Q&A What setup should I use for someone who is certain to screw up?

mitharogers

New Member
Jan 12, 2021
4
I have a situation where someone I know keeps screwing up their computer, often through malware. Previously, I had them reinstall Windows, set up Bitdefender, and set up a standard account for them to use as their main account. Still, they managed to screw it up. They’re the type of person to just login as administrator anyways and ignore AV alerts. I’m at a loss for what to do. They know they need to stop being stupid, but over time they’ll get lazy and go back to their old habits.

What should I do?
 

upnorth

Moderator
Verified
Staff member
Malware Hunter
Jul 27, 2015
4,292
Something hard core like Faronics Deep Freeze, then you need to be able to log in remotely to do their updates etc.
Move To Canada GIF
 

Evjl's Rain

Level 46
Verified
Trusted
Content Creator
Malware Hunter
Apr 18, 2016
3,542
I have a situation where someone I know keeps screwing up their computer, often through malware. Previously, I had them reinstall Windows, set up Bitdefender, and set up a standard account for them to use as their main account. Still, they managed to screw it up. They’re the type of person to just login as administrator anyways and ignore AV alerts. I’m at a loss for what to do. They know they need to stop being stupid, but over time they’ll get lazy and go back to their old habits.

What should I do?
1/ use an AV with silent mode = no popup/notification -> he/she won't be able to interact
2/ protect the AV settings with password
3/ use Deepfreeze or Shadow Defender -> works perfectly for high risk users
4/ Add browser extensions with malware filtering: windows defender browser protection, bitdefender trafficlight,...
5/ Harden the windows using simple windows hardener, hard_configurator or Syshardener
6/ make a image backup of the "perfect" state. When he screws up, restore it
 
Last edited:

SecurityNightmares

Level 37
Verified
Jan 9, 2020
2,683
I have a situation where someone I know keeps screwing up their computer, often through malware. Previously, I had them reinstall Windows, set up Bitdefender, and set up a standard account for them to use as their main account. Still, they managed to screw it up. They’re the type of person to just login as administrator anyways and ignore AV alerts. I’m at a loss for what to do. They know they need to stop being stupid, but over time they’ll get lazy and go back to their old habits.

What should I do?
Install Hard_Configurator from Andy and use recommend settings for all three:
Hard_Configurator itself (SRP and other hardening), ConfigureDefender and FirewallHardening.
Done in ~5 minutes.

If you combine that with restricted windows account, that's a very strong protection (y)
 

Freki123

Level 8
Verified
Aug 10, 2013
392
If it's not family or a person you love maybe tell them I will do it once more after that they have to find another one to do it. (Most people learn when it would cost money).
Or just never give them the adminpassword. The rest has been said already :D
 

Cortex

Level 26
Verified
Aug 4, 2016
1,517
I've had this situation more than once & if the person isn't bothered then I'm not - I've spent hours sorting PC's out only to have them mess up with stupidity etc - I now charge or refuse to spend good time if they aren't bothered of learning some basics, there are exceptions but on the whole I stick to my new system, it took many years to get to this point but here I am.
 

Templarware

Level 5
Mar 13, 2021
242
Install Hard_Configurator from Andy and use recommend settings for all three:
Hard_Configurator itself (SRP and other hardening), ConfigureDefender and FirewallHardening.
Done in ~5 minutes.

If you combine that with restricted windows account, that's a very strong protection (y)
I know about ConfigureDefender, but not FirewallHardening, where is it and what does it do?
 

bribon77

Level 34
Verified
Jul 6, 2017
2,386
Everything that has been said by colleagues is worth Gold.
I'll tell you mine for a change, install a Linux distribution, and Chao.:p

Another option is to make a backup with Macrium Reflect, or AOMEI Backupper after you have formatted, and when they ruin the system you do a restore with a USB stick, and everything stays the same as when you formatted.(y)
 
Last edited:

Nightwalker

Level 22
Verified
Trusted
Content Creator
May 26, 2014
1,139
I agree with the various suggestions posted by the members above (except for using Linux, I'm sorry bribon77 haha), but there is something even more dangerous than malware today for a careless user and that danger is fraud (in a broad sense).

Phishing, Indian/ call center scammers, social engineering and other evils need to be prevented and taught about, yes, that's right, education and digital hygiene are as, if not more, important than security solutions.

That said, in addition to the recommendations above, I suggest installing an extension like Bitdefender Traffic Light, an ad blocker like Adguard or uBlock Origin in a browser like Google Chrome or Microsoft Edge, as well as using NextDNS properly configured.

Ps: "Freeze" solutions are gold for careless users, in combination with a locked Bitdefender/Avast it should work very well.
 

shmu26

Level 85
Verified
Trusted
Content Creator
Jul 3, 2015
8,045
It is a catch-22 situation. Any solution that would be effective will be unacceptable to this user, because he will not be able to install software at whim and to his heart's desire. Just make a system image so he can restore his system to a clean state after he realizes that he trashed it. Actually, I see that @bribon77 already suggested that....
 

Spawn

Administrator
Verified
Staff member
Jan 8, 2011
21,158
Still, they managed to screw it up. They’re the type of person to just login as administrator anyways and ignore AV alerts.
Can you elaborate further on what are the kind of Alerts are being ignored? Examples: Malware sites blocked, PUA warnings...

On a Windows 10 PC, the default account is generally an Admin account linked to their Microsoft ID. Based on that, you could create a new Standard User with their MS account (so they access their cloud data), and convert the default Admin to a Local account, with a stronger password (and don't give it to them).

However, is it unethical to withhold the admin password, as the PC belongs to them, not you?
And can a local Windows Password be reset with ease?

Last resort: Do not help them, if they are too stubborn to make a change.

Tips:
Let the PC owner pay for any licensed software.

(except for using Linux, I'm sorry bribon77 haha)
What about a Chromebook (ChromeOS)?
 
Top