TR Forums

This question has probably been asked a thousand times, but I'm asking again for the sake of having up-to-date responses (things change over time). My folks (now in their mid-60's) and some older friends seem to be having increasing problems with malware infections. I've done my best to teach them good practices, but they just can't seem to be made safe from themselves. Microsoft Security Essentials has become utterly incompetent, and most every free solution (e.g., Avast, AVG) nags the user far too much. This only further confuses them, and leaves them vulnerable to fake-antivirus attacks; "I don't know what it was, it was the same stuff that always pops up". Loading their browser with a script-blocker would probably help significantly, but would cause too many complaints.

Since I'm fairly tech savvy and don't make a habit of infecting myself, I have very little knowledge of the anti-malware marketplace. What was once a good solution may no longer be, and most "reviews" on this sort of thing seem to be heavily biased and unhelpful. What I can say is that I want a PAID anti-malware solution. It needs to be:

• Very unobtrusive and transparent
• Moderate-To-Strong Protection
• Almost non-existent subscription nagging (or very long subscription periods)
• Preferably not too heavy on system resources (though this can be sacrificed some)
• Preferably not from McAffee or Symantec

Did you perform step zero, which is make them non-administrative users? Once a system is set up there's very little need for administrator privileges (I run my personal system as a non-Admin user on an everyday basis), and it saves a lot of potential headaches. My elderly (and increasingly forgetful) mother gets a phone call about once a month on average from someone with a very thick accent telling her there's "something wrong" with her computer and trying to get her to install a VNC/remote desktop-type program to "fix" it. Usually she hangs up because she can't understand them (and then sends me a panic-y email) but I rest easier knowing that she couldn't install anything anyway because she doesn't know the admin password.

As for paid anti-malware, you may want to look at Kapersky or Bitdefender.

id you perform step zero, which is make them non-administrative users?

This first++;

That and keeping UAC enabled-- as useless as UAC seems at times-- is very useful.

Microsoft Security Essentials has become utterly incompetent

Sadly, this is well known and deliberate on Microsoft's part to abandon the product. Avast and AVG you can edit the registry to remove much of the nag screens (although there will still be a few), or you can fork out a few bucks and pay for something-- I think NOD32 or whatnot is often as cheap as $10...

UberGerbil wrote:

Did you perform step zero, which is make them non-administrative users?

I haven't, but I should. The problem is, these aren't my machines, so I can't go locking folks down on their own computers. I think what I'll do is give them the password to the admin account, and then kindly explain that it's not to be used except for when they're knowingly and intentionally installing software.

UberGerbil wrote:

As for paid anti-malware, you may want to look at Kapersky or Bitdefender.

Thanks for the suggestions. I managed to find a 3-license 2-year copy of Bitdefender's regular Antivirus on Amazon for about $20 bucks (less bloat than the full suite), so I grabbed it and I'll give it a shot on my parents rig.

Sorry, this isn't paid software, but whenever I'm stuck removing malware from a friend's or family member's system, I always do the following:

1: Run AdwCleaner, a fantastic little program that doesn't require installation and only takes ~5 minutes to run. It must be run in admin mode (right click, run as admin). It cleans browsers, the registry, and infected shortcuts. Restart. The computer runs noticeably faster and cleaner after this.

2: I reset any installed browsers to be safe. However, AdwCleaner usually does a fine job of removing browser hijackers and malicious search engines by itself.

3: Then, I clean off any remaining infections by running a standard Malwarebytes scan, which usually takes 10-30 minutes, depending on how slow the computer is (and they're usually very crappy machines ). Restart

4. Finish off by running a standard virus scan with whatever AV software the user has installed. Usually it will pick up nothing after running AdwCleaner and Malwarebytes. You may want to run disk cleanup as well, just as a finishing touch. I usually free up 8-20GB by cleaning the average user's HDD.

IMHO the ideal paid solution would be BitDefender running alongside Malwarebytes.

The Egg wrote:

UberGerbil wrote:

Did you perform step zero, which is make them non-administrative users?

I haven't, but I should. The problem is, these aren't my machines, so I can't go locking folks down on their own computers. I think what I'll do is give them the password to the admin account, and then kindly explain that it's not to be used except for when they're knowingly and intentionally installing software.

