Companion to Webroot for Insane Click On Everything You Shouldn't Person

I offer my sincerest apology if I've posted this in the wrong area, or asked a question that's been asked and answered a thousand times before.

First a little background: I need a new security setup for my mother's computer. She is the anti-security expert. It doesn't matter how much you preach to her and try to teach her basic internet common sense. Don't blindly click "yes" on everything. Don't click on strange links in emails. She does it all anyways to the point she has to have her credit cards replaced at least a couple times every year due to credit fraud.

I tried F-Secure on her system last year because of the banking protection feature. I explained to her how it works, but she insists on turning OFF banking protection as soon as the little drop down bar appears, and then doing her online banking with the feature turned off. She's also managed to get a couple trojans this past year that F-Secure completely missed.

I keep reading all these wonderful things about how good Webroot Internet Security Complete is, and that it won't bog down her pc's performance. But I am hesitant in that I feel it may not be enough for her dangerous habit of clicking on everything and anything that common sense ought to dictate one shouldn't.

So I'm thinking she might need something layered with Webroot suite, but the more I read on complimentary products, the more confused I get. I feel I need something more on there, and I was reading that both Emsisoft (either the suite or just Online Armor?) and Voodooshield are excellent products to layer with Webroot.

Would one of these products be a good choice to put on her computer to help harden it against her insane disregard for common sense safety practices? Any and all suggestions would be very much appreciated. Thank you all in advance for your time!

 

Keep it simple only webroot. With settings controlled remotely (web console) and WSA password protected in the GUI. Also setup the cloud backup in WSA so that any deletion / messing up with files and documents could be reverted.

Finally if you are on windows 8, turn ON File History and make a system back (both windows 8 features). This will cover from major disasters.
If your mother do not need to install anything than create an ad-hoc limited account.

 

Well, here are my recommendations:

1. Use HMP.Alert and Windows Firewall Control (in my signature). In WFC, use medium filtering (recommended) and disable the ability to create rules by other programs and password protect the configurations. This will help even if you get infected. Webroot is excellent, I have been using them since years (long time Prevx and WSA private build tester), just be sure to set as maximum protection and password protect the configurations and you might even try Zemana/Spyshelter.

2. Emsisoft is excellent in my opinion but is a real resource hog, but if you (or your mum) dont use much of extensive applications, you can give it a try. I used Voodooshield in the past but I never quite liked the approach, it was just not my cup of tea.

3. You can also use Adblock Plus with MDL subscription, or even use a hosts file to block malware domains.

4. Finally get her a limited account and password protect your admin accounts, that should help a little. If you have some time, Use EMET and use maximum protection and add your browsers/other net facing applications.

 

WSA + Sandboxie. An alternative would be Chromebook, which as far as I know, isn't as vulnerable to malware attacks.

 

I have been using WSA Complete over a year...recently added VoodooShield and everything is very light. I probably don't take the risk your mother does but I haven't had anything get through. I doubt that you would need assistance but their forum folks are there most of the time and can help if you ever need it.

 

I also have a very click happy relative. After their laptop crashed and burned, I rebuilt it, and installed Avast 2014, MBAM [real-time], and MBAE. The husband decides to turn everything off that was blocking his cool software installs; and got re-infected again.

This time I password protected Avast & MBAM, and have them do silent scans with mandatory removal/deletes. No more issues...yet!

 

I do like the simplicity of just running Webroot by itself as you've suggested, Fax. I may go ahead and just put that on her machine and see how it does for a while, and if any issues arise then I can decide what steps to take next.

Thanks for the suggestions, I am grateful for the advice everyone has offered.

 

Webroot with Comodo FW works well.

 

Or you could solve it and put this to rest.
Install something like Deep Freeze that will revert back every start up to a clean state. End of story.

 

Use AppGuard, set it to locked-down and disable the user-interface

 

I was going to recommend bulky mittens...

The others have given more practical advice, I suppose.

