Elephant Boy Computers Reports - Archives

Current EBC Reports are here.

2002  2003  2004  2005  2006  2007 


08-27-02 - Windows security issues; Windows Update
09-04-02 - Virus reminder; Windows XP Service Pack 1; browser trick
09-09-02 - Windows XP security flaw
09-23-02 - Viruses and hoaxes
10-03-02 - Security reminder; virus news; useful newsletters
10-16-02 - Internet Explorer security flaw; Windows XP security flaw; alternate browsers
10-19-02 - Browser pop-up ads; how to use Ad-aware; killing pop-ups
10-20-02 - Bogus Ad-aware information
10-25-02 - Windows (and other) Updates; beware of e-greeting cards; make your own TeleZapper
11-07-02 - New worm; alternate email clients
12-09-02 - Making address labels; newsgroups
12-14-02 - New Windows vulnerabilities
12-22-02 - Windows XP security flaw; OE 6 & attachments; support lifecycle; web amusements

Back to top


01-02-03 - Ad-aware information; update reminder
01-16-03 - Nasty Lirva worm
01-20-03 - APC  product recall; computer cleanliness
02-12-03 - Reminder, Ad-aware 6.0, backup, spam
02-23-03 - Update on Ad-aware; patches and upgrades; Bulwer-Lytton Contest
03-18-03 - Domain Names & websites; virus and vulnerability warning
03-30-03 - Online music sites; spam
04-21-03 - Update reminder, backing up, Messenger spam
05-19-03 - Email warning; kid safety on the Internet
05-22-03 - Quick virus warning; file extensions
07-09-03 - Update reminder, scam warning, telemarketers
08-12-03 - Windows DCOM RPC Interface Buffer Overrun Vulnerability
08-27-03 - Postmaster bounces for email you didn't send
09-10-03 - More Microsoft vulnerabilities; what's a person to do?
10-06-03 - New cumulative Internet Explorer patch; why MS os's are vulnerable
10-16-03 - Microsoft security patches; iTunes for Windows; Google
10-30-03 - Updated Microsoft security patches; html in email
11-18-03 - Phishing and virus alert; Windows Update reminder
12-12-03 - Phishing continued; shopping spots


01-13-04 - Windows 98 life extended; Trojan.Xombe
01-28-04 - W32/Mydoom
02-02-04 - Microsoft February updates; foil phishers
02-26-04 - Warning about Win Antivirus 2004
03-23-04 - Witty worm, Phatbot worm
05-01-04 - W32.Sasser, W32.Gaobot, legal music downloads article
05-07-04 - Sasser update
05-14-04 - Symantec vulnerabilities; May updates
05-29-04 - Passwords, end run around spyware
06-26-04 - New vulnerability in IE; HP recalls notebook memory
08-01-04 - Patch for Download.Ject vulnerability
08-07-04 - Windows XP Service Pack 2
09-14-04 - Windows XP Service Pack 2 - further information
09-19-04 - Arrrr, Matey! and general updating
09-25-04 - Updates for JPEG vulnerability
10-31-04 - Betrayalware; malware removal


01-01-05 - Happy New Year; Security comments
01-16-05 - Security updates support; antivirus programs support; MS AntiSpyware Tool
01-24-05 - NT 4.0 Server End of Life; Service Pack level; Recovery cd's
02-10-05 - Microsoft Patches; browser vulnerabilities; Symantec vulnerabilities
02-27-05 - Program updates; email scam; beta software; XP's System Restore
03-20-05 - LimeWire vulnerability; Anti-Phishing consortium; MSN Messenger worm; Darwin Awards
04-28-05 - Firefox vulnerabilities; April Windows Updates; transferring data from old computer to new one
05-02-05 - Instant Messaging viruses
05-14-05 - Firefox and iTunes vulnerabilities; how you got the spyware
06-02-05 - MTOB worm; new Spybot and Ad-aware; SpywareInfo article
07-10-05 - MS and Claria; London Bombing Trojan; IE vulnerability; more on getting malware
07-13-05 -
New version of Firefox; Microsoft-Claria deal is dead; Patch Tuesday; Apple updates to Tiger
08-12-05 - Serious identity theft ring; Patch Tuesday, Bulwer-Lytton awards
09-11-05 -
No Microsoft Windows security updates this month; vulnerability in Firefox/Mozilla; sleazy spyware; Talk Like A Pirate Day
09-20-05 - Malware that spoofs Google; Opera browser is now free; Microsoft Shared Computer Tookit; buying a new computer
10-12-05 - Patch Tuesday; fake Google Toolbar; recovery Windows
11-02-05 - Computer disaster planning
11-30-05 - New Firefox; IRS phish; Sober worm; Sony DRM mess
12-02-05 - Critical Internet Explorer vulnerability
12-08-05 - Evil screensavers; email management