Right -- that's the way to approach it. The admin account will have a password, but if their regular (non-Admin) account does not -- and a home desktop (as opposed to a corporate laptop) doesn't really need one -- then simple convenience will tend to lead them to choose the non-Admin one (and all the more so if the machine is set to sleep / hibernate, so log-ins only tend to happen after system updates and any other rare reboot). Make the account name and picture something appealing, too. Just make sure any programs they use regularly don't require admin rights, or if something does (some hardware-related apps, for example) replace the shortcut with one set up to Run As Admin. Then the only worry is "drive-by" installs that bring up the Admin prompt, and hopefully you can caution them to think twice when they encounter that.

I also have the free version of Teamviewer set up to run on my mother's machine so I can check on it and fix things as necessary. Highly recommended. I once fixed a problem on her machine using my Android tablet while sitting in a Starbucks parking lot.

UberGerbil wrote:

As for paid anti-malware, you may want to look at Kapersky or Bitdefender.

Thanks for the suggestions. I managed to find a 3-license 2-year copy of Bitdefender's regular Antivirus on Amazon for about $20 bucks (less bloat than the full suite), so I grabbed it and I'll give it a shot on my parents rig.

Hope that works for you. I haven't used it in some time but it gets high marks for detection rates and usability on the independent evaluations I've seen.

Ive been using Spybot search and destroy for years. It has both a search function and a resident program to catch stuff, it also will do browser protection. It has caught a bunch of nasty ad based malware over the years and cleared out many systems I have run it on. Best part is it is also free, although they have started to monetize it recently, a lot of the bells and whistles you really do not need. A must install on all my rigs.

Starfalcon wrote:

Ive been using Spybot search and destroy for years. It has both a search function and a resident program to catch stuff, it also will do browser protection. It has caught a bunch of nasty ad based malware over the years and cleared out many systems I have run it on. Best part is it is also free, although they have started to monetize it recently, a lot of the bells and whistles you really do not need. A must install on all my rigs.

Used it long ago but for some reason thought it had shuffled off with Win98.

Starfalcon wrote:

Ive been using Spybot search and destroy for years..

+1, along with JavaCool's SpywareBlaster.

Be sure to enable the Resident function and IE Tweaks (even if you/they don't use IE). I also take their hosts file malware URLs and install them on my Linux machines, either through Linux Mint's "Domain Blocker" Control Center widget, or directly into /etc/hosts.

My security suite consists of:

Malware Bytes
Spyware Blaster
Spybot S&D
Avast AV
Kapersky TDSSKiller

For the past decade I've never had my personal system infected to the point where I was required to reinstall Windows. If only my parents, siblings or girlfriends themselves were proactive enough to patch their OS, install definition file updates and scan at least twice a week.

I did try setting them up on a non-admin account at first, but eventually they whined about not being able to install crap. Unfortunately, it seems a lot of what they install is bloat accompanied by bloat accompanied by trojans. Meh.

I use paid always-on Malwarebytes Anti-Malware backed up by MSE. Most malware threats these days are rogue applications--that is, they look and act like legitimate code and install via social engineering--and traditional AVs like Norton and AVG aren't well suited for this change-up. For what it's worth my company switched to Trend Micro after enterprise AVG failed repeatedly to protect the corporate network from idiots installing cryptolocker and the like, and I've used TM Housecall and HijackThis in years past.

These are both free and others have mentioned them. They are not real time. They are fast and your parents/ clients could run them periodically or when there are problems:
a. run tdsskiller – this checks for rootkits and corrects -3 minutes
b. run ADWcleaner- very fast and effective malware cleaner. scan/ select clean -5 or 10 minutes
I suggest downloading anti-malware from http://www.bleepingcomputer.com whenever they have what you need.

I have found Adwcleaner to be surprisingly effective for stubborn toolbars and BHOs. Malwarebytes is excellent for deeper malware, but allow over an hour in my experience.

Jim

Personally, I'm a big fan of the combination of a very good antivirus (eg kaspersky), but the internet security version (ok, more lag and bloat, but uneducated users won't notice that anyway), combined with spybot, spywareblaster and last but not least malwarebytes anti-malware (downloadcrew still sells the lifetime version of the product)

I ended up going with Bitdefender. I'm aware there are free solutions, but I didn't want them to be constantly pestered with nag screens. I also don't want to have to constantly babysit the system.

Anyhow, Bitdefender seems to be protecting them well enough so far, but it bogs down their old system considerably (S939 A64-X2, 2GB, Win 7) compared to MSSE. I managed to scrounge up some more low-latency DDR1, so we'll see how much of an improvement it gives.

When I bought my pc there was already symantec install here. So, I didn't look for other anti malware though I know that there were lots of controversies came up about symantec in previous year. I just upgraded my subscription to 360.