How do you Setup your family members computer to protect from malware?

Discussion in 'Networking & Security' started by coder_t2, Dec 5, 2011.

  1. coder_t2

    coder_t2 [H]ard|Gawd

    Messages:
    1,166
    Joined:
    Dec 31, 2005
    Hey guys, I am sure you can relate to my current woes here. I have a family member who is just always getting malware on their computer. Getting tired of cleaning it up so frequently and I wanted to ask you guys what you do. Personall I install Chrome and MSE, and set MSE to a Full Scan once a week with real time monitoring. I also preach safe web surfing, but honestly, it's like telling a Crack Head that crack kills.

    So what do you guys do to try to ease the pain of fixing a family members computer?
     
  2. Chibo

    Chibo Gawd

    Messages:
    605
    Joined:
    Jun 21, 2003
    They now have Macs ;)
     
  3. MarkedOne

    MarkedOne Limp Gawd

    Messages:
    398
    Joined:
    Aug 1, 2011
    First thing is to make sure their acount don't have admin right, they will need you to install something. But nothing beat a switch to Linux
     
  4. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    MSE...although since it defaults to real time protection on and a weekly scheduled scan...you don't have to "go set it to on and scan"..it does that out of the box.

    Set their routers DNS forwarding to OpenDNS services instead of the default ISPs....OpenDNS blocks known malware distribution sites via a constantly updated list.

    Encourage them to keep their web players updated (Java, PDF, Flash, Shockwave)...also showing them how to opt out of the "me too" bundled ware that comes with them.
     
  5. Chibo

    Chibo Gawd

    Messages:
    605
    Joined:
    Jun 21, 2003
    Unfortunately the 'malware' filter list blocks some of the websites I use so I had to give up on that idea. :(
     
  6. Nocturnal

    Nocturnal Gawd

    Messages:
    790
    Joined:
    Jul 20, 2006
    Install FireFox, AdBlock and NoScript and make sure they leave NoScript enabled.
     
  7. berky

    berky 2[H]4U

    Messages:
    2,233
    Joined:
    Aug 28, 2001
    mom now uses Mint. I installed Ubuntu on my brother's comp.
     
  8. XOR != OR

    XOR != OR [H]ardForum Junkie

    Messages:
    11,549
    Joined:
    Jun 17, 2003
    MSE + Opendns. Works well enough, very few repeat customers ( which is good, because I do this stuff in my spare time ).
     
  9. wra18th

    wra18th [H]ardness Supreme

    Messages:
    7,775
    Joined:
    Nov 11, 2009
    Take it away from them and beat them into submission. Always works for me.
     
  10. SpaceHonkey

    SpaceHonkey Gawd

    Messages:
    983
    Joined:
    Jan 25, 2007
    +1

    I did the same thing to them - the only thing I hear about now is wireless issues.
     
  11. PointandClick

    PointandClick Limp Gawd

    Messages:
    383
    Joined:
    Dec 6, 2008
    Unplug the ethernet cable. ;)

    My sister and her family seem to constantly have something wrong with their machine. Luckily I'm usually not the one that gets to deal with it.

    My parents barely know how to use the computer and they don't seem to have any problems. I have FF and avast on it.
     
  12. maw

    maw [H]ardness Supreme

    Messages:
    4,131
    Joined:
    Sep 27, 2000
    MSE, website blocking and lots of tsk, tsk, tsk'ing when they attempt to do bad things.
     
  13. Protoform-X

    Protoform-X [H]ard|Gawd

    Messages:
    1,203
    Joined:
    Jan 30, 2002
    Tell them to stop watching porn.
     
  14. dan__wright

    dan__wright [H]Lite

    Messages:
    91
    Joined:
    May 27, 2007
    Security essentials, Spybot with teatimer running, IE locked right down, they log in with a non admin account for general use, log out and then in as an admin for installs then back in as their account for browsing again
     
  15. k1pp3r

    k1pp3r [H]ardness Supreme

    Messages:
    7,891
    Joined:
    Jun 16, 2004
    its simple really, I tell them "I will only fix the same problem a few times, they your have to call my brother inlaw" lol
     
  16. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Well there's a Windows 95 era way of thinking.

