How do you Setup your family members computer to protect from malware?

coder_t2

[H]ard|Gawd
Joined
Dec 31, 2005
Messages
1,166
Hey guys, I am sure you can relate to my current woes here. I have a family member who is just always getting malware on their computer. Getting tired of cleaning it up so frequently and I wanted to ask you guys what you do. Personall I install Chrome and MSE, and set MSE to a Full Scan once a week with real time monitoring. I also preach safe web surfing, but honestly, it's like telling a Crack Head that crack kills.

So what do you guys do to try to ease the pain of fixing a family members computer?
 
First thing is to make sure their acount don't have admin right, they will need you to install something. But nothing beat a switch to Linux
 
MSE...although since it defaults to real time protection on and a weekly scheduled scan...you don't have to "go set it to on and scan"..it does that out of the box.

Set their routers DNS forwarding to OpenDNS services instead of the default ISPs....OpenDNS blocks known malware distribution sites via a constantly updated list.

Encourage them to keep their web players updated (Java, PDF, Flash, Shockwave)...also showing them how to opt out of the "me too" bundled ware that comes with them.
 
Set their routers DNS forwarding to OpenDNS services instead of the default ISPs....OpenDNS blocks known malware distribution sites via a constantly updated list.
Unfortunately the 'malware' filter list blocks some of the websites I use so I had to give up on that idea. :(
 
Install FireFox, AdBlock and NoScript and make sure they leave NoScript enabled.
 
MSE + Opendns. Works well enough, very few repeat customers ( which is good, because I do this stuff in my spare time ).
 
Take it away from them and beat them into submission. Always works for me.
 
Unplug the ethernet cable. ;)

My sister and her family seem to constantly have something wrong with their machine. Luckily I'm usually not the one that gets to deal with it.

My parents barely know how to use the computer and they don't seem to have any problems. I have FF and avast on it.
 
MSE, website blocking and lots of tsk, tsk, tsk'ing when they attempt to do bad things.
 
Security essentials, Spybot with teatimer running, IE locked right down, they log in with a non admin account for general use, log out and then in as an admin for installs then back in as their account for browsing again
 
its simple really, I tell them "I will only fix the same problem a few times, they your have to call my brother inlaw" lol
 
Tell them to stop watching porn.

Well there's a Windows 95 era way of thinking.

How does this deal with the fact that malware is spread now through things like sneaking poisoned flash and java advertisements into advertising subscriptions that common every day website subscribe to? Your local daily newspaper website. Local bank website. Forums. Hey...Example...this forum right here! (pssst...happened before right here too!)

Huh?
 
MSE and Chrome. Seriously considering switching to a domain and just handling it all via group policy and pushed updates.
 
Well there's a Windows 95 era way of thinking.

How does this deal with the fact that malware is spread now through things like sneaking poisoned flash and java advertisements into advertising subscriptions that common every day website subscribe to? Your local daily newspaper website. Local bank website. Forums. Hey...Example...this forum right here! (pssst...happened before right here too!)

Huh?

Right. You're correct; however, 90% or more of the computers I see infected are from porn surfing. Porn is still the number one cause of infections.
 
Right. You're correct; however, 90% or more of the computers I see infected are from porn surfing. Porn is still the number one cause of infections.

You work at a school or something? Demographics here.

I gotta say...as a consultant that has a crapload of business clients, and takes care of some home users, family, etc...I see them come from normal websites > 50% of the time (not porn, backed up by UTM logs). Hell, I've experienced it myself...three or so times...I've been on a "regular" websites and those fake alerts have jumped out at me.

And if people are getting whacked by porn sites these days, they're idiots and don't know what porn sites are safe...hell, they should get a good list of porn sites from my wife...she surfs porn several times a week on her Windows laptop and I've not had to fix malware on her PC or restore it once..not once!
 
and untangle :)

No, they don't understand it, so I setup opendns on the router then usually set it up with dyndns so I can manage the router from afar. No one understands the value of untangle. I have it at the house.
 
You work at a school or something? Demographics here.

I gotta say...as a consultant that has a crapload of business clients, and takes care of some home users, family, etc...I see them come from normal websites > 50% of the time (not porn, backed up by UTM logs). Hell, I've experienced it myself...three or so times...I've been on a "regular" websites and those fake alerts have jumped out at me.