Back to top


01-02-06 - Windows MetaFile (WMF) vulnerability - severe
01-26-06 - New Thunderbird; End of Life for Win98/ME; Stopbadware.org
01-30-06 - Winamp vulnerability; Kama Sutra/Blackworm
02-01-06 - Online music sites; Safer surfing with SiteAdvisor
03-27-06 - IE vulnerabilities; Smitfraud variants; Starforce DRM issues; free stuff from Microsoft
04-28-06 - Update about the Windows Update KB908531; Common computer mistakes made by small business owners
05-27-06 - Vulnerabilitiy in Symantec AV; vulnerability in MS Word; privacy breach at Veterans Affairs; Java update; Yahoo IM worm
06-13-06 - Yahoo webmail vulnerability; Windows Vista beta; passwords and other important things
06-15-06 - Microsoft End of Life information; Patch Tuesday
07-12-06 - Patch Tuesday; Image Shack warning; Microsoft End of Support reminder; computers and heat
08-09-06 - Google antiphishing; Patch Tuesday; RIAA tactics
09-16-06 - Wireless networking; MS Office updates; September 19th
10-12-06 - Spam scam; Eudora; Patch Tuesday; IE7
11-01-06 - IE7; Firefox 2.0; Windows Defender
11-03-06 - Vista - should you upgrade; Linux offer; online music store
12-11-06 - Various program updates; MS Word vulnerabilities; Patch Tuesday; Seasonal warning; good Internet safety site


01-02-07 - More on Vista; New Year's Resolutions; Happy New Year
01-03-07 - New F-Prot AV; Avast! AV; bug in QuickTime; 2006 Darwin Award; some websites I like
01-22-07 - Outlook and new Daylight Savings Time rules; more on Vista; buying a new computer
02-15-07 - Update on Daylight Savings Time patches; Vista Grand Openings; Vista and antivirus programs; Vista on new machines; Book review (learning Vista)
03-22-07 - Various program updates; more Vista links
04-03-07 - Patch for Windows Animated Cursor vulnerability
04-24-07 - Staying safe online; Scammers exploit tragedy; Spring cleaning; Thunderbird 2.0; Dell continues to offer XP as an option
05-08-07 - Changes in Microsoft email; Old-style worm spreading through usb thumbdrives; Save your MS Office settings and other great tips from Lifehacker; Live Earth News
05-29-07 - Warning about false Microsoft email; Apple OS X security udpates; Apple-related security issue; Parental Control software (Windows)
07-11-07 - Patch Tuesday; useful Microsoft websites; buying a laptop for school
07-21-07 - Various security warnings; Windows Home Server
09-13-07 - Firefox extensions; Picasa Web Albums; Best Buy is Evil; Talk Like A Pirate Day
10-12-07 - eBay Desktop; Storm worm; Zlob trojan and codecs
10-24-07 - Online safety and security; Adobe Reader and Acrobat malware exploit
11-03-07 - The Consumerist's Ultimate Guide; IRS warns of email scam; more on malware from codecs; "Really Achieving Your Childhood Dreams"
12-16-07 - Fun things for Christmas

