What else can I do to bombproof a computer I'm not going to see again?

I have posted about girlfriend's kids computer and all the viruses and malware I found. From looking thru virus definitions I believe the best bet on how this occurred is that he contacted the smitfraud virus in which he probably clicked on the free movie and link and then downloaded the virus "codec" and then the installation of all the other malware followed. I believe I have cleaned this computer and am about to return it where I won't see it again until the next problem. I have installed ZA Suite (I know a bit of a resource hog but I also believe pretty effective) and Superantispyware. Both are configured to do automatic scans one night a week and automatically quarantine found results. I also installed Firefox as the default browser. I imported his IE bookmarks so hopefully he won't even realize he's not using IE.

Is there anything else I can/should do? I can't load this pc down with too much software as it's only a Sempron 3800. Between Firefox and the two installed apps, would it most like recognize and block a known rogue website should he attempt to download this "free" codec again?

 

what about the mvps hosts file?
you can download HostsXpert v4.1 from the link below
http://www.funkytoad.com/content/view/13/
you can use HostsXpert to import the mvps hosts file to block known bad sites.
spyware blaster might be able to stop those sites from infecting the host pc.
the thing is sometimes i have the same situation when my dad tries to download free mp3's but kaspersky has blocked all the attempts so far.
lodore

 

This topic may not be about expensive security suites but about basic good practices for computers.

The kid must be running with administrator rights in order to install all this malware, right? Need I say more?

Give him Noscript as an extra present. It will make him feel that he is not running IE, which is good!

Good luck. You need it.

 

Check out PeerGuardian. http://www.spychecker.com/program/PeerGuardian.html

 

Make sure you password protect ZA suite so no one can mess with it.

 

Take away his Admin rights.

 

I had the same issue w/ my daughter. It was almost as if she was running a "test box". My answer was to install: http://www.k9webprotection.com/
This app won't bog down the box and has more options than you can shake a stick at. Now she gets zero malware. In fact, I was so impressed w/ this app that I added it to my wife & other daughters machines. I just checked off malware in the options panel. It also has parental controls for just about any type of site you may want to prohibit: social networking, violence, gambling...

Best thing about this is that it's free.

...screamer

 

Firefox with NoScript and AdBlock
Also try SpywareBlaster, it's free, you only configure it once, and it doesn't run on background, so no resources used.
On top of that, I would add BOClean, you can configure it and set it to run hidden, so no access from anybody to turn it off.

Anyways, I had a similar problem with my girlfriend's 13yr old brother... What I did was:
NOD32 + Blackspears settings
Superantispyware: weekly scans + first chance protection at startup and shut down
BOClean
SpywareBlaster

Not a problem in over a month and that computer was completely hosed before...

Another solution (and what I will do if he manages to go through the layers of protection) is freeze the system to a clean state, with DeepFreeze or Returnil, and every time the machine reboots, all changes are gone....clean computer again... and if he want's to install something, it must be with your (or somebody elses) supervision and password.
Good luck!

 

yes, strip down his rights...

seriously, and also add an update of the hostsfile from MVPS with the help of hostsman: http://www.abelhadigital.com/

/C.

 

Guys thanks for the suggestions thus far. No, I can't take away administrative privileges. Not my computer, not my kid. Unfortunately mom knows nothing about pcs. I hope it actually wasn't her that started all this.

 

Guys, is Boclean a free application? I can't tell from the Comodo website. You think I should run this in addition to superantispyware?

 

Hi,

There are other ways to strip the rights. Run the browser with limited rights, install a policy sandbox, password protect the security aps, windows steady state, etc.

Regards Kees

 

Hi,
yes boclean is free

 

According to this webpage, it is 100% free. But, remember that free may come with a price.

http://www.comodo.com/boclean/boclean.html

 

Not quite sure I understand what you mean by free may come with a price?

 

He means that maybe it's free, but there is another price to pay (could be adware, spyware, bad quality product, etc...) I don't know if this is exactly what he meant, but BOClean is a product that has the respect of many users hare at wilders.
There are some issues, discussed widely in a thread called "goodbye to Boclean", I recommend you to read that thread. It's in the "other anti-trojan software" sub-forum.

 

Offer the guy a bit of eduction about safe surfer practices, and tell him next time you have to do this, he'll lose all his safe data. (Or the time after that, depending on your tolerance) and to fix it next time, format the disk and re-install windows.