What else can I do to bombproof a computer I'm not going to see again?

Discussion in 'other anti-malware software' started by geepondy, Oct 11, 2007.

Thread Status:
Not open for further replies.
  1. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    I have posted about girlfriend's kids computer and all the viruses and malware I found. From looking thru virus definitions I believe the best bet on how this occurred is that he contacted the smitfraud virus in which he probably clicked on the free movie and link and then downloaded the virus "codec" and then the installation of all the other malware followed. I believe I have cleaned this computer and am about to return it where I won't see it again until the next problem. I have installed ZA Suite (I know a bit of a resource hog but I also believe pretty effective) and Superantispyware. Both are configured to do automatic scans one night a week and automatically quarantine found results. I also installed Firefox as the default browser. I imported his IE bookmarks so hopefully he won't even realize he's not using IE.

    Is there anything else I can/should do? I can't load this pc down with too much software as it's only a Sempron 3800. Between Firefox and the two installed apps, would it most like recognize and block a known rogue website should he attempt to download this "free" codec again?
     
  2. lodore

    lodore Registered Member

    Joined:
    Jun 22, 2006
    Posts:
    9,006
    what about the mvps hosts file?
    you can download HostsXpert v4.1 from the link below
    http://www.funkytoad.com/content/view/13/
    you can use HostsXpert to import the mvps hosts file to block known bad sites.
    spyware blaster might be able to stop those sites from infecting the host pc.
    the thing is sometimes i have the same situation when my dad tries to download free mp3's but kaspersky has blocked all the attempts so far.
    lodore
     
  3. Lundholm

    Lundholm Registered Member

    Joined:
    Aug 20, 2007
    Posts:
    108
    Location:
    Copenhagen, Old Zealand
    This topic may not be about expensive security suites but about basic good practices for computers.

    The kid must be running with administrator rights in order to install all this malware, right? Need I say more?

    Give him Noscript as an extra present. It will make him feel that he is not running IE, which is good!

    Good luck. You need it.
     
  4. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
  5. farmerlee

    farmerlee Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    2,585
    Make sure you password protect ZA suite so no one can mess with it.
     
  6. zapjb

    zapjb Registered Member

    Joined:
    Nov 15, 2005
    Posts:
    3,515
    Location:
    USA - Back in a real State in time for a real Pres
    Take away his Admin rights.
     
  7. screamer

    screamer Registered Member

    Joined:
    Apr 14, 2006
    Posts:
    921
    Location:
    Big Apple USA
    I had the same issue w/ my daughter. It was almost as if she was running a "test box". My answer was to install: http://www.k9webprotection.com/
    This app won't bog down the box and has more options than you can shake a stick at. Now she gets zero malware. In fact, I was so impressed w/ this app that I added it to my wife & other daughters machines. I just checked off malware in the options panel. It also has parental controls for just about any type of site you may want to prohibit: social networking, violence, gambling...

    Best thing about this is that it's free.

    ...screamer
     
  8. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Firefox with NoScript and AdBlock
    Also try SpywareBlaster, it's free, you only configure it once, and it doesn't run on background, so no resources used.
    On top of that, I would add BOClean, you can configure it and set it to run hidden, so no access from anybody to turn it off.

    Anyways, I had a similar problem with my girlfriend's 13yr old brother... What I did was:
    NOD32 + Blackspears settings
    Superantispyware: weekly scans + first chance protection at startup and shut down
    BOClean
    SpywareBlaster

    Not a problem in over a month and that computer was completely hosed before...

    Another solution (and what I will do if he manages to go through the layers of protection) is freeze the system to a clean state, with DeepFreeze or Returnil, and every time the machine reboots, all changes are gone....clean computer again... and if he want's to install something, it must be with your (or somebody elses) supervision and password.
    Good luck!
     
  9. Cerxes

    Cerxes Registered Member

    Joined:
    Sep 6, 2005
    Posts:
    581
    Location:
    Northern Europe
    yes, strip down his rights... :shifty:

    seriously, and also add an update of the hostsfile from MVPS with the help of hostsman: http://www.abelhadigital.com/

    /C.
     
  10. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    Guys thanks for the suggestions thus far. No, I can't take away administrative privileges. Not my computer, not my kid. Unfortunately mom knows nothing about pcs. I hope it actually wasn't her that started all this.
     
  11. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    Guys, is Boclean a free application? I can't tell from the Comodo website. You think I should run this in addition to superantispyware?
     
  12. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Hi,

    There are other ways to strip the rights. Run the browser with limited rights, install a policy sandbox, password protect the security aps, windows steady state, etc.

    Regards Kees
     
  13. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    Hi,
    yes boclean is free
     
  14. ccsito

    ccsito Registered Member

    Joined:
    Jul 27, 2006
    Posts:
    1,579
    Location:
    Nation's Capital
    According to this webpage, it is 100% free. But, remember that free may come with a price. ;) :rolleyes: :gack:

    http://www.comodo.com/boclean/boclean.html
     
  15. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    Not quite sure I understand what you mean by free may come with a price?

     
  16. HURST

    HURST Registered Member

    Joined:
    Jul 20, 2007
    Posts:
    1,419
    He means that maybe it's free, but there is another price to pay (could be adware, spyware, bad quality product, etc...) I don't know if this is exactly what he meant, but BOClean is a product that has the respect of many users hare at wilders.
    There are some issues, discussed widely in a thread called "goodbye to Boclean", I recommend you to read that thread. It's in the "other anti-trojan software" sub-forum.
     
  17. Tarq57

    Tarq57 Registered Member

    Joined:
    Oct 7, 2006
    Posts:
    966
    Location:
    Wellington NZ
    Offer the guy a bit of eduction about safe surfer practices, and tell him next time you have to do this, he'll lose all his safe data. (Or the time after that, depending on your tolerance) and to fix it next time, format the disk and re-install windows.
     
Loading...
Thread Status:
Not open for further replies.