications to do what they need to do, without error messages. The same is not to say that no error messages won't ever appear; they might. In the future, some of the applications may introduce some new process it may need access, for example.

The question is: Regarding Sandboxie do you have the time to test every application to be run under Sandboxie's protection? If yes, that's tremendous.

But, you did mention it has to free security software, because they're not willing to pay for security software. OK, this means one thing: Sandboxie shareware version, as the author calls it, only allows one sandboxed application at a given time. This means they cannot have, for example, the web browser and media player sandboxed at the same time.

If they enjoy browsing the web, at the same time they listen to music, no do.

Given that, I'd like to ask which web browser they use? I forgot to ask it before. Sorry about it.

But, if it's Internet Explorer, I could suggest the following (I'm excluding Sandboxie from the equation, obviously.), considering free and unobtrusive:

0. Firewall: Windows Firewall

1. Antivirus (real-time protection): Microsoft Security Essentials
2. Antispyware (real-time passive protection): SpywareBlaster + Spybot - Search & Destroy (Do not install TeaTimer module)
3. Antimalware (on-demand): Malwarebytes Anti-Malware

4. Threats Mitigation: Microsoft EMET

I'd keep UAC enabled. This will allow them to run Windows Vista/7 under a standard user account. This by itself will prevent quite a few infections.
Unlike popular belief, UAC alerts don't appear out of the blue. You just need to explain them when they will see such alerts, and if they get one when using the web browser, for example, simply close the alert.

I would, personally, create different standard user accounts for each different task. One only for web browsing; one only for accessing e-mail; one only for accessing bank account, if the case; one for general purpose.

Regarding Windows XP, you could go the same route, except you'd have to install SuRun, to give them the same UAC experience, allowing them to use limited user accounts, and elevate only when needed. You may even set SuRun to auto-elevate those applications.

Also, personally, and if you think it would be needed, I'd install AVG LinkScanner. I know it has prevented some of my relatives from entering sites hosting exploits. Some of the times, sites deemed to be safe.

They're not me, and cannot handle certain restrictions, so I find this to be a pretty good solution.

Those who can handle to learn and pay for Sandboxie, I install them Sandboxie.

-edit-

I forgot to mention that, just like what user TheKid7 mentioned, choose a third-party DNS service like ClearCloud or Norton. You should first see if there's no much difference between your ISP DNS service and those mentioned here, in terms of speed.

Also, backup!

 

i will say avast free and spyshelter free

 

The two features missing in the shareware version are mentioned here: http://www.sandboxie.com/index.php?FAQ_Licensing

With the shareware version, it is only the amount of sandboxes running that is limited, not the number of applications.