Good Anti-Virus for Terrible User

Jon55

2[H]4U
Joined
Jul 7, 2008
Messages
2,349
My buddy uses his computer for business and personal, but it's infested with crap and needs to be completely wiped (there's nothing he needs to save on it). He's the kind of guy you probably know who just sucks at using computers; always manages to get viruses or adware magically.

I usually use MSE and that's worked fine, but since he's a special case I was wondering if you guys had a better, stronger recommendation. Just something free that won't ever get in the way.
 
What's the old saying? An ounce of prevention is worth a pound of cure? Set him up with a user account, install whatever software that's essential to him, change the administrator password and keep it hidden from him. Oh, and charge him handsomely for said service.

Anecdotally, I've had NOD32 catch stuff MSE hasn't. Whether those have been meaningful things I haven't paid much attention to since I was against the company paying for the licenses in the first place.
 
I'm not really sure what to recommend. I'm a huge fan of NOD32, but there is only so much you can do if the user doesn't practice good/safe computing habits. As wonderfield said, you can lock 'em down to a regular user account, but chances are you'll be getting bugged constantly to update java/flash/install software/etc.

Perhaps just do a clean install, get drivers and software installed and then make an image? That way, the next time he messes it up... it makes your life that much easier?

Something like NoScript would probably do him wonders, the only downside is it's not convenient for most people having to manually whitelist sites. For non-power users, its likely also confusing.
 
MSE is not good enough for a "terrible" Internet user.

For someone that is not a good Internet user, I would recommend either Kaspersky or Avast.

Both have the normal AV modules, but they also include web scanning modules that look specifically at Internet traffic, above and beyond what the firewall does. That module alone blocks quite a bit of traffic from even hitting the PC. I would also suggest setting their DNS to use Norton's DNS service, which will prevent name resolution to websites that have known malware.
 
Awesome guys, thanks for all the help!

MSE is not good enough for a "terrible" Internet user.

For someone that is not a good Internet user, I would recommend either Kaspersky or Avast.

Both have the normal AV modules, but they also include web scanning modules that look specifically at Internet traffic, above and beyond what the firewall does. That module alone blocks quite a bit of traffic from even hitting the PC. I would also suggest setting their DNS to use Norton's DNS service, which will prevent name resolution to websites that have known malware.

Yeah pretty much the reason why I asked in the first place. I like MSE, but I also don't click on "FREE DOWNLOADZ!!" and shit like that. Thanks for the help!
 
I think a user account will be the best, I'd also considering adding adblock plus which will prevent him from seeing as much risky content.

You could use pfsense or similar with pfblocker to prevent him from going to countries with sketchy sites.
 
I think a user account will be the best, I'd also considering adding adblock plus which will prevent him from seeing as much risky content.

You could use pfsense or similar with pfblocker to prevent him from going to countries with sketchy sites.

Does ABP actually prevent potentially malicious code from being downloaded-or does it just not show it?

The problem the OP will have is any measures he puts in place to protect the user against himself...well sooner or later whitelisting sites from script blockers and ad blockers and so on gets onerous...and odds are if he can he'll just disable them, or call you demanding you disable them as there will be false positives no matter what. Only question is how frequent and annoying they are.

Free AV...meh. Free ones aren't that good IMHO. I run VIPRE on my machine, but I got it ultra-cheap lifetime license on Black Friday. I'm also not an idiot when it comes to clicking on anything on the monitor.
 
My buddy uses his computer for business and personal, but it's infested with crap and needs to be completely wiped (there's nothing he needs to save on it). He's the kind of guy you probably know who just sucks at using computers; always manages to get viruses or adware magically.

I usually use MSE and that's worked fine, but since he's a special case I was wondering if you guys had a better, stronger recommendation. Just something free that won't ever get in the way.

Move him to linux. There's no way to keep certain type of users safe. All antiviruses leak sooner or later.
 
Does not answer my question whatsoever, just bandies the word "remove" about without explaining what it actually means in the context of ABP.

Firefox version of ABP blocks the download totally, Chrome just prevents showing it. Both ways are ok, the file is not dangerous if it's not being executed or displayed in any way.

But seriously. If your friend uses office tools and browses some (porn) on the web, nothing works better than some mainstream linux distro for him. Windows will be just a repeated pain in the ass for this kind of users.

My parents used to be virus magnets, tried all sorts of antiviruses and always they managed to get viruses or malware or both. Forced them to linux and bam, no more problems.
 
I would recommend setting up an Open DNS account for him and change the IP DNS servers to the openDNS servers. They have good website blocking controls and an easy to use settings menu to configure his account.
 
