need advice in making a pc idiot proof...

M

mycomputersucks

2[H]4U
Joined
Oct 31, 2001
Messages
2,163
about every 3 months, i'm suckered into fixing my fiancee's parent's pc. it's an XP box and despite uptodate freeware spyware protection (ad-aware and spybot) and virus protection (norton) they always manage to hose the box. her mom has a tendency to fall for scam popups like "omgz yous have teh spywares! click heer 2 remov!" and her little brother goes to weirdo porn sites.

i'm the only one w/ the admin password and her parents and her brother HAD limited accounts. i say HAD because i remember creating their accounts but this time when i checked their accounts, they have admin rights... not sure if her bro has a friend that knows to use the default admin in safemode.

so, basically, what advice can you guys give me to lockdown the pc. i'd like to make it so that they can't d/l anything. or better yet, they can d/l, but whenever the pc is restarted it resorts back to an image or restore point and everything they d/led is deleted/uninstalled unless it's saved in a "safe" folder so that they can still save documents and such. any advice on how to do this, or what i should do instead?
 
mycomputersucks said:
about every 3 months, i'm suckered into fixing my fiancee's parent's pc. it's an XP box and despite uptodate freeware spyware protection (ad-aware and spybot) and virus protection (norton) they always manage to hose the box. her mom has a tendency to fall for scam popups like "omgz yous have teh spywares! click heer 2 remov!" and her little brother goes to weirdo porn sites.

i'm the only one w/ the admin password and her parents and her brother HAD limited accounts. i say HAD because i remember creating their accounts but this time when i checked their accounts, they have admin rights... not sure if her bro has a friend that knows to use the default admin in safemode.

so, basically, what advice can you guys give me to lockdown the pc. i'd like to make it so that they can't d/l anything. or better yet, they can d/l, but whenever the pc is restarted it resorts back to an image or restore point and everything they d/led is deleted/uninstalled unless it's saved in a "safe" folder so that they can still save documents and such. any advice on how to do this, or what i should do instead?
Click to expand...
Convince them to buy a Mac.
:p

The only (other) way I know is using the policy editor if their using XP Pro. I had a similar question a while back because I was giving my computer to my little sister, and that was the response I got.
 
Deepfreeze sounds like what you are looking for.

The administrator account wasn't passworded? :eek:
 
GlobalFear said:
Deepfreeze sounds like what you are looking for.

The administrator account wasn't passworded? :eek:
Click to expand...

the administrator account thats available through safemode does not currently have a password(doesn't by default). i haven't enabled a password on it cuz if i end up forgetting the normal admin login/pass, then i have no backup access to fix the machine. however, i think her brother's friends used it to grant admin rights to his account so a password might be required now.
 
Deepfreeze is awsome, very hard to hack through too.

I'd just put SuSE 10 on there and let that be that. They'll get everything they need and can't screw it up too badly.
 
spybot + adaware only? dude think again!

i use AVG + etrust pestpatrol (active scanning) + Webroot Spysweeper (active) + spybot (non active) on my dad's comp, and he's a complete computer idiot, he dl/clicks on all the bad stuff he encounter on the web, and p_rno... and he's still ad free. I high recommend u schedule auto-scanning once in a week, in case some stuff slip pass the firewall. U just need to tell them to let it run automatically and click remove/ok or w/e to finish it.
 
Replace the spyware programs with spyware doctor. Personaly I have seen it do wonders compaired to spysweeper, pest patroll, etc. If you really want to fuck with them and keep it clean you can always setup ghost to reimage the boot drive on restart. I forget how I did this but I setup a machine a few years ago to do it.
 
Yeah, I setup a computer for my dad- xp2 with hips and firewall and av and registry defend, etc.. everything that could make it spyware proof. But no luck, he would still get crap on the computer. (it didnt help that he didnt know english too).

I installed linux, and it's all good now. He doesn't even notice the difference of using another OS since he just surfs the web and checks email.
 
mycomputersucks said:
the administrator account thats available through safemode does not currently have a password(doesn't by default). i haven't enabled a password on it cuz if i end up forgetting the normal admin login/pass, then i have no backup access to fix the machine. however, i think her brother's friends used it to grant admin rights to his account so a password might be required now.
Click to expand...

