Viruses for the Holidays: Three Go-To Tools to Keep You Merry

Artwork: Chip Taylor
This time of year, you'll probably see family and friends from far and near. You may visit them or they may visit you, but in either case, computer woes will arise. As the "IT guy" (or gal) in your circle, you'll be expected to deal with them.

This past week, my wife had our second child, a girl this time, and my in-laws have been visiting and helping with pretty much everything. My father-in-law brought his own laptop, and in the course of the week, I've provided networked printer support, Android ActiveSync support, and more. We had him humming along just fine off my wireless network, yet for some unknown reason, he decided to sit at my wife's computer, a newer system that I haven't installed any antivirus product on just yet. Of course he gets a Microsoft Security Essentials alert.

[ Windows 7 is making huge inroads into business IT. But with it comes new security threats and security methods. InfoWorld's expert contributors show you how to secure the new OS in the "Windows 7 Security Deep Dive" PDF guide. ]

Although I use Microsoft Security Essentials on my home systems, I haven't installed it on my wife's computer. I know that, but my father-in-law, unfortunately, did not. Seeing the official Microsoft flag, he clicked the link from what was actually a phishing attack, allowing the ThinkPoint virus to infect the system.

ThinkPoint is a fake antispyware program. Users are told that they are infected, asked to perform a (fake) scan, and informed they need a licensed version of the (malware) software called ThinkPoint.

He was sorry, I was frustrated, and we kept my naturally preoccupied wife completely in the dark about it. The Internet was full of suggestions, some of which required the download of another tool that might help, but I was worried it was just a second scam. I tried a few quick fixes and ultimately settled on a system restore that put my wife's system back a few days and required me to reinstall a few Adobe updates. At least it got the system to pre-infection mode. I then made sure to install Microsoft Security Essentials.

All of this got me thinking. I was able to stay calm because I knew I wasn't the first person to have this problem. I knew I could reach out to the Internet and find a solution. I knew I could follow a pattern of deduction that would eventually lead me in the right direction -- so let me share that knowledge with you. Here are a few tools and ideas to consider should you get such a nasty surprise.

Last Known Good Configuration. When you boot or restart your Windows PC, you can force the presentation of advanced boot options by holding the F8 key before the Windows startup screen appears. It's the same method you use to select Windows' Safe Mode, an advanced boot option. Another advanced option is the Last Known Good Configuration, which is a misleading title. If you make a change to your system -- for example, installed a driver or made a registry adjustment -- and encounter the Blue Screen of Death or cannot log in, choose the Last Known Good option to revert to saved registry settings and configuration settings from the last time you successfully logged in. Any registry changes made since you last logged in will be gone, although file changes or new files will not be harmed.

System Restore. There is another level that allows you to restore your computer to an earlier configuration without affecting recent emails received, documents, photos, and other personal files. Perhaps you installed an upgrade, a new driver or a program, or in my case, thanks to my father-in-law, the ThinkPoint virus. You can log in, but there's a driver conflict, malware infection, or issue. If you have System Restore enabled on your PC (in the System control panel), your computer creates restore points automatically; you can also create them manually, if you prefer. These restore points are typically created when you install something new, allowing you to revert the system and undo those changes. Keep in mind that this is not a backup solution; it doesn't help you recover files you might have accidentally deleted.

System Restore and your antivirus software can and should work together to ensure you don't have infected files, as well as eradicate any system issues. After all, some viruses hibernate for a while, so a previous restore point may still contain the virus you're hoping to remove. An antivirus program should catch that infection even in the restore points.

Microsoft's Fix-It Solution Center: Sometimes when I have problems, I look for a help article from the Microsoft site's knowledge base; these articles often contain a Fix-It link to fix the problem automatically. There are more than 500 of these available, and I love them. There are multiple ways to define a problem, such as by selecting the product, symptom, or application, and the articles are available in 35 languages.

This happy time of year brings with it family visits of all sorts. To keep it joyful, put a safe distance between your in-laws and your computers, and have these three tools at the ready should something go awry.

This article, "Viruses for the holidays: Three go-to tools to keep you merry," was originally published at InfoWorld.com. Read more of J. Peter Bruzzese's Enterprise Windows blog and follow the latest developments in business software and Windows at InfoWorld.com.

Subscribe to the Security Watch Newsletter

Comments