Preventing Security Tool (fake AV) style viruses from infecting pc's

Hi Experts.  I have been trying different methods of protecting myself and customers from these fake anti-viruses with mixed results.  Whether I use Avast, CA AV 2009 or 2010, McAfee or Symantec anti-virus coupled with ThreatFire or ZoneAlarm, there doesn't seem to be a magic combination to stop the infections from popping up.  The computers are running Windows XP or Vista (I haven't tried much with Windows 7) and are up to date including IE7 or IE8.

So, the question I have for the experts out there is what have you found to be the most secure in preventing these kinds of infections?  Is Chrome, FireFox or Opera better/safer to use in regards to preventing infections versus IE 8?  How about having a hardware firewall (Linksys, Belkin, Nortell) in the environment?  Will the user having admin rights on the local box make a difference when it comes to these kind of infections?

Thanks for your time with this.  I understand that it will be difficult to award points so I will go by the answer that seems to be the most economical, easiest to implement and less combursome.  
LVL 9
samiam41Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

jakethecatukCommented:
A possible solution would be to change their DNS servers to OPENDNS (http://www.opendns.com/solutions/overview/)

They offer lots of services including Malware/Spyware/Virus protection etc.
0
samiam41Author Commented:
@jakethecatuk, thanks for the quick reply.  I hadn't put much thought into that service so great suggestion.  How does that work with websites that may have malicious scripts?  Does it block the script from running or provide a warning?
0
jakethecatukCommented:
So that I don't give you the wrong answer, I'd suggest you pose that question to them.
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

SteveIT ManagerCommented:
Malwarebytes anti-malware helps and removes most infections, plus it can be scheduled and purchased for more options
0
jakethecatukCommented:
You could look at an advanced proxy/firewall device.  Astaro is a good product (I've used it quite a lot) and found it to be reliable.

Would it stop the problem you are seeing?  Can't say.

http://www.astaro.com
0
samiam41Author Commented:
@sgsm81, thanks for the suggestions.  I typically use MWB along with ComboFix once the pc is infected.  Does running MWB along with a full AV app like Symantec/CA/McAfee enhance security?  Or are you suggesting that you run MWB full version as your only AV?
0
samiam41Author Commented:
I will read more on the Astaro appliance/app as it seems very secure but slightly combersome to setup an additional pc at a customer's house with this app.  Not sure they could manage it and if they were unable to get to a website or had problems connection their Wii to the internet, they would be calling non-stop.  I do like it for small business clients.
0
jakethecatukCommented:
[quote]I will read more on the Astaro appliance/app as it seems very secure but slightly combersome to setup an additional pc at a customer's house with this app.  Not sure they could manage it and if they were unable to get to a website or had problems connection their Wii to the internet, they would be calling non-stop.  I do like it for small business clients.[/end quote]

Ah...I didn't realise your customers were home users.  Forget Astaro then.
0
jakethecatukCommented:
If it's home users, try K9 (http://www1.k9webprotection.com/aboutk9/index.php).  They have categories that block spyware/malware sites etc.
0
optomaCommented:
Agree with paid version of Mbam. Will run alongside current AV and be a better deterrant against these rogue av programs.

K9 is very good content/site blocker but maybe too much unless pc owner requests something like that.
0
rpggamergirlCommented:
For these rogues antivirus MBAM is the way to go, resident AV just can't protect from them.
Doesn't matter much which antivirus is installed, MalwareBytes' realtime protection is the best one out there for this..

Hardware firewall is of great advantage also....Surfing with a less privilege account is a good safe surfing habit and will stop a lot of infections but won't stop these rogues from getting in.
 
For browsers:
Firefox is less secure than IE as it has more vulnerabilities, between those two I'd choose IE(got both installed)....
I'm not sure about Chrome, but between "Firefox, Opera and IE" Opera is probably a safer browser as it's less targeted, and user-education is very important whichever one prefers.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
samiam41Author Commented:
Thank you for all of the suggestions and information.  From what I am reading, MWB full version is the way to go.  Match that up with a hardware firewall (linksys, etc.) and give the user the least amount of rights to the computer and they are less likely to get that rogue, fake AV bug.

Also, for home users, K9 is effective and for small business, Astaro.
0
samiam41Author Commented:
Thanks modularity for adding the zones and vee_mod for keeping the thread clean.

I am awarding points now.
0
samiam41Author Commented:
Great suggestions/explanations as I have a much better idea as to how to reduce the chances of my customers being infected or at least explaining to them what needs to be done.  I appreciate your help!

Regards,
Aaron
0
rpggamergirlCommented:
Thank you for using Experts-Exchange!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
OS Security

From novice to tech pro — start learning today.