Back to top

08-27-02 - As you probably know, I live and breathe tech information.  The rest of you have Real Lives, and sensibly pay little attention to the latest computer-related news.  However, occasionally things come up that I think would be of use or interest to my clients.  I've spoken to some of you and have found that quite a few people wouldn't mind getting an email from me every once in a while alerting them to security fixes, small tips/tricks, etc.  So I thought I'd try doing something along those lines.  Now, I hate spam.  I think that spammers should have horrible, terrible, torturing things done to them.  And then they should be killed.  So if you don't want to get any of these Elephant Boy Reports, please email me and I'll immediately take you off the list.  Conversely, if you know someone who might be interested, have them email me and I'll add them.  All that said, here's the first bit of information:

In the last week or so there have been quite a number of security-related issues with Microsoft Internet Explorer (your browser, the software that enables you to view the web graphically).  Even if you don't use IE directly, it is tightly integrated into the Microsoft Windows operating system (Windows 98, ME, and Windows XP).  There's no need to panic, but you should update your system as soon as possible.  This is easily and painlessly done.  Updating requires that you are connected to the Internet, so if you use a dial-up connection, log on.  Cable and DSL users are already online.  Somewhere in your Start menu, usually at the top, is an entry for Windows Update.  Left-click it.  (You can also find Windows Update from within Internet Explorer under the Tools menu.)  This will bring you to Microsoft's Welcome To Windows Update site.  Click on the Product Updates link.  You'll get a notice that Microsoft is checking your computer to see what updates you need. (You may need to click "I Agree" in a pop-up window first if you haven't done this before, and that's OK - do it.)  Windows XP users get a slightly different message ("scanning for updates"), but the process is the same.

You'll then get a webpage showing all the critical updates available for your system.  You can click "Show Installed Updates" if you want to see more clearly what you need.  Be sure all the critical/security updates are checked and click the "Download" button.  Just follow the directions.  The updates will be downloaded and automagically installed on your computer.  You will probably need to reboot (restart) the computer.  You should check for Windows updates on a regular basis to keep your operating system up to date.

Back to top

09-04-02 - Just a note to remind you all to be sure your antivirus definitions are up to date.  Most of you will have this set to update automatically.  In the past week, I've removed the W32Klez virus from four people's computers.  This nasty piece of malware continues to be Number One world-wide.  Remember, Don't Panic - just keep your antivirus running and don't open attachments.  And for those of you who like to Live On The Edge and open absolutely everything (you know who you are), at least scan suspicious-looking email first, OK?

**Windows XP Service Pack 1**

Microsoft is releasing the first Service Pack for Windows XP (SP1), available for download on September 9th.  It will include all the security fixes to date, as well as other enhancements.  You'll undoubtedly be able to get it at Windows Update, and if you have a slow Internet connection (dial-up), can order the CD from Microsoft for $10.  Windows Update will be the easiest way to install it, but if a) your connection is too slow; or b) you don't want to deal with it, I'll be downloading it and burning it to a CD.  If you want me to install it for you I can, or if you'd like me to burn a copy for you I will.  If you come here with your own CD-R blank, I won't charge for the burning (unless you want to schedule something extra like training time, of course).  Naturally, if I come to your house I have to charge.  My son needs new glasses.  ;-)

It is always good to apply Service Packs, but it isn't anything you have to rush to get, either.  Microsoft's download servers will be very busy on Sept. 9 and for the next few days afterwards, so it might be hard to get in.  Not to worry, it can wait until the traffic gets lighter.

**Windows Trick**

If you are using Internet Explorer as your browser (the program used to view the Internet), to quickly enter the name of a site whose address starts with "www." and ends with ".com", type just the middle part in the Address Bar and hold down Control as you press Enter.  IE will fill in the "www." and the ".com" for you and take you there.  Example:  To enter "www.elephantboycomputers.com", just type "elephantboycomputers" in the Address Bar and then press Control + Enter.

Back to top

09-09-02 - A major security flaw has been uncovered in Windows XP.  IF YOU DO NOT USE WINDOWS XP, THIS DOES NOT APPLY TO YOU.  Windows XP SP1 (Service Pack 1) is available through the Windows Update site now.  You can choose the Express Install, which will examine your system and only
download and install the fixes you need.  Otherwise, it is a 133MB download for the whole enchilada.

