This time of year, you'll probably see family and friends from far and near. You may visit them or they may visit you, but in either case, computer woes will arise. As the "IT guy" (or gal) in your circle, you'll be expected to deal with them.
This past week, my wife had our second child, a girl this time, and my in-laws have been visiting and helping with pretty much everything. My father-in-law brought his own laptop, and in the course of the week, I've provided networked printer support, Android ActiveSync support, and more. We had him humming along just fine off my wireless network, yet for some unknown reason, he decided to sit at my wife's computer, a newer system that I haven't installed any antivirus product on just yet. Of course he gets a Microsoft Security Essentials alert.
[ Windows 7 is making huge inroads into business IT. But with it comes new security threats and security methods. InfoWorld's expert contributors show you how to secure the new OS in the "Windows 7 Security Deep Dive" PDF guide. ]
Although I use Microsoft Security Essentials on my home systems, I haven't installed it on my wife's computer. I know that, but my father-in-law, unfortunately, did not. Seeing the official Microsoft flag, he clicked the link from what was actually a phishing attack, allowing the ThinkPoint virus to infect the system.
ThinkPoint is a fake antispyware program. Users are told that they are infected, asked to perform a (fake) scan, and informed they need a licensed version of the (malware) software called ThinkPoint.
He was sorry, I was frustrated, and we kept my naturally preoccupied wife completely in the dark about it. The Internet was full of suggestions, some of which required the download of another tool that might help, but I was worried it was just a second scam. I tried a few quick fixes and ultimately settled on a system restore that put my wife's system back a few days and required me to reinstall a few Adobe updates. At least it got the system to pre-infection mode. I then made sure to install Microsoft Security Essentials.
All of this got me thinking. I was able to stay calm because I knew I wasn't the first person to have this problem. I knew I could reach out to the Internet and find a solution. I knew I could follow a pattern of deduction that would eventually lead me in the right direction -- so let me share that knowledge with you. Here are a few tools and ideas to consider should you get such a nasty surprise.
Last Known Good Configuration. When you boot or restart your Windows PC, you can force the presentation of advanced boot options by holding the F8 key before the Windows startup screen appears. It's the same method you use to select Windows' Safe Mode, an advanced boot option. Another advanced option is the Last Known Good Configuration, which is a misleading title. If you make a change to your system -- for example, installed a driver or made a registry adjustment -- and encounter the Blue Screen of Death or cannot log in, choose the Last Known Good option to revert to saved registry settings and configuration settings from the last time you successfully logged in. Any registry changes made since you last logged in will be gone, although file changes or new files will not be harmed.