Avast Free, enable Hardened mode (and probably oughta set it for Aggressive instead of Moderate).
I 2nd the OpenDNS suggestion.
 
Adblock Plus will block most of those "Free download" advertisements.

I would recommend Kaspersky, or maybe Bitdefender. Both consistently rank highly on AV tests.
 
As far as an "Antivirus/security" product, given AV Comparatives and Virusbtn ratings, I suggest Avira, ESET, Kaspersky, AVG, Avast and possibly BitDefender. However, only AVG, Avast, and Avira have full-featured free virus protection products. All listed tend to come in near the top, but some fluctuate more than others. Its also useful to, as others have suggested, try other software to counteract the "bad with computer mojo" actions of the user.

Ensure he's using FireFox (Chrome can also work, but I suggest Firefox for a number of reasons, especially particular addons) and a comprehensive selection of addons that help to stop him from downloading things he shouldn't. Here are a few.

AdBlock Plus (or AdBlock Edge) with the EasyList and EasyPrivacy subscriptions at least.
Disconnect
NoScript (if he can be taught to allow the "right" things. If he can't deal with a page "looking wrong" until he allows the right stuff, then this may not be the best tool for him)
Privacy Badger (It is in beta, but this is the EFF's new project tht also blocks trackers similar to disconnect)
HTTPS Everywhere
Better Privacy (deals with flash/super cookies)
Self Destructing Cookies

There are also many others that could be useful for him depending on circumstance.

There are also some "companion" programs like Spybot: Search and Destroy or MalwareBytes Anti-Malware that can be useful. ClamAV (or for a windows user ClamWin) is a great secondary or tertiary antivirus, and its free and open source. This is the AV engine used in a great many of gateway appliances and whatnot, if another isn't specifically mentioned by name. It only runs manual scans, not automatic monitoring, so keep that in mind - it isn't a good idea to be someone's only AV if they're high risk, but it also doesn't conflict with their main.

Oh, and it is important to note that the particular version of Windows he runs is a factor as well. If he's on XP, god help you - its harder for even great protection programs to deal with that mess. Please ensure that, if you reformat and stay on Windows that he either users Windows 7 or 8.1 and patch/keep them up to date.

Aside from all this, if it is possible, one of the best solutions may be to transition the user to Linux. There are a great many distributions that would likely let them do what they need, yet be immune to most windows-centric malware by nature (and there are also AVs for linux, like ClamAV mentioned above, plus some proprietary ones - Avast, AVG, BitDefender, and Kaspersky all have Linux versions, some are considered "business" products instead of "home" ones though, depending on the company..). On Linux, even if he does go astray and download something he shouldn't, it likely won't affect his system, but try to educate as much as you can and provide an AV, just to make sure he isn't sending virus-ridden stuff to other people. Of course, good browsing habits and policies (ie using Firefox with the same addons listed above etc..) are always helpful. If you think Linux would be feasible, then I can certainly go into more depth there.

Hope this helps!
 
Last edited:
Some users are beyond help. But they might still be Grandma!
"I turned off MalwareBytes because it was blocking access to a site." Or
"I turned off the Anti-Virus because it slowed my computer down." Or
"But the ToolBar was supposed to give me a $1.00 off coupon." Or
"But I like WeatherBug."

I like to make a complete back up to a separate hard drive. ( A small 40GB one out of the junk box will do) and when you are done leave it in the computer, but unplug it.
When you go to fix the computer, blow the dust bunnies out, connect the wires and restore. If they have things they don't want to lose like pictures or music it gets a little harder. A separate partition for their documents folder or a dropbox account can help.
 
Some users are beyond help. But they might still be Grandma!
"I turned off MalwareBytes because it was blocking access to a site." Or
"I turned off the Anti-Virus because it slowed my computer down." Or
"But the ToolBar was supposed to give me a $1.00 off coupon." Or
"But I like WeatherBug."

I like to make a complete back up to a separate hard drive. ( A small 40GB one out of the junk box will do) and when you are done leave it in the computer, but unplug it.
When you go to fix the computer, blow the dust bunnies out, connect the wires and restore. If they have things they don't want to lose like pictures or music it gets a little harder. A separate partition for their documents folder or a dropbox account can help.

I found setting up linux for them just once much easyer. No need for repeated visits to fix stuff.
 
Get your friend to sign up for a free Savings account at Ally Bank (on a clean system or live distro) then download the free copy of Webroot and install it on his computer. Tie it to your account so you can remotely control the settings and be notified when he gets infected again.

It blocks known and suspicious websites that can cause infection.
 
