This documentation is archived and is not being maintained.
Field Notes Tech Support for In-Laws
James Snell is a former Microsoft Support Specialist based in the U.K. He has worked with home users and with some of the largest global accounts at Microsoft. James is currently working on a new skill—fatherhood. You can reach him at James.Snell@lineone.net.
© 2008 Microsoft Corporation and CMP Media, LLC. All rights reserved; reproduction in part or in whole without permission is prohibited.
I GOT MARRIED last year and, in exchange for my beautiful wife, I seem to have signed a tech-support agreement with her entire family. Recently I got the dreaded "You know about computers, don't you?" call from my mother-in-law, and off I went to find her Windows® XP machine suffering under a ton of the usual spyware, adware, toolbars, and so on.
If you're an IT pro, chances are you're used to fixing computers. But doing it for a relative isn't as easy. The fastest way to deal with an infected machine is to format the hard disk and reinstall Windows. Unfortunately, most people reject that option because they don't want to lose all their data. That usually means you have a lengthy clean-up ahead of you. But what if you can't even get on the machine, or can't get to the Internet?
What you need to do is to put together a toolkit on a 512MB USB key, including antivirus, antispyware, and personal firewall software. Keep that toolkit up to date, and keep it handy.
You'll also want to put Windows XP Service Pack 2 (SP2) on the USB drive. Although Windows XP now comes with SP2 in the box, my mother-in-law's version predates that edition. You can download the Windows XP SP2 installation from microsoft.com/technet/prodtechnol/winxppro/maintain/winxpsp2.mspx. (You want the version for multiple computers; the one for single computer installation uses Windows Update.) At 266MB, it's hardly a quick download, but you only need to do it once.
So, let's say you've spent the afternoon either formatting and installing the OS or laboriously removing viruses and spyware, followed by, in either case, installing the necessary software updates to Windows, plus firewall, updating antivirus definitions, and so on. What now? You surely don't want to spend every weekend doing this. There are several steps you can take to make that scenario less likely.
My mother-in-law's system was filled with software-installed mainly by friends-ranging from the almost useful to utter junk. To prevent this from recurring, I locked out the admin account with a strong password and set her up as a standard user-she doesn't need to use the admin account very often. Next time someone tries to install something for her, he'll need to login as admin to continue and that's usually enough of a deterrent. That, plus a little user education, should keep the junk down. (Get Safe Online, getsafeonline.org, has some great tips for users on keeping a PC safe.)
Her security needs are different with regard to passwords. I left the password off the user account to encourage her to use it. Besides, I figure anyone with ill intent and physical access to the machine is more likely to be removing the box from the house than the data from the box.
It may seem silly then that I put a sticky note on the inside of a door on the front of the machine. But I'm not worried about her getting at the admin password without me knowing-after all, it's her machine. While these wouldn't be accepted best practices in an enterprise, my mother-in-law doesn't store any sensitive data, and she's not concerned about other people using her machine. The goal here is to make her life as a user easy, and-more importantly-my life as her tech support engineer easier!
The next step was to provide a bit of extra protection. I like the fact that a firewall is integrated into Windows and that third-party firewalls exist. However, I don't trust just one firewall alone. For added safety, my mother-in-law now has an ADSL router with an integrated firewall. Yes, this is an extra expense and an extra piece of gear to configure and run, but it does add some degree of additional protection. Plus, it's a box with flashing lights-how impressive it that?
But don't assume that the router's initial configuration is secure. I've picked up a couple that, by default, had the Web and telnet interfaces enabled on the public side. Take a minute to check the advanced options.
Software firewalls cannot load up before the networking components have gone live. The built-in Windows firewall is the only protection you have during the early stages of boot up (another reason to have Windows SP2 installed before you connect the machine to the Internet). When you disable Windows firewall, you are still protected by it until your chosen firewall has a chance to start. Plus, with the router firewall in place, I no longer have to worry that something may turn it off because it's a separate device; if it's not on, she isn't connected. Also I see it in the same way as double-keying data. For an attack to succeed, both the router and the software firewall must fail at the same time. It's not impossible, but it is less likely.
Annoy and Protect
Think how much easier the whole process would have been with a good backup. I have no patience for anyone who says they can't back up at least their most important information. DVD recorders and media aren't terribly expensive and Windows comes with backup software included. The problem is so many people just don't use it. For my mother-in-law, my solution was to do the usual backup of the My Documents folder on a schedule and to save the file straight into the CD-burning folder (%userprofile%\Local Settings\Application Data\Microsoft\CD Burning). For this to work, you have to tweak the scheduled task to run only when the user is logged on. So the CD burning wizard now gives regular (and irritating) prompts until she inserts a blank disk, and that's all I want.
Keep in Touch
By setting up Windows Live™ Messenger, you can configure desktop sharing. This means once you get home, if anything else needs setting up then you can see what's going on without making another visit (always a good thing). Incidentally, I can also confirm that taking control of a remote machine (which requires permission, of course) and being watched as you control the mouse is even more impressive than the flashy lights on the router!