SP1 will patch this new major security flaw (along with a lot of other fixes).  However, if you cannot get through to the Windows Update site (it will be busy) or have a dial-up connection, IMMEDIATELY DO THE FOLLOWING TO PROTECT YOUR SYSTEM:

Do a search for the file "uplddrvinfo.htm".  It should be in your C:\Windows\PCHealth\Helpctr\System\DFS.  The easiest way to get it is to do a search for "uplddrvinfo.htm" (enter the file name without the quote marks, obviously).  When you have found the file, right-click on it and choose "Rename".  Change the file extension (the three letters after the ".") to uplddrvinfo.old or .bil or .xxx, whatever three letters you like.  I think it would be better to not use ".old" but some other odd combination of letters.  DO THIS IMMEDIATELY.  Then apply SP1.

REPEAT: IF YOU DO NOT HAVE WINDOWS XP, THIS DOES NOT APPLY TO YOU.  Those of you running Windows 95, 98, or ME still should go to Windows Update and apply all necessary security fixes because it isn't like you're running a secure operating system and they're not.

Back to top

09-23-02 - Contents:
1. Viruses and hoaxes

I just got two emails and a phone call regarding a well-known virus hoax (jdbgmgr.exe, if you're interested), so I thought I'd remind you all about some great sources of information for all things related to viruses, hoaxes, email jokes, etc.:  http://www.sarc.com/  - Symantec Antivirus Research Center - excellent searchable database of viruses, hoaxes, and jokes.  The first place I look for virus information.  A good antidote to virus/hoax scares.

Back to top

10-03-02 - Contents:
1. Security reminder
2. Virus news
3. Useful Newsletters

1. Be sure to update your operating systems by going to Windows Update.  There have been some new vulnerabilities reported this week which affect all versions of Microsoft operating systems.  Frankly, if I sent you a report about every security bulletin from Microsoft, most of you would go hide in the closet, which isn't necessary (at least regarding your computing life - I don't know about the rest of your activities!).  Of course, some of you would stand up and roar, "Bring it on!!! and you know who you are, but that isn't sensible either, Tony ;-).  If you actually want more technical information about Microsoft, including security, the best place to start is at:


You can sign up for security bulletins there if you're interested.  Or you can just wait for Elephant Boy Computers to send you an alert when necessary.

2. In virus news this week, the ever popular W32.Klez has been pushed out of First Place by a new version of the old favorite, W32.Bugbear.  Bugbear is a mass-mailing worm with keystroke logging (to capture passwords) and backdoor capabilities.  It will attempt to stop antivirus and firewall programs.  It will come as an email attachment.  If you have been to Windows Update and updated the operating system and are running a good antivirus with updated definitions, you are protected against Bugbear.  Of course, you should always practice Safe Computing and not open email attachments. For more information about Bugbear, you can look at this page at Symantec's website:


3. Some of you want to know more about computers and technology.  The rest of you are excused now, and can go play.  One great resource is Fred Langa's LangaList.  This is an email newsletter sent out twice a week, packed with tips, information, and humor. There are two versions of the LangaList, a free one and a subscription one.  I've been a LangaList subscriber for years.  Go to http://www.langa.com/ for more information.  On the lighter side, another email newsletter that is always interesting is Mike's List, from Mike Elgan.  Mike includes technology-related news, but his focus is more on things like "Proof You Can Buy Anything On The Web" and "Mystery Pic O' The Week".  To check it out, go to http://www.mikeslist.com/ .

Back to top

10-16-02 - Contents:
1. Internet Explorer versions 5.5 and higher security flaw
2. Windows XP security flaw
3. Alternate browser information (advanced tip)

1. Another IE 5.5/6.0 security flaw has been uncovered.  Here is the information and fix, taken from The ScreenSavers website at http://www.techtv.com/screensavers

"A security hole has been found in Windows Internet Explorer that allows attackers to execute scripts on a user. The vulnerability appears when visiting websites that use the <frame> and <iframe> HTML tags. To fix the hole, follow these steps in Internet Explorer:

In Internet Explorer, open Internet Options.
Click on the Security tab.
Click on the Custom Level button.
In the Settings window, scroll down until you find, "Navigate sub-frames across different domains."
Select either Prompt or Disable."

