Monday, May 16, 2011

Windows Home Server saves the day…

Being in my position, I often come across people wishing Windows Home Server was this way, or had this, or didn’t do that.  I suppose it’s the nature of the job to focus on what needs improvement, but every once in a while it’s nice to reflect on what works really really well.

On an internal discussion alias for Home Server, we had a fellow Microsoft employee leverage Windows Home Server to remotely assist his father, and I wanted to share that story here.  This same sort of story can show you what you can do with SBS 2011 Essentials as well.  Here is the story:

My parents recently moved down to NC. My father is an avid golfer and recently retired from State Farm after 25 years which explains why NC. Prior to the move south they lived about 40 minutes from me in north eastern Pennsylvania. I first installed a WHS in their home after getting tired of hitting numerous issues trying to setup remote control of their machines with the constant external IP changing. WHS solved that issue for me since it did dynamic updates in order to host the remote access webpage. I was happy for many months being able to log into the remote access webpage and then remote control their machines from the available computers connections tab. On a few occasions while they lived in PA minor issues happened that WHS was the savior but nothing major usually only saving a few hours of time for each incident.

Fast forward to last night around 9:30 at night when my father calls me in a panic stating that my mom is going to kill him for being on “her” computer. All he wanted to do was quickly check some Pittsburgh Steelers news site that he frequents. Well that site had a link to another site that my dad decided to check out and BLAM virus! We have all dealt with viruses before, some worse than others but this one was really annoying and pretty well thought out if I do say so myself. The virus somehow watched for any .exe file to be run and then popped up a dialog saying the .exe you ran contained a virus and to pay $39.99 to remove the virus. I tried all the usual tools to help me get rid of viruses in the past taskmgr, cmd, regedit and msconfig none of them would launch, I even got frustrated and tried sol, spider and chess also blocked.

The last course of action was to walk my dad through booting into safe mode and see if we figure out what is kicking off the virus and stop it from running. I checked the usual auto run locations and nothing fishy was there. I was stumped and without being able to remote control the machine I was in serious trouble. My next idea was to use my “dads” machine to download from my WHS the DART tools .iso which includes a version of system sweeper to scan for the virus. Well my dad convinced me to forget the DART disk and just make sure the virus was gone by going to the WHS and applying the backup from Monday at 3:00am. I remoted my dad’s machine and downloaded the restore CD from the Microsoft site [restore CD provided in box, later discussed on thread] and then walked my dad through the restore wizard. I got lucky that the network driver was built into the CD so no issues there and before we knew it the restore was off and running. I got an email from my parents this morning about how excited they were to have their PC back and they didn’t need to waste time and money shipping it back and forth.

I have since upgraded their browser to IE9 and installed any outstanding important updates on their PC to help stop this from happening again but if it does I know the fastest and easiest way is to have WHS save my bacon!