Big mistake. Atleast write down the password and place it on the inside of the computer if you keep forgeting.
 
i'm interested to know this as well. no matter what i do, spyware always manage to control my parents' computer.

so far the only guaranteed method that i know is to bash up the computer so it can never be turned on again.. cant get more proofed than that :(
 
Folks, I have this same problem with my parents(they each have their own puter). My Pop uses several different windows only programs, so Linux/Mac is not an option. I need to keep his winXP pro SP2 install clean....and the worse thing is he thinks he knows what he's doing as far as spyware removal :rolleyes:

so far i have norton AV, and adaware+spybot, but he clicks the wrong pop ups, and surfs prOn and/or hits comcasts newsgroups for it. He is a virus/trojan/spyware/malware magnet :(

*sigh* it's going to be real fun when he moves away in a month and I'll start getting calls from both my parentsevery other day for tech support :(
 
A really good line of defence is to use these 2 free tools, Protowall and The Blocklist Manager (BLM).

Some nice guys, every day, put together a list of all the nasty places (IP's) on the internet.
They are categorised into lists that you can download.
BLM can automatically download the chosen lists and processes them ready for Protowall.

Protowall loads the processed list and prevents any of the Blacklisted IPs talking to your PC and stops you from going there as well, protecting you from them.
Some of the lists will make your time online a nightmare so you need to choose wisely.
There is plenty of help in the forums.

Protowall runs in the background, protecting you all the time.
Blocklist Manager can automatically run every day or when you wish to get the Blacklists/Blocklists. It normally hogs the PC for about 10 mins to 1/2hr on default settings as it downloads the lists and processes them for Protowall.
You can prevent that though by making BLM run in the background via a setting.

Downloads
http://www.bluetack.co.uk/forums/index.php?act=dscriptca
Forums
http://www.bluetack.co.uk/forums/index.php?act=idx
If you Google for Protowall you will find a lot of tutorials on how to use it.
Its not for complete novices to setup/configure but it is free and it does work!
Its easy to use once its setup.

You can log everything it blocks to a file as it happens to see what you have been saved from :)
You wont even notice Protowall is running either.
 
Hold them accountable for their actions and stop fixing it. The problem isn't the software its the end user.
 
general said:
Hold them accountable for their actions and stop fixing it. The problem isn't the software its the end user.
Click to expand...

Winner......:)
 
general said:
Hold them accountable for their actions and stop fixing it. The problem isn't the software its the end user.
Click to expand...

I did that with my little brother. Told my dad that I wouldn't fix his machine again because my bro kept fucking it up. I told them they were SOL next time because the little fucker didn't listen. My brother ended up figuring out how to reinstall windows because of this....

:)

Hell at least he learned something.........
 
I remember talking to someone about making a pc idiot proof, we both agreed the best way was to unplug the keyboard and mouse. :p
 
swatbat said:
This looks pretty interesting. I will have to look at it more later.
Click to expand...
I love how they actually have to put the words "using genuine Windows XP" now days. lol
 
KuJaX said:
I love how they actually have to put the words "using genuine Windows XP" now days. lol
Click to expand...

Yea I know what you mean. Can't really blame them though. On a side note my little brothers machine just blew up(not the brother I already mentioned). Stepfather made a coment that this machine wouldn't pass wga. Can't figure out why this one didn't have a legit copy of xp on it. Stupid thing has a xp pro coa on the top of it....

To be fair I have no clue what he did to kill this machine. Since it didn't have a legit code on it I'm just going to load my volume license on it as I don't care to find an oem disk that will take the key on it and I can legally load the volume license on it.
 
IceDigger said:
Install xandros, no more virus worries and its easy to use.
Click to expand...

qft

..or lindows. my parents have actually become quite comfortable with xubuntu after setting everything up for them on their older hp p3/256mb machine, and it runs much smoother than xp.
 
mycomputersucks said:
linux isn't really an option. they can barely navigate windows so i don't wana confuse them more. i'd rather get a call every 3 months to fix the pc than a call every other day on how they can't find what they want.


anyone have opinions on this software:

http://www.microsoft.com/windowsxp/sharedaccess/default.mspx

a friend recommended it to me.
Click to expand...

you might be surprised. most of the issues my parents called me with prior to using linux were spyware/virus/xp bug related.

after the first few calls of them asking how to use the digital camera and burn a music cd in xubuntu, they've had 0 issues with their machine.

use synaptic to make sure they have all of the plugin packages they need for browsing, put icons for gaim, openoffice, firefox, etc on their desktop and that's all they need to know really.
 
mycomputersucks said:
so, basically, what advice can you guys give me to lockdown the pc. i'd like to make it so that they can't d/l anything. or better yet, they can d/l, but whenever the pc is restarted it resorts back to an image or restore point and everything they d/led is deleted/uninstalled unless it's saved in a "safe" folder so that they can still save documents and such. any advice on how to do this, or what i should do instead?
Click to expand...

Pull the plug out of the wall outlet.
 
