My suggestion would be to use firefox as the browser and run NoScript in it. This should avoid most of the drive-by style attacks and malvertising which is the thing a "click-happy" user is most at risk from. NoScript can be set to allow scripts from certain sites (the main site from anywhere he watches videos) whilst blocking all others, if you set it up correctly so everything he might need is allowed then he should never need to alter it's settings later. Running an adblocker in the browser would also be a wise move.
You should perhaps install firefox and then make sure to hide all the icons for starting internet explorer so that he will go straight to firefox as the browser and not open IE.
Chrome is also better than IE but for the strongest security you need a script blocking extension/add-on and although there are some for chrome they don't seem to be being actively developed.
Whichever browser you use, you should (alongside advert blocking and script blocking software) make sure all the un-necessary plugins are either disabled or put on "ask to activate". This basically means set flash player to "ask to activate" and all the others fully disabled. You should uninstall java entirely unless he needs it for a desktop program to run.
You also need make sure all his programs and his operating system are up-to-date. Most programs give you the option to automatically update thesedays, especially browsers and plugins, these should all be set to fully automatic.
My usual advice for windows updates is to set them to "check automatically but ask me when to download and install" because of some problems with updates over the last few years, but in this case it is probably better to have those updates on fully automatic.
As for an antivirus I'm not sure which to recommend here, my personal preference is AVG mainly because it is free, it does have the option to set up scheduled scans and things so it will automatically do a full system scan at a fixed time each week or month as you choose, it also automatically updates with little difficulty.
You should run an antimalware program alongside it too.
Another helpful thing is to make sure full file extensions are displayed in windows file explorer, teach him to NEVER open a file ending with .exe as this is the file type which most viruses are delivered by.
Aura's advice to put teamviwer or some other remote control software on his machine so you can log into it remotely makes sense under these circumstances.
Beyond this all the security advice i can give is the type which requires active user iteraction, in the long run your best option would be to teach him not to click on anything at all supicious.
Edited by rp88, 14 March 2015 - 12:42 PM.
Back on this site, for a while anyway, been so busy the last year.
My systems:2 laptops, intel i3 processors, windows 8.1 installed on the hard-drive and linux mint 17.3 MATE installed to USB