Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

New member here...looking for some advice on security software.


  • Please log in to reply
24 replies to this topic

#1 DriverDave

DriverDave

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:01 AM

Posted 14 March 2015 - 10:56 AM

Rather than an introduction post, I decided to jump right in....

 

I've been doing a lot of research and can't really find a good answer, so I thought I'd give you guys a shot.

 

First of all, I'm no super-user or guru, but I know my way around computers pretty well (basic users seem to think I'm the go-to expert). 

 

So, I just bought my aging father a new computer (fairly low end Dell PC with Win 7 pro, & 4g ram).  He basically knows nothing and no amount of teaching or coaching will change that.  He only uses it for Yahoo mail, web surfing, and lots of online shopping (along with an ipad mini).  My question is...What  is the easiest security solution that requires zero input from him, and only occasional check-ups by me (less than once a month)?  It must be able to handle a click-happy old guy that has doesn't know the difference between a window, an icon and a desktop!  Price is no object.  I'm looking for simple, fully automated, auto repairing, auto updating...etc.  I'm open to huge, resource hogging suites that cost a fortune, or stacking a few of the best free products.  I've run various versions of both setups on my own stuff through the years with varying levels of success.  I currently use Norton's suite, just for the simple set-it and forget-it arrangement.  My current system is more than fast enough to not be bogged down by a big suite.

 

I look forward to hearing your expert opinions, and thanks for the help.

 

-Dave



BC AdBot (Login to Remove)

 


#2 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 11:32 AM

Hi DriverDave :)

Sadly what you're asking isn't as easy as you think. If your dad is a "click happy" fella, no matter how much protection you install on his system, he'll end up infected. There's no security setup that have a 100% protection ratio, and there never will. You should teach your dad how to browse the web safely along with securing his system, or it'll just be useless. BleepingComputer have good tutorials and articles that explains the basics of safe web browsing and secure use of a computer, so I suggest you to pass along these articles to your dad so he can read them and learn from them. Here's two:

http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/

As for the Antivirus, Antimalware, Firewall suite you can install, despite the fact that you don't care about the "resources hog", I still think you should take it into consideration because at one point or the other, your dad will comeback to you and say that the new computer you bought him is "slow" or doesn't respond fast enough. Is it possible to have the full specs of the Dell computer you bought him, just so we have an idea of what to recommend that will work well with it?

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#3 DriverDave

DriverDave
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:01 AM

Posted 14 March 2015 - 11:53 AM

Believe me, I've tried everything to get him to understand the basics and that he can't just click on anything, but his brain is pretty fried from years of addiction to Percocet and being high all the time.  It just doesn't get through.  I know there's no "magic" security setup, I'm just looking for the option that requires the least amount of interaction from him, while still providing at least some level of protection against "stupid clicking" as I like to call it.

 

As for the Dell I got him...

Inspiron 3847, Win 7 Pro, Intel 4th gen i5-4460 6M cache-3.4GHz, 4GB DDR3 1600, 500GB SATA, Intel Integrated HD graphics. (and I think I even got a fair deal at $340)  Like I said, pretty basic, and a little light on the RAM, but adequate for his needs.  Also, he has pretty fast internet speeds, so there's no problem there.  He also will go many days without even getting on the computer...opting instead to use his ipad mini (somehow he manages to figure out how to use it every time he picks it up!).



#4 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 11:59 AM

Well it's going to be a bit hard if your dad keeps on clicking on everything. If I were you, I would make sure that he never enters personal information like his credit card number or a SSN on his computer, just in case. Also, what web browsers does he use? Is he okay with using Firefox or Chrome?

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#5 DriverDave

DriverDave
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:01 AM

Posted 14 March 2015 - 12:06 PM

I doubt he would even see the difference in web browsers, so yeah no problem using Chrome.  I may put RoboForm on it too to help with the personal information.  I've been using it for years for all my logins and personal info with great success.



#6 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 12:12 PM

If he uses Google Chrome, you can take this as an advantage to buff his security browser-based:
  • uBlock - For blocking ads and other scripts;
  • Web of Trust - User-based website ratings, it'll use a color code to display the trustiness level of websites (green, yellow and red) and send a warning if you access a webpage or website with a yellow or red rating;
  • HTTPS Everywhere - Basic HTTPS protection (forces HTTPS connections when possible);
  • Ghostery - Might not be needed for him, but protects against tracking on the web mostly, depends if your dad values his privacy or not;
You could also install Teamviewer on your dad's computer and add his computer to your Teamviewer account. This way, if he have a problem, he could call you and you could connect remotely in his machine in no time.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#7 DriverDave

DriverDave
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:01 AM

Posted 14 March 2015 - 12:14 PM

Thanks, I'll look into those.