 

Only thing I could think of would be AppGuard with locked settings.

The careless user is the perfect test case for anti-virus failure and it's always the obviously malicious stuff, which gets through undetected. Drive-by downloads and exploit delivery becomes more and more difficult, because most products can detect that now. But it doesn't matter, just send a .pdf.exe or .mkv.exe file through e-mail and it works. The fact that there are still so many file guards out there, which don't go red alert at on double file ending, leaves me flabbergasted.

 

Step 1: as outlined by Pete: + 1

Step 2: (alternative other option, like I have for my mother of 80): XP Pro running PowerUser with DefenseWall guarding all threatgates and HitmanPro hidden in the router.

Problem is not ignorance only:
1. Friends helping her to enhance her PC and install all sorts of crab. It is so funny to see them bite the dust:
a) being a Power User (impersonated as Admin)
b) running into DefenseWall, bouncing back hard
c) the AV being out of their reach (in the router)

2. Friends who she trust sending her funny emails, with click to open attachements (some with stupid movies, others with malware)

3. Vulnaberable to social engineering (older people are probably more inclined to respect authority, being helpful to their banks), luckily a public information campaign in the Netherlands, reduced this risk

 

Oh you have clicker machines you work on as well? My younger kids are clickers, so I have some experience in this.

One thing I can tell you for sure is Webroot alone will not do the trick.. Period, end of story. If you want proof search google with adblockers disabled for "Firefox", click on the first link. It's a trojan downloader that goes right past Webroot, and installs a bunch of crap. MalwareBytes/Chicalogic nails it, Webroot is ignorant of it. I have run into this way too many times to put full trust into most single packaged products. (Webroot or otherwise - for the record)

Appguard is too intrusive for a clicker that doesn't have much PC knowledge in my opinion, and the whole 'click here to install' stuff doesn't work too well. Especially for kids, or really bad clickers.

I'd go with Webroot+MBAM/Chicalogic, set Webroot Heuristics to max, and MBAM/Chicalogic PAID set to realtime file/web protection. That should solve most issues.

If they are really bad clickers, add BotRevolt, you can find coupons for that for $9.99 unlimited PC's. Basically it's Peerblock that doesn't suck, and has better lists, well over 1.6 MILLION malware domains.

F-Secure isn't bad, but still misses stuff with heavy clickers, so even with F-Secure I would add MBAM-Pro/Chicalogic, and BotRevolt.

 

Combination I used to use for a relative's XP computer:
Returnil always on (except when I'd change things)
All user documents (including bookmarks) on another partition
Panda Cloud Antivirus

 

You either cure the insanity or you prevent the clickings from even happening.

Seriously though, perhaps consider some form of whitelisting.

 

I like all of your ideas, but I would add Norton DNS in the router. Webroot and MBAM paid together is a pretty good combination in my opinion. I prefer peerblock to BotRevolt, but BotRevolt is supposed to be moving to a free version that auto-updates somewhere down the road. The problem I have with BotRevolt is that is fails to always load on startup, and you have to re-install it to update the lists.

 

@SevereWX Replace Windows with a Linux distro. Use Norton DNS. Install chrome browser and use bitdefender trafficlight extension (it blocks lots of phishing & malware links)

 

Botrevolt doesn't require a re-install to update lists, and loads fine on startup. That was an early version that had issues. Also the free version of botrevolt now updates. So free is perfectly viable now if you don't want to pay the $9 - but keep in mind the free version is several versions behind the paid version (which is an entirely different installer) Also, BR tells me they have a major patch coming out in a few weeks when I asked them about some features I wanted. The biggest difference is peerblock has way too many good IP addresses it blocks. Like OperaASA, and many AV update IP's, etc. BR has a staff that manually removes bad blocks like that, and creates custom lists. BR staff removes dead IP's as well, I noticed they pulled several thousand 'dead' IP's last week alone in tracking numbers.

So overall, it's improved, and seems to be getting better. I only run it on 'clicker' machines to be honest.