chacadwa.com

Two years ago, I worked on a family member's computer. It was so messed up that I couldn't fix it, so I reloaded Windows and started over. (This was anticipated, so they'd backed up their data ahead of time.) I saved the email that I wrote, intending to post it somewhere. Here's a copy, updated a little for the two years that passed.

Tuesday, August 24, 2004
Hi Family Member,

For a variety of reasons, I did decide to go ahead and just restage your computer from scratch. I'm sending someone else a copy of this email so she can print it and you can have a chance to look at it before you get too far along in reloading everything else back onto it.

I reinstalled WindowsXP, and then applied the brand-new XP Service Pack 2, fresh from Microsoft just last week. I left Automatic Updates set to download first then prompt you to install, but I really recommend just going ahead and setting updates to install with no questions asked. (For home users. Business users should check first, and apply when it won't be disruptive.)

SP2 has its firewall enabled by default, and I have left it that way. This is still less ideal than installing a third-party personal firewall, but it should help keep you out of trouble. A dedicated hardware firewall is even better, and they're relatively cheap.

I did my best to configure other networking options to be secure, as well. You should probably set a password for your login on the computer. (For reasons to do this, follow the link below to read US-CERT's security tip ST04-002.)

I downloaded and installed Norton AntiVirus. It has a 90-day free trial subscription. That should give you enough time to dig up the info from the last time you subscribed, contact Symantec, and reinstate your original subscription.

Norton and McAfee suck for home use. In fact, this person's computer started acting up again shortly after I wrote this. Use avast! or AVG antivirus instead. Both are free for home use, and work very well without clogging up the system like some of the more expensive competitors.

I forgot to download and install Ad-Aware. You might want to do that when you get a chance. Other good anti-spyware tools include SpywareBlaster and SpyBot Search and Destroy.

I'd like to recommend that you carefully consider what really does or does not need to be reinstalled. For example, unless you really use some of its advanced features (I never have) then I wouldn't reinstall the software for your zip drive. Just connect the drive, and XP should detect it just fine. Same goes for digital cameras and the like - unless you need advanced features, or if XP can't identify the device, don't bother with the software. Most of these are invasive and not really necessary. You can copy the data from most USB devices using Windows Explorer without installing extra software.

I do realize that your Palm Pilot is an exception. The software for that does need to be reinstalled.

The same caveat goes for your DSL software. Unless it is required for authentication, (turns out it is, in most cases. The crap that comes with your cable modem is a different story) and/or you are really using some of its features, including the Yahoo! browser, I wouldn't install it. I _think_ you can just connect your PC to the DSL modem and go. If not, then yeah, I guess you'll need to install the software, but even then you might want to pick custom installation and only install the components that are
absolutely necessary.

I have installed the Mozilla Firebird Firefox browser and Thunderbird email client. Please consider using them and making them your default web and email clients. If you like them, check back at www.mozilla.org periodically for updates. If you don't like them, go into Control Panel and uninstall them so they don't clutter your system. I've included a link to some articles below that will help explain why using these alternatives to Internet Explorer and Outlook Express might be a good
idea, but the choice is (of course) yours.

*** Recommended Reading ***

First up, here's a column about dumping Internet Explorer, and why:

  http://www.securityfocus.com/printable/columnists/249

Here are some articles on related horrors to the above column:

  http://www.wired.com/news/infostructure/0,1377,63391,00.html

  http://www.wired.com/news/infostructure/0,1377,63280,00.html

  http://www.wired.com/news/infostructure/0,1377,57553,00.html

Here's another column I just read this morning, explaining how and why an unpatched XP machine will only last about 20 minutes on the Internet before getting infected:

  http://www.securityfocus.com/printable/columnists/262

Finally, there are some excellent tips at the US-CERT web site. You can go read the existing ones and also sign up to receive the new ones automatically. While you're at it, you might want to sign up for the Cyber Security Alerts (non-technical version) so you'll know when new (major) problems are found.

  http://www.us-cert.gov/cas/tips/index.html