2. This is for Windows XP/Windows 2000 users only.  There is a security hole in the Messenger service.  This service does not have anything to do with MSN Messenger, but rather is designed for corporate environments where the IT Administrator might need to send a message to all computers on the network, such as announcing a shutdown for example.  Home users do not need this service, nor do business people not using this feature. To fix this hole, turn off the Messenger service by going to:

Start>Control Panel>Administrative Tools>Services.  Under "Name", you will see the Messenger service.  It is probably set to start automatically.  Double-click on the Messenger service entry, which will give you its Properties box.  Click the Stop button.  Just above the Stop button, you will see a drop-down box for Startup Type.  Click on the little down arrow and change the Startup Type to Disabled.  Click Apply and OK, and close out of Services.

3. Your browser is the program that allows you to "see" the Internet graphically.  Internet Explorer is the Microsoft browser that comes built into Windows.  For those of you who are *not* using proprietary Internet software like AOL, you can try other browsers just for fun.  One of the best commercial browsers is Opera.  Opera comes in an ad-supported version for free, or no ads for $39.  I personally think Netscape is dreadful, but that is another free browser.  In the free browser category, Mozilla is terrific.  Each of these browsers has its advantages and disadvantages.  If you want to check them out, here are urls:

Opera       http://www.opera.com/
Netscape  http://www.netscape.com/ (click on Browser Central under Tools)
Mozilla      http://www.mozilla.org/

For more information about all the different browsers out there (and there are tons of them), check out http://browsers.evolt.org/ just for fun.

Back to top

10-19-02 - Contents:
1. Browser pop-up ads
    a. How to use Ad-aware
    b. Killing pop-ups

I had a request to cover ways to get rid of those dreadful pop-up ads (or pop-under, which can be even worse since you don't see them until you close out of the browser) you get in your browser while surfing the Internet.  The first thing you should do is be sure your computer is free of spyware (I'm assuming that you are all running a recent antivirus program with updated definitions and that you know your computer is clean).  Rather than waste bandwidth with a long explanation of spyware in this email, I'll direct you to the Spyware section of this website here.

a. The best way to clean up your system is to use Ad-aware by Lavasoft. Ad-aware searches your computer for adware/spyware and gets rid of it for you.  Here's the url: http://www.lavasoftusa.com/ .  You should definitely read the FAQ and other information there, but here's a simple explanation of how to use Ad-aware.  First, download Ad-aware.  Second, download Refupdate (from the same place).  Ad-aware works on the same principle as antivirus software, by using definitions to teach the main program about new forms of spyware.  It uses a "referencefile" to do this.  After you've downloaded and installed both Ad-aware and Refupdate, start Refupdate.  It will give you a drop-down choice of servers.  Choose one (or stick with the default), and click the "Connect" button.  Refupdate will check for a new referencefile, download it, and install it for you.  If there isn't one, it will tell you.  Exit Refupdate.

Start Ad-aware and put a check mark in all the drives except A:\ (the floppy) to be scanned.  Click the Scan button.  Ad-aware will scan your computer - it may take a while depending on how much stuff you have on your drives.  When done, it will tell you.  You can then look at all the spyware it has found.  Put check marks in all the boxes and click "Clean".  You have the option to back up the files marked for removal if you are unsure.  Ad-aware will get rid of all that nasty stuff, and then you can close the program.  The Ad-aware wizard is pretty easy to follow.  Ad-aware and Refupdate are free.

b. OK, now that you've gotten rid of any spyware, you can address killing pop-up ads.  You'll either need to run third-party software (means it isn't built into Internet Explorer) or use a different browser.  Note that if you are using AOL, I have no idea if any of the third-party software will work for you since AOL plays by its own rules, and if your AOL access is by dial-up modem (not Bring Your Own Access Broadband), I don't think you can use a different browser.  All I can say is that you can try it and see if it works.

