New
#1
MS Support & Remote Access/my PC-Recomend any xtra Security Measures?
TIME IS OF THE ESSENCE MS SUPPORT will take remote access in a few hours. If there is anything else you recommend I do for security purposes let me know asap.
Short story - MS Support working to resolve issues started after restart hangs during the install process for Aug 9, 2011 Windows Updates.
The MS team leader on my account calls this morning requesting that she and the two other MS analysts be allowed to take over my Dell by Remote Access tonight and work hands on my system.
I use the involved PC mostly to support software I use when consulting to a US Agency. So I started with the Operations Manager. These are the items in place:
So even though I trust the MS team, and my employer give a thumbs up, am I missing anything that should be move. monitored, removed or installed?
- MS Support is on approved list for the government agency I work for as a consultant.
- MS identity confirmed by my employer.
- MS already under non-disclosure agreement with employer.
- Employer had me install a program today that protects the files with their data in it that is stronger than what I normally use.
- A clean boot has been done and there are no non-Microsoft services running
- The installed program also requires me to click a button once per minutes to show I am watching and kind of like UAC will make me respond affrimatively to allow them to proceed to open any folder, run any exe, run cmd
- Employer had me shred some files (temp, %temp%, some of their files, and some individual files using my software which meets Dept of Defence 5220.24-M(ECE) protocol
- There were a few files and folders they had me shred with the Guttman method that was the shredder on the software package .
- Don't need to worry about backups, they are done.
- There were very few personal files or photos so I have moved them to a flash drive and external hard drive and then disconnected both.
- I have run the lowest level Kaspersky 2012, malwarebytes and Super AntiSpyware to check for anything unclean.
- For no reason, but I have disconnected all devices uneeded like the printer and this machine has never had anything like I-tunes installed.
- Cache for IE8, Office, Adobe and Java are cleared.
- Cleared
But here is the one that made me turn to you all. The MS prework checklist requests i leave the PC attached to the network and do not make any changes to any groups settings. My employers guide says they prefer (but never says require) to have my PC go through this as a stand alone unit and use a hard wired connection while support is on?
The normal state is not even connected to the Internet or the Intranet but I am going leave homegroups alone and leave network up and connected so it is the same state as when the Windows Updates were happening, unless someone posts a reason not to do so.
Should I copy to flash and then delete all Carbonite directories?
Do anything with Event Viewer logs or IIS, other logs or DNS cache?
I have used and experienced remote access before but is there anything about having MS support doing the probing that I shoud be aware/look out for?
MS has said they will not get off tonight as lons as I can keep awake and click that button or until it is resolved. So I will try to watch sevenforuims an maybe be on IM on the other pc if still connected.
I hope this is actually my train pulling into the station but somehow I do not hold out more hope than all of the other fails. But we must be getting close, they spent an hour looking at what is happening when the Cryptographinc Services start, the log on and password , the what is happening as Cypto tried to open certain files and cannot. They seemed excited but let on nothing to me I could make heads or tails of.
Fingers Crossed.