What is a Good, Free Setup for "Average Users"

Discussion in 'other anti-malware software' started by Brandonn2010, Feb 6, 2012.

Thread Status:
Not open for further replies.
  1. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    So far on family's computers, and some friends, I usually just put Avast! free and Malwarebytes on for on-demand scans. Sadly I know Avast! doesn't stop everything, and they usually fail to run scans with MBAM.

    I would like to know if there is a better free setup for the "average user" which I would define as:

    - Middle-aged people whose only knowledge includes going online, doing email, typing documents. No knowledge of computer security other than knowing they need an antivirus.

    - Teenagers and young adults who frequently go online, especially to Facebook, who click on ads and links, and who use FrostWire or uTorrent, because they're "safer" than LimeWire, and despite telling them they will get infected, they don't want to give up free music.

    - Elderly people who rarely use the computer but who are gullible to social engineering and can't handle to learn anything complex.

    So I need a good, free, easy-to-use setup for the types of users described above, who need something that just works, is quiet, and requires little-to-no user interaction and maintenance.

    Your opinions are much appreciated!
     
  2. Sherlock_Holmes

    Sherlock_Holmes Registered Member

    Joined:
    Mar 21, 2010
    Posts:
    1,447
    Location:
    Mumbai
    avast + sandboxie + mbam on demand + hmp scan daily at startup + norton dns + monthly backup
     
  3. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    id say sandboxie free or paid and just tell them to click the web browser icon for sandboxie free. plus set sandboxie to delete the contense of the sandbox after close of browers.

    then really any AV will work because sandboxie pretty strong. AVG, Avast and panda cloud are pretty good. havnt use avira free much.
     
  4. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    use avast or panda cloud av + sandboxie free (set it drop rights and automatically delete contents of sandbox) + keriver 1-click restore free
     
  5. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    I had a feeling most of you would recommend Sandboxie. I tried it once, and to be honest it seems harder to use than say DefenseWall or GeSWall, of course DW isn't free, and neither works on 64-bit, which most computers sold today are 64-bit.

    The main concern I have with Sandboxie's user-friendliness is the extraction of safe files when I tried it. Would something like the new BufferZone be a good alternative, since to unisolate something it's as easy as DW or GW, since you just right-click and make it trusted? It it would be okay, please tell me what settings to tweak to make it as secure as Sandboxie.

    Thanks!
     
  6. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    appguard is a good choice.

    also sandboxie really only if they download something from a browser they just need to recover the file thats downloaded. you get a popup asking you to recover.
     
  7. ams963

    ams963 Registered Member

    Joined:
    May 3, 2011
    Posts:
    5,965
    Location:
    Parallel Universe
    I think the op asked for free setup........
     
  8. pintas

    pintas Registered Member

    Joined:
    Apr 2, 2010
    Posts:
    171
    Comodo internet security should be enough. really!
     
  9. lordraiden

    lordraiden Registered Member

    Joined:
    Jan 30, 2006
    Posts:
    3,067
    Comodo internet Security or
    Avast and Comodo firewall.
     
  10. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Comodo requires user input for Def+ popups. I tried it on my Mom and brother's PCs and even for Panda Cloud it had a popup, and I believe CCleaner. I don't want anyone to have to respond to popups.
     
  11. kjdemuth

    kjdemuth Registered Member

    Joined:
    Jul 29, 2005
    Posts:
    2,960
    Location:
    Boston, MA
    Yeah no offense to comodo ( Since I am a faithful user) but I wouldn't put it on my mom's laptop. I'd be getting calls why things weren't working. Yes I do know about the new no-prompt option but it still blocks programs that they might need to run.
     
  12. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    And also said average users are ones who will install programs afterwards, so it can't be a setup that just keeps there computer as I set it up and doesn't allow changes.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    My mother's computer has Chrome + Adblock and then EMET. It's also running MSE.

    She's infected computers in the past. Nothing's gotten past this setup though. She's what I would call an "at risk" user though.

    edit: This setup has the advantage of being completely silent and very effective. I've never had MSE pick anything up on her computer, things don't get that far.
     
  14. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,124
    Location:
    Pennsylvania.
    MSE, Firefox with WOT set to block websites and sandboxie. :D
     
  15. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
    Don't forget Secunia.
     
  16. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Sandboxie can be made "stealthy" and very easy to use, here's some simple tips:

    - In the browser select a default folder for all downloads;

    - In Sandboxie settings:
    . allow direct access to the default download folder you selected previously in the browser, and eventually to the desktop (that way you won't be asked if you want to "extract" the files, they will just be saved into the real location)

    . allow direct access to bookmarks and other stuff you may need ("web browser settings" or something like that)

    . set sandboxie to automatically delete all contents inside the sandbox when the browser is closed.