1. POW! is one of the oldest programs to kill pop-ups. You have to train it, although it isn't hard to use.  POW! is free.  Get it here: http://www.analogx.com/contents/download/network/pow.htm

2. Pop-Up Stopper has also been around for quite a while.  It has a free version and a more full-featured version, along with other programs of that type.  Here is their site:

3. WebWasher is a free (for personal use) browser add-on.  WebWasher also makes more comprehensive commercial software for companies.  Here's the url:

4. For those of you who don't mind doing a bit of tweaking (and you can always call Elephant Boy Computers if you break something >heehee<), there is Proxomitron.  Here is their website:  http://www.spamblocked.com/proxomitron/

One thing to note:  programs like Proxomitron run as a proxy server on your machine.  In other words, they sit between your web browser and the Internet to act as a filter.  Some pages like online banking sites won't work well with a proxy. If you find you like Proxomitron (or others) but run into problems on some sites, turning off the filtering software may be necessary for those sites.  As in all cases, be sure to read Help files and FAQ's (Frequently Asked Questions) about any software you install.

If all that is too much trouble, you can always use a browser like Opera or Mozilla instead of Microsoft's Internet Explorer.  Both Opera and Mozilla enable you to quickly set a preference of not permitting unsolicited new web pages to open.  For instance, I use Opera for most of my web surfing and one of my favorite wallpaper sites (http://www.wallpapershq.com/accueil.php if you're interested) has intrusive pop-up ads on every page (well, they have to pay for the website somehow).  When I go there, I go to File>Quick Preferences> and check "Refuse Pop-Up Windows".  When I'm done and want the ability to open new windows from within a website again, I just go to the same place and check "Accept Pop-Up Windows".  Very easy.  I believe Mozilla offers something along the same lines. Opera has a free ad-supported version and a registered version for $39.  Here is the url: http://www.opera.com/ .  Mozilla is free and you can check it out here: http://www.mozilla.org/ .

Back to top

10-20-02 -
Sorry for sending another report so soon, but I got some relevant news from the Lockergnome Tech Report when I opened my email this morning.

"Bogus Ad-aware Circulating

"Lavasoft has posted an announcement to their forums warning of a possible trojan application being hawked as a valid download of AdAware, a popular spyware removal tool. Information is still being gathered about the fake, but the download file is named aware.exe or perhaps other variations. Lavasoft has posted a list of authorized mirror sites from which you should be obtaining AdAware."

Here is the url with the exact information:  http://www.lavasoftsupport.com/

And here is the information from Lavasoft:


It has come to our attention that there may be a new virus and/or Trojan masquerading as a legitimate Ad-aware download. This file or software is called aware.exe or some variation of this. We have also been informed that there may be someone out there who is actively using pop ups that seem as though they are from LavaSoft. Please be sure to only download our products from the official mirror sites listed on our downloads page:  http://www.lavasoft.de/downloads.html

This includes ONLY the following sites:

Mirror Sites:


In the interim, we are aggressively investigating these reports and are looking at every example of them we can locate. If you suspect that you have been infected with a virus of this name or are experiencing pop ups that look as though they came from LavaSoft or seem to advertise any of our products, please contact a Moderator or Administrator immediately and we will investigate this. You can also send information to the following address: urizen@lavasoft.de "

So if you got Ad-aware from a site listed on their webpages, you're fine.  As always, download from known reputable sources, run a current antivirus program, and keep those virus definitions up to date.  Back to our regularly scheduled Sunday morning.

Back to top

10-25-02 - Contents:
1. Windows (and other) Updates
2. Beware of e-greeting cards
3. Make your own TeleZapper

1. Updates - We've had quite a few new people join this mailing list, so I thought I'd repeat the information about how to use Windows Update from the very first EBC Report back in August.  For those of you who have been getting the Report for awhile, perhaps it can be a refresher, or you can just skip this bit.

