Need some help/suggestions...

Discussion in 'other anti-malware software' started by Vilmalith, Jan 28, 2011.

Thread Status:
Not open for further replies.
  1. Vilmalith

    Vilmalith Registered Member

    Joined:
    Nov 28, 2007
    Posts:
    63
    I'm in need of a security setup for non technical end users (more home environment then business) that is free and doesn't give the user a lot of pops but is secure well still letting them user use their pc like they are used too.

    I've tried many different things but haven't found "the" setup/suite that accomplishes this.
     
  2. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    You lack to mention the operating system. This is always a good start. ;)
     
  3. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,956
    Location:
    U.S.A.
  4. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Also depends on what type of security you want . . .
    Layered defense? or a simple setup, maybe snapshot type of protection? :D
     
  5. Sully

    Sully Registered Member

    Joined:
    Dec 23, 2005
    Posts:
    3,719
    Oh man, you are in league with so many of your peers.

    For true non-technical, it is hard to achieve. If it were me, I would get them a light AV and maybe MBAM. While the AV does rely on signatures and can be "behind", a lot of things they might pick up will be found, avoiding the easy situations. MBAM as an on-demand scanner will clean up a lot of issues and it really easy to use.

    For the rest of it, it is a hard call. The best bet would be to put them in a User group only, and show them how to use something like SuRun. Next would maybe be using UAC, but you still have to take into account that UAC just pops up a prompt that says "can I do this? Ok ? Click OK, OK?" And they click ok, and you know the rest.

    You could use Sandboxie in conjuction, the only real downfall is the users have to understand what a file structure is and how Sandboxie will keep all they do "separate" from the real system, and they have to "recover" what they want if they want to keep it.

    There are many many other ways to go about doing it of course. I tend to use those I stated for people who have had problems in the past. I had to tell them, if you want my help (usually free) you have to learn a little something. They can't just keep on clicking whatever they want and expect to stay problem free. Most of them are willing, but it also requires a good teaching technique to avoid the "glossy eyed deer in the headlights" reactions with many such users.

    HTH>

    Sul.
     
  6. phalanaxus

    phalanaxus Registered Member

    Joined:
    Jan 19, 2011
    Posts:
    499
    Adding to what Sully suggested, using a dns service like ClearCloud could be an option.
     
  7. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    LUA + SRP works too.
    Just install the basic programs that people generally use, set the rules necessary and ready to fight malware! (IM, Browser, Few Games and you're ready to go).
     
  8. Vilmalith

    Vilmalith Registered Member

    Joined:
    Nov 28, 2007
    Posts:
    63
    Didn't mention an os cause it varies, xp up to win7 (most of the win7 machines are 64bit). Everything had been fine for awhile, but the fake AV and AS programs seem to be a problem lately for these people. I'm having a hard time putting something together that stops/catches them without affecting how the user uses their system (I think this is a catch 22 though...).

    In terms of what I'm looking for, a suite or layered defense (but it has to be free, finding it hard to talk these people into putting money down for security......). I figured I'd try here (been a lurker for years) since I'm having trouble nailing this down. The big thing is that it has to have minimal affect on the user side, otherwise I'll have more calls/emails with questions on what should be done then I'd get calls for malware warnings/infections.
     
  9. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    How about Comodo Internet Security with alerts suppressed?
     
  10. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    first things first...

    imaging and/or backup should be top priority.

    you never know when the stupid husband/wife/kid is gonna click "Install" on that shiny rogue fake AV.

    with a good imaging/backup plan you won't hear "i lost all my pictures". :ouch:
     
  11. NAMOR

    NAMOR Registered Member

    Joined:
    May 19, 2004
    Posts:
    1,526
    Location:
    Arkham Asylum
    Don't for get patches for the OS and 3rd party software. ;) Educating the user would be another good thing to do...
     
  12. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    Microsoft Security Essentials
    Prevx Facebook Edition (block keyloggers incase they do get infected)
    Malwarebytes (show how to update and scan - most will never do this even after you show them several times)

    You're asking the golden question no-one here can answer adequately. Paid is obviously the way to go for non-technical users. Paid prevx (great support and detection of rogues), or paid malwarebytes (blocks rogues and excellent removal), or paid Hitman Pro (easy to use, great detection, ease of use) to run at startup. At least one of these.
     
  13. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    If you're asking for paid, i would recommend Norton Internet Security! :D
    Light, easy to use and offers good protection! :thumb:
     
  14. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    I thought you were going to recommend Emsisoft Anti-Malware :cool:
     
  15. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Hahaha, EAM offers top notch detection but it's BB and Surf Protection can be annoying for average users :rolleyes:

    Anyways, EAM is a very good option too and it's extremely cheap when buying multiple license!
     
  16. Kernelwars

    Kernelwars Registered Member

    Joined:
    Aug 12, 2010
    Posts:
    2,155
    Location:
    TX
    comodo internet security..:cool:
     
  17. justenough

    justenough Registered Member

    Joined:
    May 13, 2010
    Posts:
    1,509
    If these people are clicking on fake AV programs and other social engineering malware, you are fighting a losing battle. You have to educate them or walk away. I guess there's a third option, and that's to enjoy being needed.
     