#8 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 12:16 PM

No problem :) I have a friend that will post her recommendations soon regarding the Antivirus, Antimalware and Firewall to use and she's of good advice :)

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#9 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:11:01 AM

Posted 14 March 2015 - 12:37 PM

Hello, and :welcome: to BC!

Looking through your specs, you will want a lightweight AV with good functionality and minimal input.

My recommendations for this are Emsisoft Anti-Malware or ESET NOD32. Both are highly effective AVs with minimal footprint and require little input.

Personally I would use Emsisoft Anti-Malware as it covers both antivirus and antimalware (AM).

As for a firewall, the Windows 7 Firewall should be sufficient for your father's needs (see why here). No need for a third-party firewall.

Aside from that, I have some other suggestions to improve security:

- Malwarebytes Anti-Exploit: This is a small utility that will protect browsers from exploits - reducing the chance that malware will infiltrate the machine during surfing. It's a "fire and forget" tool - just install it and let it do its job. Remember to decline the trial during installation.

- SpywareBlaster: This is a tool that passively prevents browsers from accessing known malicious sites by blacklisting them in the browsers. It's also "fire and forget", no interactions required (save perhaps updating once in a while to add new entries to the blacklist).

Should you need any other advices, we here at Bleeping Computer will be happy to provide.

Regards,
Alex

#10 rp88

rp88

  • Members
  • 3,081 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:01 AM

Posted 14 March 2015 - 12:42 PM

My suggestion would be to use firefox as the browser and run NoScript in it. This should avoid most of the drive-by style attacks and malvertising which is the thing a "click-happy" user is most at risk from. NoScript can be set to allow scripts from certain sites (the main site from anywhere he watches videos) whilst blocking all others, if you set it up correctly so everything he might need is allowed then he should never need to alter it's settings later. Running an adblocker in the browser would also be a wise move.

You should perhaps install firefox and then make sure to hide all the icons for starting internet explorer so that he will go straight to firefox as the browser and not open IE.

Chrome is also better than IE but for the strongest security you need a script blocking extension/add-on and although there are some for chrome they don't seem to be being actively developed.

Whichever browser you use, you should (alongside advert blocking and script blocking software) make sure all the un-necessary plugins are either disabled or put on "ask to activate". This basically means set flash player to "ask to activate" and all the others fully disabled. You should uninstall java entirely unless he needs it for a desktop program to run.

You also need make sure all his programs and his operating system are up-to-date. Most programs give you the option to automatically update thesedays, especially browsers and plugins, these should all be set to fully automatic.

My usual advice for windows updates is to set them to "check automatically but ask me when to download and install" because of some problems with updates over the last few years, but in this case it is probably better to have those updates on fully automatic.

As for an antivirus I'm not sure which to recommend here, my personal preference is AVG mainly because it is free, it does have the option to set up scheduled scans and things so it will automatically do a full system scan at a fixed time each week or month as you choose, it also automatically updates with little difficulty.

You should run an antimalware program alongside it too.

Another helpful thing is to make sure full file extensions are displayed in windows file explorer, teach him to NEVER open a file ending with .exe as this is the file type which most viruses are delivered by.

Aura's advice to put teamviwer or some other remote control software on his machine so you can log into it remotely makes sense under these circumstances.

Beyond this all the security advice i can give is the type which requires active user iteraction, in the long run your best option would be to teach him not to click on anything at all supicious.

Edited by rp88, 14 March 2015 - 12:42 PM.

Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#11 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 12:48 PM

I'm personally against the idea of installing AVG on this member's dad computer, mainly because AVG tries to make the user install a lot of useless software on the side like AVG PC TuneUp and Web TuneUp and his dad, being a click happy fella, will probably end up in installing these and this will just bloat down his system even more. Also, AVG isn't that light-weight on the resources, compared to ESET and Emsisoft products. His dad should also never open .jar, .com, .src, .bat, etc. files since they are also all commonly used to spred malware.