It is vitally important that you keep your operating system and main applications up to date so you have all pertinent security patches.  An easy way to keep Windows operating systems current is to use Microsoft's Windows Update.  Here's how you do it:  Updating requires that you are connected to the Internet, so if you use a dial-up connection, log on.  Cable and DSL users are already online.  Somewhere in your Start menu, usually at the top, is an entry for Windows Update.  Left-click it.  (You can also find Windows Update from within Internet Explorer under the Tools menu.)  This will bring you to Microsoft's Welcome To Windows Update site.  Click on the Product Updates link.  You'll get a notice that Microsoft is checking your computer to see what updates you need. (You may need to click "I Agree" in a pop-up window first if you haven't done this before, and that's OK - do it.)  Windows XP users get a slightly different message ("scanning for updates"), but the process is the same.
You'll then get a webpage showing all the critical updates available for your system.  You can click "Show Installed Updates" if you want to see more clearly what you need.  Be sure all the critical/security updates are checked and click the "Download" button.  Just follow the directions.  The updates will be downloaded and automagically installed on your computer.  You will probably need to reboot (restart) the computer.

You can also download security patches for Internet Explorer (your browser) and for Microsoft Office.  Here is the url for Internet Explorer downloads (there is no automatic scanning):  http://www.microsoft.com/windows/ie/downloads/default.asp  . Pay particular attention to the Critical Updates, because these are the most important.  If you are unsure what version of IE you have, click on Help>About and you will see the version number.

For Microsoft Office, go to  http://office.microsoft.com/productupdates/ and at the top you will see a section called "Check for Office Updates".  Click the "Go" button next to "Scan my computer to find Office updates I need".  Just like the Windows Update site, you can choose what you'd like to download.

For other programs that are important to you (by Microsoft or by other companies), go to their websites and look around for information about patches and/or upgrades.  "Support" is usually a good place to start looking.

2. For those of you who like to send those e-greeting cards, be sure that you are doing this from a reputable site.  I personally include e-greeting cards in the category of "things that get an automatic Delete" along with never opening attachments, but a lot of people like them.  Here are links to two stories posted on The Register by the very talented people at Security Focus.  If you send (or receive) e-greeting cards, you should definitely read these:

3. I read this bit in the current issue of Wired Magazine and thought some of you more adventurous types would enjoy it.  Apparently you can make your own TeleZapper, which is a device that you buy to attach to your phone to fool telemarketers.  Right up front, you should know that I have not tried either the "real" TeleZapper or the digital one detailed below, so YMMV ("Your Mileage May Vary") and yer takes yer chances, although I don't see how it could hurt anything to try.  But anyway, according to Wired (I've paraphrased their instructions), here's how to do it:

a. The TeleZapper fools telemarketers' auto-dialing equipment by emitting the ascending 3-note special-information tone you hear before, "We're sorry, the number you have reached has been disconnected."  You can download this tone from the Web.  Do a Google search for "sit.wav" to find one of these audio files.

b. Open sit.wav in an audio-editing program like Microsoft Sound Recorder.  Edit out the second and third notes. Save the .wav file.

c. Play that one note on your computer and record it as the first sound on your answering machine's outgoing message.  Follow with a clever greeting explaining to puzzled friends what you're doing.

d. According to Wired, telemarketers will get the "zapping" tone and take you off their lists.

Back to top

11-07-02 - Contents:
1. New Worm Sighted
2. Alternate Email Clients

1. A new mass-mailing worm has appeared and is struggling to take away the top honors from W32.Klez and BugBear.  It is known as W32.Brid, but has aliases of W32/Braid-A and Win32.Braid.A, among others.  It comes as an attachment in an email called "Readme.exe".  Like so many other worms, it has its own smtp engine so it can send out emails when you are online even if you don't open your own email client.  It will send itself to everyone in your addressbook.  You are not at risk if 1) you are listening to the Elephant Boy telling you not to open email attachments; 2) you are running a current antivirus program with updated virus definitions; 3) you have gone to Windows Update and Internet Explorer Update and applied all security patches.  You can learn more about W32.Brid at this url:


2. Your email client is the program you use to get your email.  Most people running a Windows operating system use either Outlook Express or Outlook.  Outlook Express comes with Windows and is a basic email and newsreader (I'll cover newsgroups and newsreaders in another report).  Outlook is part of Microsoft Office, which may have come preinstalled on your computer if you bought it from a major manufacturer like Dell or HP.  Microsoft Office is not part of the operating system, but is a separate program.

