I have a Windows 7 computer here that got infected. The computer is used by a colleague and for home use, but it's owned by the company and for problems he turns to us. He doesn't know much about computers, doesn't speak my language properly, doesn't speak English at all, and I don't speak his language. His wife and son use this computer as well, and I have no idea what they do with it. Giving instructions on how to keep this computer safe won't have any effect. He simply doesn't understand and says "yes" to anything.
The infection was quite innocent and I've removed some malware and it seems clean now. I've updated the system, installed new antivirus software, did a scan of the system, installed adblock in the browser, etc...
Now I'm thinking about removing admin rights from the default account on this computer, making it impossible to install software by the user. I can enable Windows update for any user, so that will keep on working.
I wonder however how this will workout for Avast Antivirus and Google Chrome. Those two need to update automatically if needed. Is this an effective measure, or will it do more harm than good?
Answer
Even if you remove admin rights and disable all administrator accounts, antivirus definitions and Google Chrome will be able to update, because they use special tasks to run as the SYSTEM account.
This ensures that as long as the computer is periodically rebooted, the system will stay safe.
No comments:
Post a Comment