  18. Noob

    Noob Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    6,468
    Comodo would be a bit too much :rolleyes:
    He wanted something simple for average users :D
     
  19. Page42

    Page42 Registered Member

    Joined:
    Jun 18, 2007
    Posts:
    5,829
    Location:
    Last Breath Farm
    Windows auto updates.
    Windows FW.
    avast! Free.
    MBAM Free on-demand.
    Pretty basic & should keep them out of most trouble.
    Any deviation from the above begins to violate in some manner your predefined rules of free, non-technical and no popups.
     
  20. Boyfriend

    Boyfriend Registered Member

    Joined:
    Jun 7, 2010
    Posts:
    1,070
    Location:
    Pakistan
    I agree with Sully and phalanaxus.

    Lightweight AV (Avast/Avira Free AV) + Windows FW + MBAM (Free) + Norton/ClearCloud DNS
     
  21. Boost

    Boost Registered Member

    Joined:
    Feb 2, 2007
    Posts:
    1,293
    Got this setup on a co-workers PC,they've never called me since it was installed on their PC 2 years ago. No problems,period. :thumb:

    http://www.returnilvirtualsystem.com/ Free version

    +

    Malwarebytes Free Version
     
  22. TheKid7

    TheKid7 Registered Member

    Joined:
    Jul 22, 2006
    Posts:
    3,469
    A setup that I suggest is:

    1. AVAST Free or AVIRA Free
    2. MBAM (Malwarebytes Anti-Malware) On-Demand
    3. Sandboxie Free (Automatically Delete Sandbox Contents, Drop Rights enabled)
    4. Norton or ClearCloud DNS
    5. Macrium Reflect Free (Routine Backups to DVD(s) and/or internal or external hard drive)
     
  23. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    First, I'd like to make my own personal note regarding Sandboxie. I use it my self to isolate certain stuff. I also installed it to some relatives, but I had the time to verify every and each process needing access in each sandbox.

    After some trial and error, I got the applications to do what they need to do, without error messages. The same is not to say that no error messages won't ever appear; they might. In the future, some of the applications may introduce some new process it may need access, for example.

    The question is: Regarding Sandboxie do you have the time to test every application to be run under Sandboxie's protection? If yes, that's tremendous.

    But, you did mention it has to free security software, because they're not willing to pay for security software. OK, this means one thing: Sandboxie shareware version, as the author calls it, only allows one sandboxed application at a given time. This means they cannot have, for example, the web browser and media player sandboxed at the same time.

    If they enjoy browsing the web, at the same time they listen to music, no do. :D

    Given that, I'd like to ask which web browser they use? I forgot to ask it before. Sorry about it.

    But, if it's Internet Explorer, I could suggest the following (I'm excluding Sandboxie from the equation, obviously.), considering free and unobtrusive:

    0. Firewall: Windows Firewall

    1. Antivirus (real-time protection): Microsoft Security Essentials
    2. Antispyware (real-time passive protection): SpywareBlaster + Spybot - Search & Destroy (Do not install TeaTimer module)
    3. Antimalware (on-demand): Malwarebytes Anti-Malware

    4. Threats Mitigation: Microsoft EMET

    I'd keep UAC enabled. This will allow them to run Windows Vista/7 under a standard user account. This by itself will prevent quite a few infections.
    Unlike popular belief, UAC alerts don't appear out of the blue. You just need to explain them when they will see such alerts, and if they get one when using the web browser, for example, simply close the alert.

    I would, personally, create different standard user accounts for each different task. One only for web browsing; one only for accessing e-mail; one only for accessing bank account, if the case; one for general purpose.

    Regarding Windows XP, you could go the same route, except you'd have to install SuRun, to give them the same UAC experience, allowing them to use limited user accounts, and elevate only when needed. You may even set SuRun to auto-elevate those applications.

    Also, personally, and if you think it would be needed, I'd install AVG LinkScanner. I know it has prevented some of my relatives from entering sites hosting exploits. Some of the times, sites deemed to be safe.

    They're not me, and cannot handle certain restrictions, so I find this to be a pretty good solution.

    Those who can handle to learn and pay for Sandboxie, I install them Sandboxie. :D

    -edit-

    I forgot to mention that, just like what user TheKid7 mentioned, choose a third-party DNS service like ClearCloud or Norton. You should first see if there's no much difference between your ISP DNS service and those mentioned here, in terms of speed.

    Also, backup!
     
  24. jmonge

    jmonge Registered Member

    Joined:
    Mar 20, 2008
    Posts:
    12,883
    Location:
    Canada
    i will say avast free and spyshelter free;)
     
  25. malexous

    malexous Registered Member

    Joined:
    Jun 18, 2010
    Posts:
    828
    Location:
    Ireland
    The two features missing in the shareware version are mentioned here: http://www.sandboxie.com/index.php?FAQ_Licensing

    With the shareware version, it is only the amount of sandboxes running that is limited, not the number of applications.
     
    Last edited: Jan 29, 2011
Loading...
Thread Status:
Not open for further replies.