In last week's UPDATE commentary, I described an all-too-familiar scenario in which I, as the resident PC expert among a certain circle of friends and family, become the lifetime tech support for all of them. Based on my email, much of you are in the same boat as well.
Indeed, I received a wellspring of feedback from readers, and I'd like to share some of that this week, plus provide a bit of a follow up to the story about my son's troublesome netbook. Thanks to everyone who wrote in.
First, I was impressed that a few readers actually named one of the malware types that had attacked my son's PC. It was indeed Alureon, a Trojan that typically enters a system along with a manually downloaded file—the common sense bit I mentioned previously—and then "rootkits" the PC. There were a number of side-effects from this attack, including the altered DNS settings mentioned in the article linked above, some spurious and suspect EXE files in the Windows folder that were running at startup, some corrupted drivers, and of course the initial problem that touched this episode off: The PC wouldn't boot.
But enough about my problems. Here are some of the better bits of reader feedback I received in the wake of last week's commentary.
More than a few readers noted that Microsoft's excellent Microsoft Desktop Optimization Pack (MDOP) includes a superior Diagnostic and Recovery Toolset (DaRT) that is more powerful than the recovery tools included with Windows. They're right, and I'm embarrassed I didn't think of that. MDOP is available to Software Assurance (SA) customers, but also to MSDN and TechNet subscribers.
Several readers noted that with today's viruses and malware, doing a single scan is not enough. And so while I may swear by Microsoft Security Essentials (MSE), others have other preferences, and others still think you should have a number of scanners standing by just in case. They are of course correct. Will recommended keeping a copy of Spybot - Search and Destroy around because it's ideal for triaging when something goes wrong. David recommends Kaspersky's TDSSKILLER, which is free and apparently does a pretty good job against rootkits.
Jeremy recommended using Open DNS (or even Google DNS) in place of your ISP's DNS settings, if only for the superior malicious site blocking. And while this won't help in some situations, it's worth pointing out that Windows 7 (with Windows Live Essentials 2011) has decent parental controls built-in. But Jeremy also likes K9 Web Protection, which works with Macs and PCs.
Roger had a number of great tool recommendations, including Magic Jelly Bean Keyfinder (for finding product keys after installation), MalwareBytes (because it can run alongside existing AV tools), and McAfee Site Advisor, a plug-in for IE, Firefox, and Chrome that alerts you to known malicious sites before opening the page.
Alvaro reminded me of the useful and free Windows 7 USB/DVD Download Tool, which you can use to convert an ISO image of your Windows 7 Setup DVD to install Windows 7 from a USB key. This is obvious useful for netbooks, but more generally speaking, a USB key or two is easier to carry around than a set of discs.
And then there were a few questions, or what I call the "hunter becomes the hunted" moments. A few readers, knowing that I have Windows Home Server running at home, wondered why the netbook wasn't being automatically backed up. (Answer: These things are underpowered enough as-is, and I didn't think the type of data they store warranted the overhead.) More pressingly, a few asked rhetorically that I wasn't really letting my kids run with admin privileges, was I? The answer, sadly, is yes, but I can explain about that. Really.
Well, maybe not. The truth is, my home network is like most people's, and while I'd like to take the Jerry Pournelle route and claim I make mistakes so you don't have to, there isn't that much forethought. That said, there's no reason you can't learn from my mistakes.
Again, thanks to everyone who wrote in. The volume of mail was both welcome and appreciated, as was the quality.
