Some people hate the idea of sorting out Windows PCs for their friends and relations. Maybe I'm odd, but I enjoy it. I write a long-running advice column - Ask Jack, at the Guardian - and there's always a chance I can learn from the experience.
Happily, things have changed dramatically in the past five years or so, thanks to the death of Windows XP. That used to provide real horrors. But in my experience, PCs running Windows 7 and later versions rarely have serious problems, and the ones they have are almost all browser-based. Replacing an infected browser is a lot easier than sorting out a compromised operating system,
It's a good idea to keep a small suite of tools installed on a USB thumb drive. Historically, these have included Software Internals' Process Explorer and Autoruns, HiJack This, CCleaner, Malwarebytes Anti-Malware software, Kaspersky's TDSSKiller and a trial version of Hitman Pro. Today, many common tools have been replaced by SlimCleaner Free (not SlimCleaner Plus).
I usually start by running Process Explorer in admin mode, so that I can kill any suspect processes before running MBAM. Click Options then VirusTotal.com and you can have any unknown processes checked by dozens of anti-virus tools.
Of course, some malware can stop you from running anti-virus software, even from a thumbdrive, and no doubt some can hide from MBAM and/or Hitman Pro, but I've yet to encounter these beasties in the field. Most common malware harvests "low hanging fruit". Hundreds of millions of people don't keep their software up to date, and their PCs can be attacked using exploits that are months or even years old. Why make the effort to break in when so many people leave doors and windows open?
After a quick scan with MBAM, check that your relative's PC has working antivirus software (I might install Avast), that the firewall is turned on, and that Windows Updates are automatic. Windows tends to nag people to do this, so I find the operating system is usually up to date.
However, it's a good bet that there are several vulnerable third-party programs on these PCs, and it's important to deal with them. SlimCleaner can do this as well, but I usually install Secunia's Personal Software Inspector (PSI): it finds more stuff.
Scan the PC with PSI and it will find all the common software that needs updating, including any Windows code that hasn't been updated. (Windows updates sometimes fail.) The results page provides links to updates, so you rarely have to hunt the web for them.
Watch out for Oracle's Java. It's important to uninstall all versions except the current one, because the old copies are still a security risk. Ideally, I'd uninstall Java completely, but some people need it, perhaps to run games such as Minecraft.
PSI runs a weekly scan, which is too much for most people. However, I encourage them to check PSI after Windows has updated on the second Tuesday of each month.
SlimCleaner's main purpose is to list all the software installed on a PC and show its community rating on a traffic-light system from red to green. Removing unwanted software, including crapware, is one way to reduce the attack surface. However, it now includes Hijack Log, cloud-based anti-virus, tools for cleaning web browsers, seeing what's loaded when the system boots, checking/defragging/wiping disks, finding duplicate files and other things. It has become the Swiss Army knife of clean-up software, always bearing in mind that you should download it directly from SlimWare.
If they're using Microsoft's Internet Explorer, this is a good time to install Firefox (or, if you must, Chrome) and make it the default browser. Along with Firefox, I usually install Ghostery and uBlock Origin to cut down the tracking and block ads. However, if they use a commenting system such as Disqus or Livefyre (used on ZDNet) then it's important to whitelist it. Most websites should keep working, but people can always switch back to IE for ones that have problems.
Otherwise, check that the PC has at least two admin accounts - every PC should have one spare - and that different people have different accounts. Point out that Standard accounts are safer and that children should be given children's accounts, not admin accounts. See: Set up your family.
If they are using Windows 8/8.1 or 10, I show them how to use a 4-digit pin to log on. This avoids having to type in the complex password they should be using with their email account. I also show them how to refresh or reset their system from the built-in recovery system, which can be an easy way to solve a lot of problems.
Some odd people don't like apps, but I encourage Windows 10 users to download software from the Windows Store and to use apps in preference to traditional Windows programs. Apps written to Windows Runtime run sandboxed, so they are much safer than traditional Win32 apps. They are also easier to install, update and uninstall, just like Android and iOS apps.
Windows 10 includes several useful apps, and there are plenty more in the Windows Store.
In one or possibly two cases, you may want to offer remote assistance. Windows Remote Assistance is already built in, and it's not hard to use. (Just type remote into Windows' search box.) However, many people prefer to use the free TeamViewer.
In cases of extreme incompetence, you may want to get them off Windows and onto, for example, Linux Mint 17.3. However, I've not yet found a close friend or relative who is interested. Even if they were, I expect there would be some Windows thing they can't do without, such as Apple iTunes, Microsoft Office, their favourite games, or some of the old Windows Live Essentials programs for email, photos or videos. Windows Photo Gallery is indeed excellent and I'll be sad to see it go.
Two words to keep in mind are educate and automate. If you can get people to adopt better computing habits, they're less likely to run into problems. And the more processes you can automate, the less they have to worry about. Both contribute to reducing the need for future support.
As Benjamin Franklin said, "An ounce of prevention is worth a pound of cure."