    How does this deal with the fact that malware is spread now through things like sneaking poisoned flash and java advertisements into advertising subscriptions that common every day website subscribe to? Your local daily newspaper website. Local bank website. Forums. Hey...Example...this forum right here! (pssst...happened before right here too!)

    Huh?
     
  17. 2-loc

    2-loc [H]Lite

    Messages:
    91
    Joined:
    Nov 15, 2011
    Unfortunately, I went this route to with a few family members, it just makes sense for some people.
     
  18. McTurkey

    McTurkey Limp Gawd

    Messages:
    244
    Joined:
    Nov 8, 2011
    MSE and Chrome. Seriously considering switching to a domain and just handling it all via group policy and pushed updates.
     
  19. Chibo

    Chibo Gawd

    Messages:
    605
    Joined:
    Jun 21, 2003
    I only have Macs now, other than my server.
     
  20. lizardking009

    lizardking009 Gawd

    Messages:
    663
    Joined:
    Nov 18, 2005
    No admin rights and Forefront Client/Server. No issues.
     
  21. Protoform-X

    Protoform-X [H]ard|Gawd

    Messages:
    1,203
    Joined:
    Jan 30, 2002
    Right. You're correct; however, 90% or more of the computers I see infected are from porn surfing. Porn is still the number one cause of infections.
     
  22. kirtar

    kirtar Gawd

    Messages:
    575
    Joined:
    Mar 5, 2010
    Going business class eh? No problem with that (unless of course, it's McAfee)
     
  23. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    You work at a school or something? Demographics here.

    I gotta say...as a consultant that has a crapload of business clients, and takes care of some home users, family, etc...I see them come from normal websites > 50% of the time (not porn, backed up by UTM logs). Hell, I've experienced it myself...three or so times...I've been on a "regular" websites and those fake alerts have jumped out at me.

    And if people are getting whacked by porn sites these days, they're idiots and don't know what porn sites are safe...hell, they should get a good list of porn sites from my wife...she surfs porn several times a week on her Windows laptop and I've not had to fix malware on her PC or restore it once..not once!
     
  24. scobar

    scobar .

    Messages:
    34,039
    Joined:
    Jan 2, 2001
    OpenDNS and MSE.
     
  25. dashpuppy

    dashpuppy [H]ardness Supreme

    Messages:
    6,163
    Joined:
    May 5, 2010
    and untangle :)
     
  26. scobar

    scobar .

    Messages:
    34,039
    Joined:
    Jan 2, 2001
    No, they don't understand it, so I setup opendns on the router then usually set it up with dyndns so I can manage the router from afar. No one understands the value of untangle. I have it at the house.
     
  27. Protoform-X

    Protoform-X [H]ard|Gawd

    Messages:
    1,203
    Joined:
    Jan 30, 2002
    I was a consultant for smb for a long time, but now I'm an IT manager. Before that I was a field tech for home users at a major retail chain. I totally agree that the drive by crap is becoming more prominent, but from my experience, porn is the number one cause of infection by far. Maybe people in Phoenix are just complete pervs? ;)

    They are idiots; even ants from up here, man. I'd imagine most of them just pop a smutty phrase into google and cross their fingers. :rolleyes:
     
  28. Electrofreak

    Electrofreak [H]ard|Gawd

    Messages:
    1,080
    Joined:
    Aug 5, 2008
    The problem with hooking friends and family with Macs / Linux distros as a solution is that it causes them to develop bad habits. If they think they can just click and download anything on the internet without fear, they will.

    Just be prepared to deal with it further down the road. Nothing wrong with Macs / Linux, but the best course of action is to teach people good browsing habits, and hook them up with good anti-virus.
     
  29. maw

    maw [H]ardness Supreme

    Messages:
    4,131
    Joined:
    Sep 27, 2000
    This.

    I've also found that the most common vector for malware and viruses is via emails that coax users into visiting some website.
    I've trained my mother-in-law to never trust, and more importantly, never ever respond to: 1) anything that says her "computer is at risk", 2) any email that says there is something that needs to be verified regarding her account, 3) any offers that promise free money for doing someone a favor or for clicking on a link, 4) "chain mail" type emails.