Stellar said:
you might be surprised. most of the issues my parents called me with prior to using linux were spyware/virus/xp bug related.

after the first few calls of them asking how to use the digital camera and burn a music cd in xubuntu, they've had 0 issues with their machine.

use synaptic to make sure they have all of the plugin packages they need for browsing, put icons for gaim, openoffice, firefox, etc on their desktop and that's all they need to know really.
Click to expand...

I tried loading linux on my dads machine a few years ago. Put all the apps they would use on the desktop labeled so anyone could find them. Internet, Music, Email, etc. He ended up wanting to run some windows apps that would not work right in wine and other weird issues that made me reload xp on his box.
 
ChingChang said:
How to make a PC "idiot proof"?

Shared Computer Toolkit.
Click to expand...

"Warning: The Toolkit is not intended for use on family computers as a parental controls measure — many of the security features may have adverse effects on family computers. Be sure to review the Handbook section on restricting children on a family computer if you are installing the Toolkit at home."



swatbat said:
I tried loading linux on my dads machine a few years ago. Put all the apps they would use on the desktop labeled so anyone could find them. Internet, Music, Email, etc. He ended up wanting to run some windows apps that would not work right in wine and other weird issues that made me reload xp on his box.
Click to expand...

this is why a different OS is NOT AN OPTION for me. I would just like to find a way to make the parents PCs more "bullit resistant", I know "bullitprof" is not realistic with XP.
 
mycomputersucks said:
the administrator account thats available through safemode does not currently have a password(doesn't by default). i haven't enabled a password on it cuz if i end up forgetting the normal admin login/pass, then i have no backup access to fix the machine. however, i think her brother's friends used it to grant admin rights to his account so a password might be required now.
Click to expand...
This seems to be one of your main problems. Some viruses/spyware/malware bank on this to install themselves. Huge security vulnerability. Just set it to something that you would know, and keep it as a back-door into the system for when they hose something.
 
Protowall and BlockList Manager could be just what you need to protect your PC from going to those dark places on the Internet.
This includes known sites that will load malware onto your PC from the browser by using security exploits.
Sites that are called up by installed software to download the latest spying ware.
Sites used to host the latest virus's which are called up by something nasty getting into your system. This last one makes many attacks of little use. The app may have control of your PC but nobody to command it!

I block educational sites (I've seen students at work ;)) as well as the normal ones that everyone should block.
This list accounts for over 59% of the available IPs on the internet being blocked by my PC!!

You seem desperate for a solution so felt I should remind you of my earlier post on this :)

I also use Spybot S&D's "teatimer" which you can install at the same time you install Spybot. This will monitor your system to see if anything tries to make itself run when you next boot your PC. It puts up a message saying something like xxx is trying to modify your startup... and gives you the option to allow or disallow it.

I use other software too but dont want to bore you more.
 
RavenD said:
This seems to be one of your main problems. Some viruses/spyware/malware bank on this to install themselves. Huge security vulnerability. Just set it to something that you would know, and keep it as a back-door into the system for when they hose something.
Click to expand...
I normally write the password on a piece of paper and then tape it to the inside of the case. It's not totally secured against a brother's friend, but is better than nothing. You could hide it on the back of the mobo tray for a bit more safety, most people won't look there.
 
topcat989 said:
"Warning: The Toolkit is not intended for use on family computers as a parental controls measure — many of the security features may have adverse effects on family computers. Be sure to review the Handbook section on restricting children on a family computer if you are installing the Toolkit at home."
Click to expand...
:confused: then don't use it for PARENTAL CONTROL

OP said he would like something like this:
so, basically, what advice can you guys give me to lockdown the pc. i'd like to make it so that they can't d/l anything. or better yet, they can d/l, but whenever the pc is restarted it resorts back to an image or restore point and everything they d/led is deleted/uninstalled unless it's saved in a "safe" folder so that they can still save documents and such. any advice on how to do this, or what i should do instead?
Click to expand...
You can do exactly that using shared toolkit.
 
Make sure you install a software firewall - ZoneAlarm free > SP2 firewall (not as important if they're behind a router with all ports closed)
I would also set up antispyware/antivirus apps to have scheduled scans&cleaning every night, works wonders for reducing the amount of maintenance keeping a system clean requires.
Set up Firefox or Opera as the default web browser.
 
Install Kaspersky Internet Security on it. Password the admin account (don't give them the password) and make everyone a limited user.
 
I would also enable content advisor in Internet Explorer and set a password. Disable pornographic sites and whatever else could cause them to get viruses and spyware etc. Also install an antivirus that has password protection etc.
 
You must log in or register to reply here.
Back
Top