Re: foolproof computer from malware?

peter wrote:
One of my neighbor has managed to acquire all sorts of spywares and maybe even a rootkit.

I'm going to reformat and re-install windows on his computer.

If I make his account a limited user account, would that stop all malware from entering his computer?


Routinely using a computer with administrative privileges is not without some risk. You will be much more susceptible to some types of malware, particularly adware and spyware. While using a computer with limited privileges isn't the cure-all, silver bullet that some claim it to be, any experienced IT professional will verify that doing so definitely reduces that amount of damage and depth of penetration by the malware. If you get infected/infested while running as an administrator, the odds are much greater that any malware will be extremely difficult, if not impossible, to remove with formating the hard drive and starting anew. The intruding malware will have the same privileges to all of the files on your hard drive that you do.

A technically competent user who is aware of the risks and knows how to take proper precautions can usually safely operate with administrative privileges; I do so myself. But I certainly don't recommend it for the average computer user.


How else can I make his computer more foolproof?


"A common mistake that people make when trying to design something completely foolproof is to underestimate the ingenuity of complete fools." ~Douglas Adams


Is there any browser proxy that would *automatically* block all the bad popups, activeX, and other bad downloads? It has to be automatic. If the user has to answer a question "do you want to install a virus or a rootkit", my neighbor may click yes by accident.




There are several essential components to computer security: a
knowledgeable and pro-active user, a properly configured firewall,
reliable and up-to-date antivirus software, and the prompt repair (via
patches, hotfixes, or service packs) of any known vulnerabilities.

The weakest link in this "equation" is, of course, the computer
user. No software manufacturer can -- nor should they be expected
to -- protect the computer user from him/herself. All too many people
have bought into the various PC/software manufacturers marketing
claims of easy computing. They believe that their computer should be
no harder to use than a toaster oven; they have neither the
inclination or desire to learn how to safely use their computer. All
too few people keep their antivirus software current, install patches
in a timely manner, or stop to really think about that cutesy link
they're about to click.

Firewalls and anti-virus applications, which should always be used
and should always be running, are important components of "safe hex,"
but they cannot, and should not be expected to, protect the computer
user from him/herself. Ultimately, it is incumbent upon each and
every computer user to learn how to secure his/her own computer.

To learn more about practicing "safe hex," start with these links:

Protect Your PC
http://www.microsoft.com/security/protect/default.asp

Home Computer Security
http://www.cert.org/homeusers/HomeComputerSecurity/

List of Antivirus Software Vendors
http://support.microsoft.com/default.aspx?scid=kb;en-us;49500

Home PC Firewall Guide
http://www.firewallguide.com/

Scumware.com
http://www.scumware.com/


--

Bruce Chambers

Help us help you:
http://www.catb.org/~esr/faqs/smart-questions.html

They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. ~Benjamin Franklin

Many people would rather die than think; in fact, most do. ~Bertrand Russell

The philosopher has never killed any priests, whereas the priest has killed a great many philosophers.
~ Denis Diderot
.

Relevant Pages

  • Re: administrator vs limited account
    ... While using a computer with limited privileges isn't the cure-all, silver bullet that some claim it to be, any experienced IT professional will verify that doing so definitely reduces that amount of damage and depth of penetration by the malware. ... A technically competent user who is aware of the risks and knows how to take proper precautions can usually safely operate with administrative privileges; ... reliable and up-to-date antivirus software, ... Home Computer Security ...
    (microsoft.public.windowsxp.basics)
  • Re: Device Manager
    ... If malware has been installed with administrative privileges, ... Remove your limited user account if this is not the case. ... repair install anyway if you're positive that the system is clean. ...
    (microsoft.public.windowsxp.general)
  • Re: Key loggers - do they alarm you?
    ... All the hacker gets is a series of mouse clicks. ... it won't be the only bit of MalWare (most of them Download ... or Install themselves along with other MalWare & if ... in using a Use Account that has Full Administrative Privileges. ...
    (uk.people.silversurfers)
  • Re: Calling on a Guru to explain if Im mistaken!
    ... installing SP2 off the disc is part of the ... However I have tried antivirus software in the past and it was ... malware would also be copied back resulting in net gain of zero. ... will increase the risks of infection. ...
    (microsoft.public.security.virus)
  • Re: "Living" in admin account all day?
    ... While using a computer with limited privileges isn't the cure-all, silver bullet that some claim it to be, any experienced IT professional will verify that doing so definitely reduces that amount of damage and depth of penetration by the malware. ... A technically competent user who is aware of the risks and knows how to take proper precautions can usually safely operate with administrative privileges; ... They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. ...
    (microsoft.public.windowsxp.general)