    You'd be surprised how many people will suspect an email or website is a scam, but instead of ignoring it, they actually respond with something like "Please don't send me any more messages", which of course just opens the floodgates.
     
  30. coder_t2

    coder_t2 [H]ard|Gawd

    Messages:
    1,166
    Joined:
    Dec 31, 2005
    Awesome, thanks for the tips guys. Honestly, I reformatted my brother-in-laws laptop cause it was so bad. He is getting a new computer in like month, so I just installed MSE and not anything else, cause I was like, oh he should be fine for a month. WRONG! One week, and it was messed up so bad he couldn't even open IE.

    He is in college, so OpenDNS isn't really an option. I plan on creating a secondary non-admin account for him, installing MSE, and installing both Google Chrome and Firefox with NoScript. And basically tell him don't click any damn pop ups. Just click the X in the corner. Even if it says you have virus, click here to disinfect! That seems to be one people always click. Most people are so clueless, which makes it hard to keep things clean.
     
  31. leezard

    leezard [H]ardness Supreme

    Messages:
    4,521
    Joined:
    Aug 24, 2004
    I also install logmein on family members PC's, they call tell me whats wrong i log in and fix it
     
  32. nobody_here

    nobody_here [H]ardForum Junkie

    Messages:
    8,878
    Joined:
    Feb 1, 2006
    You are trying to teach basic intellectual concepts to people without basic intellect. It's the same people who mindlessly drive at or under the speed limit while talking on their phone in the left lane at dusk with no lights on with a mile long line of cars behind them....and they are completely fucking oblivious......do not expect these people to do anything intelligent.
     
  33. coder_t2

    coder_t2 [H]ard|Gawd

    Messages:
    1,166
    Joined:
    Dec 31, 2005
    I really like the idea of remoting in to someone's computer to fix it. It would save me a ton of hassle. But I am not going to pay for software to fix someone else's computer. And I typically have a policy where if it is broke, you bring it to me. So I typically don't have access to people's routers to open ports to do basic Remote Connections.
     
  34. Trepidati0n

    Trepidati0n [H]ardForum Junkie

    Messages:
    8,855
    Joined:
    Oct 26, 2004
    1. All machines are "backed up" to my WHS box when first delivered/built.

    2. All machines get MSE

    3. All machines get logmein

    4. I log into all machines and do a malware scan once a month at the same time.

    If I find something wrong..I fix it. I let them know the hours it took to fix. I also let them know if they took this to BB it would cost them so many dollars. I also let them know how to avoid such issues in the future. They figure out pretty quickly that it is my good graces that saved them a ton of money and try very hard not to need them again.
     
  35. dashpuppy

    dashpuppy [H]ardness Supreme

    Messages:
    6,163
    Joined:
    May 5, 2010
    teamviewer is free..
     
  36. YeOldeStonecat

    YeOldeStonecat [H]ardForum Junkie

    Messages:
    11,330
    Joined:
    Jul 19, 2004
    Uhm....logmein has a free version that is licensed for use in business.
     
  37. Xaijin

    Xaijin Limp Gawd

    Messages:
    181
    Joined:
    Jun 15, 2007
    If your user is very basic and wont need to be doing much installing, I would suggest using something like clean slate/deep freeze and specify the user directory as writable.
     
  38. coder_t2

    coder_t2 [H]ard|Gawd

    Messages:
    1,166
    Joined:
    Dec 31, 2005
    Yea I must've misread something thinking is cost money. Well that is pretty exciting actually. I'll have to try it out.

    Thanks for all the replies.
     
  39. coder_t2

    coder_t2 [H]ard|Gawd

    Messages:
    1,166
    Joined:
    Dec 31, 2005
    For those that use logmein, do you leave running constantly, or do you just have the person turn it on when they need their computer fixed? Thanks.
     
  40. leezard

    leezard [H]ardness Supreme

    Messages:
    4,521
    Joined:
    Aug 24, 2004
    They leave it running, I can access any of the pcs at any time