Get your friend to sign up for a free Savings account at Ally Bank (on a clean system or live distro) then download the free copy of Webroot and install it on his computer. Tie it to your account so you can remotely control the settings and be notified when he gets infected again.

It blocks known and suspicious websites that can cause infection.

I wouldn't want to install anything to 'know when he gets infected again' when you can stop him from getting infected permanently.
 
I wouldn't want to install anything to 'know when he gets infected again' when you can stop him from getting infected permanently.

Nothing is 100% nor is there anything that is permanent. Webroot is pretty good and super light weight and the web protection function may actually prevent some infections. You install it, set a password on it so he cannot disable it and then let it go.
 
Nothing is 100% nor is there anything that is permanent. Webroot is pretty good and super light weight and the web protection function may actually prevent some infections. You install it, set a password on it so he cannot disable it and then let it go.

Linux is as close to 100% you can get at the moment. I fixed my regular maintenance visits to my parents _permanently_not by killing them (if that crossed your mind) but forcing them to use xubuntu. Sure they complained a lot for a few first days, then when they realized linux was doing everything they ever needed just fine they got used to it.

Now 5+ years later they're already on their second linux computer and I never have to visit them again. For maintenance that is. No more sunday night calls to 'fix the virus' just when you popped that nice bottle of red wine.

My mother is on every chain mail message list on this planet not to mention the fecesbook groups, I communicate with her only through covert spam hotmail account because despite my warnings she sometimes included me in the spam posts with a million others. I lost one e-mail account to a neverending spam attack because of her already. Probably one of her many computer infections also mined her contacts before she started with linux.
 
It's really admirable you were able to get your parents to switch to Linux, but lets face it its not a realistic option for many. e.g. my dad is a heavy Office user, I've tried to get him to use an Office alternative (just to see how it went) and to be honest they are not good enough (even though he uses maybe 10% of Office features) and they layout is just different enough to cause problems.

I signed up last year for a Office 365 family account - $80 for 5 users with auto updating office, 5TB OneDrive space, free Skype calling, it was totally worth it.

I also have Webroot on his pc along with anti-malware, so far he's been lucky enough not to get infected. I do remote into his pc from time to time to check up.
 
It's really admirable you were able to get your parents to switch to Linux, but lets face it its not a realistic option for many. e.g. my dad is a heavy Office user, I've tried to get him to use an Office alternative (just to see how it went) and to be honest they are not good enough (even though he uses maybe 10% of Office features) and they layout is just different enough to cause problems.

I signed up last year for a Office 365 family account - $80 for 5 users with auto updating office, 5TB OneDrive space, free Skype calling, it was totally worth it.

I also have Webroot on his pc along with anti-malware, so far he's been lucky enough not to get infected. I do remote into his pc from time to time to check up.

That is simply not true. Libreoffice will fit the bill its just a mild annoyance of learning a couple different work methods. And if nothing else helps, run regular office on Wine. I work daily using only open source office alternatives (or Numbers on Mac which I don't like very much) and all our customers use different variations of office. Never had a single problem.

Skype calling is free without an office account by the way lol.
 
That is simply not true. Libreoffice will fit the bill its just a mild annoyance of learning a couple different work methods. And if nothing else helps, run regular office on Wine. I work daily using only open source office alternatives (or Numbers on Mac which I don't like very much) and all our customers use different variations of office. Never had a single problem.
In late 2012 I was taking a biology class. My instructor posted assignments online which we would download, fill out, print, etc. Being all open-source and cheap, I got LibreOffice and used that. My first few assignments, I got points off because I was missing things. I had no idea what she was talking about, but when I suddenly got Office 2013 cheap, I saw that all of the assignments had additional charts and drawings that LibreOffice simply never displayed. No error, no oddity in the formatting, nothing, just no graphic.

I can't trust NotOffice for serious stuff.
 
In late 2012 I was taking a biology class. My instructor posted assignments online which we would download, fill out, print, etc. Being all open-source and cheap, I got LibreOffice and used that. My first few assignments, I got points off because I was missing things. I had no idea what she was talking about, but when I suddenly got Office 2013 cheap, I saw that all of the assignments had additional charts and drawings that LibreOffice simply never displayed. No error, no oddity in the formatting, nothing, just no graphic.

I can't trust NotOffice for serious stuff.

The latest Libreoffice got updates to OOXML support that fixes most graphics problems and compatibility problems with the MS formats. And your professor was a retard if he posted assignments in a non standard form i.e. proprietary Office format. It's most likely not even legal to require your students to buy a certain software just to fill up their assignments.
 
Back
Top