And if people are getting whacked by porn sites these days, they're idiots and don't know what porn sites are safe...hell, they should get a good list of porn sites from my wife...she surfs porn several times a week on her Windows laptop and I've not had to fix malware on her PC or restore it once..not once!

I was a consultant for smb for a long time, but now I'm an IT manager. Before that I was a field tech for home users at a major retail chain. I totally agree that the drive by crap is becoming more prominent, but from my experience, porn is the number one cause of infection by far. Maybe people in Phoenix are just complete pervs? ;)

They are idiots; even ants from up here, man. I'd imagine most of them just pop a smutty phrase into google and cross their fingers. :rolleyes:
 
The problem with hooking friends and family with Macs / Linux distros as a solution is that it causes them to develop bad habits. If they think they can just click and download anything on the internet without fear, they will.

Just be prepared to deal with it further down the road. Nothing wrong with Macs / Linux, but the best course of action is to teach people good browsing habits, and hook them up with good anti-virus.
 
the best course of action is to teach people good browsing habits, and hook them up with good anti-virus.

This.

I've also found that the most common vector for malware and viruses is via emails that coax users into visiting some website.
I've trained my mother-in-law to never trust, and more importantly, never ever respond to: 1) anything that says her "computer is at risk", 2) any email that says there is something that needs to be verified regarding her account, 3) any offers that promise free money for doing someone a favor or for clicking on a link, 4) "chain mail" type emails.

You'd be surprised how many people will suspect an email or website is a scam, but instead of ignoring it, they actually respond with something like "Please don't send me any more messages", which of course just opens the floodgates.
 
Awesome, thanks for the tips guys. Honestly, I reformatted my brother-in-laws laptop cause it was so bad. He is getting a new computer in like month, so I just installed MSE and not anything else, cause I was like, oh he should be fine for a month. WRONG! One week, and it was messed up so bad he couldn't even open IE.

He is in college, so OpenDNS isn't really an option. I plan on creating a secondary non-admin account for him, installing MSE, and installing both Google Chrome and Firefox with NoScript. And basically tell him don't click any damn pop ups. Just click the X in the corner. Even if it says you have virus, click here to disinfect! That seems to be one people always click. Most people are so clueless, which makes it hard to keep things clean.
 
I also install logmein on family members PC's, they call tell me whats wrong i log in and fix it
 
Hey guys, I am sure you can relate to my current woes here. I have a family member who is just always getting malware on their computer. Getting tired of cleaning it up so frequently and I wanted to ask you guys what you do. Personall I install Chrome and MSE, and set MSE to a Full Scan once a week with real time monitoring. I also preach safe web surfing, but honestly, it's like telling a Crack Head that crack kills.

So what do you guys do to try to ease the pain of fixing a family members computer?

You are trying to teach basic intellectual concepts to people without basic intellect. It's the same people who mindlessly drive at or under the speed limit while talking on their phone in the left lane at dusk with no lights on with a mile long line of cars behind them....and they are completely fucking oblivious......do not expect these people to do anything intelligent.
 
I also install logmein on family members PC's, they call tell me whats wrong i log in and fix it

I really like the idea of remoting in to someone's computer to fix it. It would save me a ton of hassle. But I am not going to pay for software to fix someone else's computer. And I typically have a policy where if it is broke, you bring it to me. So I typically don't have access to people's routers to open ports to do basic Remote Connections.
 
1. All machines are "backed up" to my WHS box when first delivered/built.

2. All machines get MSE

3. All machines get logmein

4. I log into all machines and do a malware scan once a month at the same time.

If I find something wrong..I fix it. I let them know the hours it took to fix. I also let them know if they took this to BB it would cost them so many dollars. I also let them know how to avoid such issues in the future. They figure out pretty quickly that it is my good graces that saved them a ton of money and try very hard not to need them again.
 
I really like the idea of remoting in to someone's computer to fix it. It would save me a ton of hassle. But I am not going to pay for software to fix someone else's computer. And I typically have a policy where if it is broke, you bring it to me. So I typically don't have access to people's routers to open ports to do basic Remote Connections.

teamviewer is free..
 
If your user is very basic and wont need to be doing much installing, I would suggest using something like clean slate/deep freeze and specify the user directory as writable.
 
For those that use logmein, do you leave running constantly, or do you just have the person turn it on when they need their computer fixed? Thanks.
 
For those that use logmein, do you leave running constantly, or do you just have the person turn it on when they need their computer fixed? Thanks.

They leave it running, I can access any of the pcs at any time
 
Back
Top