anyone have a good malware suite recommendation.

[MarkJohnson]

I am looking for a good malware suite for my friend's/family's computers. I have installed the free files from the sticky by Tarun, but the problem is that they need to be manually run, which never seems to get done. I only hear from them after it's too late and they've had issues for severals days to several months and by the time I get there it is just easier to reinstal than to try to fix. It seems most of the malware today is affecting the safe mode as well as the main system which makes it hard to update several of the programs and running them takes forever.

Anyway, I think if they had some real-time protection they would be better off.

-=Mark=-

ps. I was thinking of using the suite from Trend Micro as a lot of the free stuff on Tarun's site is from them. I don't mind paying for it if it does what it's suppose to.

[submix8c]

Did you have/get AVG Antivirus (free edition)? It runs at startup... Spybot S&D also runs at startup... Yes, Ad-Aware (free) must be manually run, the Pro (pay) version runs always...

Question... which products have you installed? You'll get a better answer...

Edited January 21, 2008 by submix8c

[Glenn9999]

AVG Anti-Spyware, which used to be Ewido can be a good option. The link I gave is to a free version to try out (the scanner is free for perpetuity, but the real-time part will run for 30 days), but you can buy it for $29.95 USD if you like it (which has the real-time scanning options).

May I also point out that you can schedule tasks to run at specific times? Or that you probably could load most of these options at start-up?

[MarkJohnson]

No, I don't run AVG Anti-Virus, but I do run Avast which scans full time. It finds the virus, but it has already done it's damage by installing tons of spyware and disables the internet. plus it seems to not find the main virus as it keeps popping the same virus back up after rebooting.

I have AVG Anti-Spyware installed on them all. I was thinking of buying it as it used to work really well before they started the trial version of it.

I'm not too sure of all the programs installed as I'm not at their computers, but it is all the one's listed in Tarun site. the professional one that has all the programs being installed.

I also have Spybot, but whenever I install Tea Timer it always brings up pop-ups which always get accepted since no one knows what they mean. If having it on will still help some, then maybe I will try putting it back on.

Not sure what else to add.

oh yeah, it there an article about how to schedule these to run at startup. I was thinking of trying that but I've never bothered to try and setup that yet. is it possible to make them say once a month, it would take forever to boot if I run everytime they startup or reboot.

Thanks for the help guys

-=Mark=-

ps.. If I bought all those programs and they run real-time, would they chew up more cpu cycles then buying a suite? some of them still have single core processor. one still has a 1.4Ghz PIII - lol

[Tarun]

You can run avast real-tiime just fine. Enable everything for them though.

Windows Defender and Spybot both have real time protection for free. I'd say go with Windows Defender and enable Automatic Updates so that Automatic Updates will apply Defender updates.

Do you have a firewall installed? That can help deter a lot of infections, though you may need to help it learn for a bit before turning it over to them. Also considering giving them individual accounts that are limited and running only one Administrative account (or two for in case you're not there).

[submix8c]

Spybot TeaTimer - accepting changes to registry when popups is a disaster. The idea is to think first, eg "what is changing my registry?". Certain programs, for example, are supposed to (eg MRU lists), other may (or most definitely must) not change the registry; this is where those wonderful trajans come into play... accepting registry changes indiscriminately!!!

Better train the users on "what it is/what it does/how to use it". If it's an "ok to change", it's set once and never bothers you again. Know thy spyware/adware/trojans! If you say "not this time", you will at least find out whether it's blocking what SHOULD be allowed to change; if you NEED the change, set "allow always" (or some-such).

Or just leave it off and bite the bullet...

BTW, you should clean infected pc's in Safe Mode with the System Restore Disabled, otherwise they crop back up again... Been through this crap several times with a neighbor's kids' computer ('download id***")...

[cluberti]

Windows SteadyState candidate, maybe?

[vaughancoveny]

Firstly, xpAntiSpy has the AVG-AntiSpyware tweaks section included with it for free. Google for AntiSpy, as you can pick it up from anywhere.

Just don't remove support for Windows Product Activation like licdll.dll down the bottom and make sure you press Apply on the status bar.

Easy enough even for a techie to forget. No tweaks are happening!

I am fond of PC Tools Internet Security and ThreatFire from the same site.

Includes Spyware Doctor.

Can be a pain to configure the firewall, so maybe a tech support person may need to come and help, use theirs or any specific or MSFN like forum.

Cost about $70 Australian Dollars together for one year, not sure if limits are placed on number of PCs. Not an Aussie product though, just use Universal Currency Converter to convert their price into yours.

Make sure you run the free updated versions of the manual scanner/removal tools from the main commercial websites.

I don't mean buying their security stuff. And only use one real-time protector at a time.

Ask for manual removal of infections without security software from these forums. If forum cannot be accessed then use a live Linux rescue CD

like Insert (60MB download - must burn ISO to CD the proper way) or use some other computer without infection. Insert has support for a Firefox

download through the right click menu. Might need some help with Fluxbox though. Ask through the Other Operating Systems though.

Can eliminate Windows malware without Windows. Gathers updates too, of course. Can be installed to a USB bootable storage device, and be copied straight

from slow Hard Disk to fast Memory.

Lastly, read software licence agreements to detect spyware or whether security software juristictions are up to the Romanian law courts like with BitDefender.

Most people cannot understand them, but their worth attempting to decipher the hidden traps.

If it says Free Software Foundation or freebie BSD licence, like with Firefox or OpenOffice or WINE for BSD, read these too, as many get frightened by security risks, plagirism, copyright infringement and believing FSF software is always free of charge.

[IcemanND]

Sounds like the users need to lose their administrator privileges.