    . remove the yellow boarder.

    In the Desktop and Start menu:
    . replace the original sandboxie icon in the desktop with the one of your browser, and give it the name of your browser either. Also replace or remove all other shortcuts that may open your browser outside sandboxie.
     
  17. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    Ok. I installed it on my brother's computer and tried what you said. Chrome is the default browser so it's always sandboxed, and I made the Sandboxie browser icon the only one. I also turned off the yellow border and set it to automatically delete all contents when the program closes.

    However, I'm not sure on the direct access. I went into the sandbox's setting's, went to "file access", and gave "direct access" to the "downloads" folder. Is that correct? Is there a risk of a drive-by download loading from there?

    Lastly, is there a way to change the Sandboxie icon? I'm really hating the pizza slice look, and was wondering if I could change the icon to the attached icon I made. However I've tried changing a program's icon before in Windows 7, and when I select a custom icon, it says no icons in the file.
     

    Attached Files:

  18. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Chrome + Adblock Plus. Chrome solves Flash and browser exploits right off the bat. IT's been known to stop Java exploits as well. It has a fairly strong SafeBrowsingAPI - NSS labs puts it somewhere between 30 and 40% of malware being blocked by the SBAPI alone.

    EMET. EMET Java and Chrome (disable EAF for compatibility) and you make it significantly more difficult to exploit browser plugins. Make sure you EMET their PDF reader as well.

    Sandboxie with holes poked in it isn't too useful. If you give "full access" to a folder then any exploit can just execute from that folder. If you give Direct Access your family is going to have a difficult time understanidng how to use it.

    You could probably tweak it a lot to make it work though.

    Honestly, if you use Chrome + Adblock + EMET you're going to be fine. Want to be extra safe? Throw in Panda Cloud + URL Filter. Panda's nice for novice users because of its cloud approach, which doesn't rely so heavily on staying up to date.
     
    Last edited: Feb 19, 2012
  19. buckslayr

    buckslayr Registered Member

    Joined:
    Jun 1, 2009
    Posts:
    484
    Location:
    Michigan, USA
    Give SpyShelter firewall a try. Run internet facing apps as restricted and add mbam on demand and you are good to go.
     
  20. Brandonn2010

    Brandonn2010 Registered Member

    Joined:
    Jan 10, 2011
    Posts:
    1,849
    That won't work on 64-bit systems for free, which most are nowadays, including the one's I'm working with.

    And about EMET, I put it on my PC first, and added Chrome to it, and left everything checked except EAF.

    1. Is that right?
    2. What do I add for Java?
    3. Will this ever need to be reconfigured or updated?
    4. Should the whole program be left at opt in?
     
  21. Brocke

    Brocke Registered Member

    Joined:
    Mar 16, 2008
    Posts:
    2,191
    Location:
    USA,IA
    avast 7 now in beta is going to be really good for a free av. id use that
     
  22. AlexC

    AlexC Registered Member

    Joined:
    Apr 4, 2009
    Posts:
    1,280
    Yes, is correct if that's the default download folder you picked in google chrome.
    Yes, there is that risk, but is low (especially if you create a custom download folder, in other location than the one pre-defined in google chrome) and that will solve the problem with the prompt for "extraction". I use Sandboxie for a long time in that way, and i never got infected.

    Is really easy, just right-click in Chrome desktop shortcut, choose "change icon" and copy the destiny location. Then, right-click in sandboxie "pizza" desktop shortcut, choose "change icon" and paste the location you copied before. Click "Ok" and that's it :thumb:
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    1) Yes, that's correct.

    2) For Java add java.exe, javaw.exe, javaws.exe - you can leave EAF or disable it. It can cause issues.

    3) Only when EMET is updated, which isn't often. It's been a year I think since the last one.

    4) No. Opt-In is less secure than Opt-Out if you're referring to system settings. Just leave those at default (DEP: Opt Out, SEHOP: Always On, ASLR: Opt In.)
     
  24. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    There are two problems wiht this

    1) If they ever want to save to somewhere other than the downloads folder it will be virtualized

    2) If they execute or open a file from Chrome's download shelf it will be opened within the sandbox - this can lead to a lot of problems for a novice user.

    You can solve 2 by allowing Full Access - but this is a big hole to poke into a sandbox and would allow for anything to drop a payload into the folder and then execute it outside of Sandboxie.
     
  25. guest

    guest Guest

    Next post/page!
     
    Last edited by a moderator: Feb 20, 2012
Loading...
Thread Status:
Not open for further replies.