Edited by Aura., 14 March 2015 - 12:49 PM.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#12 rp88

rp88

  • Members
  • 3,081 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Local time:10:01 AM

Posted 14 March 2015 - 12:57 PM

"...tries to make the user install a lot of useless software on the side like AVG PC TuneUp and Web TuneUp..." oh yes, i've just learnt to ignore those junk offers but this is a problem with AVG which a click happy user might suffer because of. Maybe avast would be better?
Back on this site, for a while anyway, been so busy the last year.

My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB

#13 DriverDave

DriverDave
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:01 AM

Posted 14 March 2015 - 12:57 PM

Thanks for the info...I had already decided against AVG based on posts I read here.  And I was already leaning towards Emsisoft, so it's looking like that will be the route I take, along with the addition of the other stuff that essentially locks out access to potentially unsafe sites/ads.

 

Really, I don't thinks he actually does much random surfing.  The problem is more from ads on legit sites that he normally goes to.  He just can't seem to recognize ads from normal page content.  And although many of those ads are probably harmless, it could still lead him into other ads on other pages far away from where he started.  Before you know it, he's on a Turkish porn site, riding a Trojan horse!



#14 Aura

Aura

    Bleepin' Special Ops


  • Malware Response Team
  • 19,697 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:01 AM

Posted 14 March 2015 - 12:59 PM

If he doesn't mind with buying an Antivirus, I would suggest real paid Antivirus in opposition to popular free ones, mainly because they'll offer way more features and protection than the standard free ones. Alex's recommendations in that case are good, since both ESET and EAM are light-weight (which is needed for this computer) and are "install and run" Antivirus that won't bother the user with a lot of notifications.
The trick is to never click on ads, whatever they are. And if he uses uBlock, he shouldn't see any of them except in really rare cases.

animinionsmalltext.gif
unite_blue.png
Security Administrator | Sysnative Windows Update Senior Analyst | Malware Hunter | @SecurityAura
My timezone UTC-05:00 (East. Coast). If I didn't reply to you within 48 hours, please send me a PM.


#15 Sintharius

Sintharius

    Bleepin' Sniper


  • Members
  • 5,639 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:The Netherlands
  • Local time:11:01 AM

Posted 14 March 2015 - 01:01 PM

My suggestion would be to use firefox as the browser and run NoScript in it. This should avoid most of the drive-by style attacks and malvertising which is the thing a "click-happy" user is most at risk from. NoScript can be set to allow scripts from certain sites (the main site from anywhere he watches videos) whilst blocking all others, if you set it up correctly so everything he might need is allowed then he should never need to alter it's settings later. Running an adblocker in the browser would also be a wise move.

Chrome is also better than IE but for the strongest security you need a script blocking extension/add-on and although there are some for chrome they don't seem to be being actively developed.

To be honest, I do not recommend script blockers for non-advanced users since it is impossible to whitelist each and every page that an average user might visit in one day - and there is also the risk of whitelisted pages being compromised and delivering malware instead.

Because of that, I prefer to use MBAE - it'll block exploits (which is basically what malicious scripts are used for) without interfering with legit pages, and also require no interactions from users at all (the only times when you'll know it's there is when it blocked something and warned you). MBAE is also lightweight and doesn't take much to run at all.
 

"...tries to make the user install a lot of useless software on the side like AVG PC TuneUp and Web TuneUp..." oh yes, i've just learnt to ignore those junk offers but this is a problem with AVG which a click happy user might suffer because of. Maybe avast would be better?

Avast Free has the yearly nagging, which I don't think is good for users like Dave's father.

If Dave is looking for a free solution then I would recommend BitDefender Free Edition.
 

Thanks for the info...I had already decided against AVG based on posts I read here.  And I was already leaning towards Emsisoft, so it's looking like that will be the route I take, along with the addition of the other stuff that essentially locks out access to potentially unsafe sites/ads.

If you decide to install Emsisoft Anti-Malware, remember to choose to join the Anti-Malware Network during installation and whitelist applications that are commonly updated in File Guard (in this case would be the browsers). It will cut down the amount of notifications to almost zero.

Disclaimer: I use Emsisoft Internet Security myself, and the only alerts I ever get are "application changed" ones (because I did not bother to whitelist all of the applications on my machine).

Regards,
Alex

Edited by Alexstrasza, 14 March 2015 - 01:06 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users