PC Malware Program Recommendation
-
@scottalanmiller said:
Best option: Move to a Chromebook
Second best: Linux desktop
Third best: Windows with Deep Freeze
Fourth best: Windows with Webroot and MalwareBytesWhat? No Mac mention in there, too? LOL.
I'm going to look into Deep Freeze.
Does that freeze the entire machine, or just settings?
Like if the kid wants to download skins for a game, or update the game, etc.. Would that be allowed?
I think they are downloading stuff from rogue sites for their games. User education has failed.
They are young men, so other malicious sites could also be involved.
-
DeepFreeze prevents the system from writing anything to disk.
-
@Dashrender said:
DeepFreeze prevents the system from writing anything to disk.
So for users that want to download game add-ons and the like, this probably isn't a good option?
-
@BRRABill said:
@Dashrender said:
DeepFreeze prevents the system from writing anything to disk.
So for users that want to download game add-ons and the like, this probably isn't a good option?
To install the add-ons full time, you have to unfreeze the system, reboot, install the add-ons, then refreeze, reboot and keep going.
yes DeepFreeze is a HUGE pain in the ass for normal consumers.
Think about it:
no saving anything to the desktop
no saving internet shortcuts/favoritesinstalling anything required unfreezing, installing, refreezing
Updating is the same. -
It's intriguing, though.
Sounds like MalwareBytes is the way to go, though, in this situation.Short of ChromeBooks and Linux. Not sure either of those are good gaming options.
@scottalanmiller you've run MBAM along WITH AV with no issues?
-
@BRRABill said:
@scottalanmiller said:
We use Webroot and MalwareBytes, they both work very well.
Webroot seems to have a great reputation.
I was surprised we had these issues, but as you (I think) implied it's apples to oranges.
It sounds like your only issue was with a disk encryption system. Unfortunately I have never heard of that one. Have you spoken to Webroot support or @nic to see if there is something that needs to be done to make sure that that works?
-
@BRRABill said:
@scottalanmiller said:
Best option: Move to a Chromebook
Second best: Linux desktop
Third best: Windows with Deep Freeze
Fourth best: Windows with Webroot and MalwareBytesWhat? No Mac mention in there, too? LOL.
I'm going to look into Deep Freeze.
Does that freeze the entire machine, or just settings?
Like if the kid wants to download skins for a game, or update the game, etc.. Would that be allowed?
I think they are downloading stuff from rogue sites for their games. User education has failed.
They are young men, so other malicious sites could also be involved.
Completely freezes the whole system.
-
@BRRABill said:
@Dashrender said:
DeepFreeze prevents the system from writing anything to disk.
So for users that want to download game add-ons and the like, this probably isn't a good option?
The ability to install is the ability to infect.
-
Personally - If you're that into gaming, you should have two devices. One for gaming, and one for everything else.
This is no different than people who have an Xbox or PS4 and a laptop/desktop/ipad/chromebook, etc.
don't think of the gaming PC as a multi-purpose device.. think of it a single purpose device.. GAMING. Then the only think you do on that machine is game and update it.
everything else goes to your other devices.
-
-
@BRRABill said:
Short of ChromeBooks and Linux. Not sure either of those are good gaming options.
What, Steam Machines rule!!
-
@Dashrender said:
don't think of the gaming PC as a multi-purpose device.. think of it a single purpose device.. GAMING. Then the only think you do on that machine is game and update it.
Or use services like Steam and GOG to manage stuff for you.
-
@scottalanmiller said:
It sounds like your only issue was with a disk encryption system. Unfortunately I have never heard of that one. Have you spoken to Webroot support or @nic to see if there is something that needs to be done to make sure that that works?
I called Webroot support, and they said it was a Microsoft problem. I called Wave support, and they said certain AV programs can mess with the security signon they use.
Ultimately, since the user was looking for more than just AV, I"m just going back to Norton.
But I have nothing against Webroot. I've been looking for something to recommend to my SOHO clients.
So you guys really like Webroot?
-
-
@BRRABill said:
Ultimately, since the user was looking for more than just AV, I"m just going back to Norton.
Did you consider fixing the user? Spam filtering on the desktop, random third party drive encryption.... these are worrisome things to begin with.
-
@scottalanmiller said:
Did you consider fixing the user? Spam filtering on the desktop, random third party drive encryption.... these are worrisome things to begin with.
Yes, I have tried that.
The encryption is from me. It's just a program from Wave Systems (Embassy Security Center) that enables the encryption on her Samsung drive. Nothing to worry about there.
-
Do you have any more details on the case with the encryption snafu? From what I've heard we work fine alongside encryption:
https://community.webroot.com/t5/Webroot-for-Business/Webroot-SecureAnywhere-and-Encryption-Software-Bitlocker-Dell/m-p/203484
but I can dig into the specifics of your situation if that would help.And we do run fine alongside MBAM and other AV, so there shouldn't be any worries on that front. We also have a business version as well, that has a more powerful console, if you want to look at that. It's the same scanning engine, but you get more features in terms of rollout, managing multiple sites, reporting, etc.
-
@BRRABill said:
@scottalanmiller said:
Did you consider fixing the user? Spam filtering on the desktop, random third party drive encryption.... these are worrisome things to begin with.
Yes, I have tried that.
The encryption is from me. It's just a program from Wave Systems (Embassy Security Center) that enables the encryption on her Samsung drive. Nothing to worry about there.
Seems like a simple exception to the scanning would likely fix that.
-
@Nic said:
Do you have any more details on the case with the encryption snafu? From what I've heard we work fine alongside encryption:
The Wave software interacts with the logon part of Windows to pass the drive unlocking credentials entered at boot (which are synced to the user account) onto the OS. So the user can have a SSO if they want. Some AV programs apparently can break this. I had to go in and edit registry settings and then turn all that stuff off. Wave said to try reinstalling and it might stick. But since the user was looking for OTHER features as well, we just decided to scrap Webroot.
As I said I did hear some great things about Webroot, and was thinking of going with that as my recommended paid solution for SOHO/SMB.
-
Lock it down with a local software restriction policy... wait, this is Windows Toy Edition (home), isn't it?