What is a Good, Free Setup for "Average Users"

So far on family's computers, and some friends, I usually just put Avast! free and Malwarebytes on for on-demand scans. Sadly I know Avast! doesn't stop everything, and they usually fail to run scans with MBAM.

I would like to know if there is a better free setup for the "average user" which I would define as:

- Middle-aged people whose only knowledge includes going online, doing email, typing documents. No knowledge of computer security other than knowing they need an antivirus.

- Teenagers and young adults who frequently go online, especially to Facebook, who click on ads and links, and who use FrostWire or uTorrent, because they're "safer" than LimeWire, and despite telling them they will get infected, they don't want to give up free music.

- Elderly people who rarely use the computer but who are gullible to social engineering and can't handle to learn anything complex.

So I need a good, free, easy-to-use setup for the types of users described above, who need something that just works, is quiet, and requires little-to-no user interaction and maintenance.

Your opinions are much appreciated!

 

avast + sandboxie + mbam on demand + hmp scan daily at startup + norton dns + monthly backup

 

id say sandboxie free or paid and just tell them to click the web browser icon for sandboxie free. plus set sandboxie to delete the contense of the sandbox after close of browers.

then really any AV will work because sandboxie pretty strong. AVG, Avast and panda cloud are pretty good. havnt use avira free much.

 

use avast or panda cloud av + sandboxie free (set it drop rights and automatically delete contents of sandbox) + keriver 1-click restore free

 

I had a feeling most of you would recommend Sandboxie. I tried it once, and to be honest it seems harder to use than say DefenseWall or GeSWall, of course DW isn't free, and neither works on 64-bit, which most computers sold today are 64-bit.

The main concern I have with Sandboxie's user-friendliness is the extraction of safe files when I tried it. Would something like the new BufferZone be a good alternative, since to unisolate something it's as easy as DW or GW, since you just right-click and make it trusted? It it would be okay, please tell me what settings to tweak to make it as secure as Sandboxie.

Thanks!

 

appguard is a good choice.

also sandboxie really only if they download something from a browser they just need to recover the file thats downloaded. you get a popup asking you to recover.

 

I think the op asked for free setup........

 

Comodo internet security should be enough. really!

 

Comodo internet Security or
Avast and Comodo firewall.

 

Comodo requires user input for Def+ popups. I tried it on my Mom and brother's PCs and even for Panda Cloud it had a popup, and I believe CCleaner. I don't want anyone to have to respond to popups.

 

Yeah no offense to comodo ( Since I am a faithful user) but I wouldn't put it on my mom's laptop. I'd be getting calls why things weren't working. Yes I do know about the new no-prompt option but it still blocks programs that they might need to run.

 

And also said average users are ones who will install programs afterwards, so it can't be a setup that just keeps there computer as I set it up and doesn't allow changes.

 

My mother's computer has Chrome + Adblock and then EMET. It's also running MSE.

She's infected computers in the past. Nothing's gotten past this setup though. She's what I would call an "at risk" user though.

edit: This setup has the advantage of being completely silent and very effective. I've never had MSE pick anything up on her computer, things don't get that far.

 

MSE, Firefox with WOT set to block websites and sandboxie.

 

Don't forget Secunia.

 

Sandboxie can be made "stealthy" and very easy to use, here's some simple tips:

- In the browser select a default folder for all downloads;

- In Sandboxie settings:
. allow direct access to the default download folder you selected previously in the browser, and eventually to the desktop (that way you won't be asked if you want to "extract" the files, they will just be saved into the real location)

. allow direct access to bookmarks and other stuff you may need ("web browser settings" or something like that)

. set sandboxie to automatically delete all contents inside the sandbox when the browser is closed.

. remove the yellow boarder.

In the Desktop and Start menu:
. replace the original sandboxie icon in the desktop with the one of your browser, and give it the name of your browser either. Also replace or remove all other shortcuts that may open your browser outside sandboxie.

 

Ok. I installed it on my brother's computer and tried what you said. Chrome is the default browser so it's always sandboxed, and I made the Sandboxie browser icon the only one. I also turned off the yellow border and set it to automatically delete all contents when the program closes.

However, I'm not sure on the direct access. I went into the sandbox's setting's, went to "file access", and gave "direct access" to the "downloads" folder. Is that correct? Is there a risk of a drive-by download loading from there?

Lastly, is there a way to change the Sandboxie icon? I'm really hating the pizza slice look, and was wondering if I could change the icon to the attached icon I made. However I've tried changing a program's icon before in Windows 7, and when I select a custom icon, it says no icons in the file.

 

Chrome + Adblock Plus. Chrome solves Flash and browser exploits right off the bat. IT's been known to stop Java exploits as well. It has a fairly strong SafeBrowsingAPI - NSS labs puts it somewhere between 30 and 40% of malware being blocked by the SBAPI alone.

EMET. EMET Java and Chrome (disable EAF for compatibility) and you make it significantly more difficult to exploit browser plugins. Make sure you EMET their PDF reader as well.

Sandboxie with holes poked in it isn't too useful. If you give "full access" to a folder then any exploit can just execute from that folder. If you give Direct Access your family is going to have a difficult time understanidng how to use it.

You could probably tweak it a lot to make it work though.

Honestly, if you use Chrome + Adblock + EMET you're going to be fine. Want to be extra safe? Throw in Panda Cloud + URL Filter. Panda's nice for novice users because of its cloud approach, which doesn't rely so heavily on staying up to date.

 

Give SpyShelter firewall a try. Run internet facing apps as restricted and add mbam on demand and you are good to go.

 

That won't work on 64-bit systems for free, which most are nowadays, including the one's I'm working with.

And about EMET, I put it on my PC first, and added Chrome to it, and left everything checked except EAF.

1. Is that right?
2. What do I add for Java?
3. Will this ever need to be reconfigured or updated?
4. Should the whole program be left at opt in?

 

avast 7 now in beta is going to be really good for a free av. id use that

 

Yes, is correct if that's the default download folder you picked in google chrome.
Yes, there is that risk, but is low (especially if you create a custom download folder, in other location than the one pre-defined in google chrome) and that will solve the problem with the prompt for "extraction". I use Sandboxie for a long time in that way, and i never got infected.

Is really easy, just right-click in Chrome desktop shortcut, choose "change icon" and copy the destiny location. Then, right-click in sandboxie "pizza" desktop shortcut, choose "change icon" and paste the location you copied before. Click "Ok" and that's it

 

1) Yes, that's correct.

2) For Java add java.exe, javaw.exe, javaws.exe - you can leave EAF or disable it. It can cause issues.

3) Only when EMET is updated, which isn't often. It's been a year I think since the last one.

4) No. Opt-In is less secure than Opt-Out if you're referring to system settings. Just leave those at default (DEP: Opt Out, SEHOP: Always On, ASLR: Opt In.)

 

There are two problems wiht this

1) If they ever want to save to somewhere other than the downloads folder it will be virtualized

2) If they execute or open a file from Chrome's download shelf it will be opened within the sandbox - this can lead to a lot of problems for a novice user.

You can solve 2 by allowing Full Access - but this is a big hole to poke into a sandbox and would allow for anything to drop a payload into the folder and then execute it outside of Sandboxie.

 

Next post/page!