If you use AOL, you use AOL's proprietary online email reader.  Here, we'll take a quick detour to talk about the difference between online email clients and offline clients.  Those of you who already know this can just skip this bit. ;-)  When I send this email to you, it goes to your mailbox, which lives on one of your Internet Service Provider's ("ISP") computers (called a "server").  When you want to get mail, you either log on to your ISP and read the mail online (like with AOL, Yahoo Mail, Hotmail, or the Earthlink email client) OR you download the mail using an email program like Outlook Express ("OE") or Outlook.  If you are reading the mail online, unless you save the email, it doesn't come and live on your computer.  It stays on the ISP's server until you delete it (or they empty your mailbox after some specified amount of time).  This means that you can log in from any computer anywhere with an Internet connection and read your mail.  If you download the mail with OE or Outlook, it now lives on your computer and is gone from the server.  Most regular ISP's, like Earthlink, AT&T Global, Compuserve, etc., have a place to log in and read your mail online, which is convenient for when you're not home.  The advantage to using an email client to download your email is if a) you're using dial-up and don't want to stay online to read mail; b) you can apply spam/content filters to email that are available in the email client; c) you can use whatever email client you like.*

*Unless you use AOL exclusively, in which case you might as well skip the next bit about other email clients because you can't use another email program to get your mail.  Sorry.

Why use another email program?  1) Malware writers know that most home/small office computer users run Windows and therefore are probably using OE or Outlook to get mail and often target those particular email clients.  A different email program might have less vulnerabilities to certain viruses/worms.  This DOES NOT MEAN YOU CAN GET CARELESS AND OPEN ATTACHMENTS IN OTHER EMAIL PROGRAMS BECAUSE YOU ARE STILL RUNNING A WINDOWS OPERATING SYSTEM. 2) A different email program might have capabilities that you particularly like. 3) Just for fun.

Fred Langa just did an article on other email programs.  You can find it here:  http://www.informationweek.com/LP/columnists/langa/2001/04.htm

The Mozilla browser also has an email component.

If you decide to try another email program, you don't have to uninstall OE or Outlook.  You can have more than one email program on your computer at the same time. Just download and install the new one. In order to set up the new program, you'll need to know two pieces of information:

1. Address of your ISP's incoming mail server, usually something like pop3.myISP.com

2. Address of your ISP's outgoing mail server, usually something like smtp.myISP.com

Your email address stays the same, of course.  That doesn't change because you are using a different email program - the email is still living on your ISP's server; you're just using a different piece of software to get it.  You can get the pop and smtp addresses from somewhere in your ISP's webpages or look at the account settings in OE or Outlook and copy them down.

Back to top

12-09-02 - Contents:
1. Making address labels
2. Newsgroups - what are they?

1. My brother saw my return address labels (they have the ever-cute picture of The Elephant Boy on them with my address) and wanted to know how to do it.  He also thought The List might be interested, so here you go:

You can easily add Avery label extensions to Microsoft Word, as well as a Wizard to help you create simple labels. If that is enough for you, go to http://www.avery.com/us/software/index.jsp and download the Avery Wizard (free).  There are also free templates and clip art for download.  If you want to be a little fancier, then get the Avery DesignPro program from the same page.  I believe Avery used to charge for this, but it is now free and very easy to use.  When you install
DesignPro, there is a point where the installation program cautions you that you have to have a database for certain functions. Truthfully, I'm not sure what they mean and it hasn't caused me any problems.  Just click "OK" (or "yes", whichever it is) and continue.

Once DesignPro is installed, check out its Help file for instructions.  It is very easy and I created Elephant Boy and home return address labels within minutes.  The nice thing about the DesignPro program is that you create a Master label, and then can add however many variations of that label you want.  For instance, I put the Elephant Boy's picture and my address on the Master label, leaving the first line blank.  Then I created two sub-labels - one with my name in the first line for personal labels and one with Elephant Boy Computers there instead for business labels.  DesignPro may even have more capabilities that I didn't explore because I just wanted to get the job at hand done quickly.  Have fun!

2. Newsgroups - Some of you may have heard the terms "newsgroups" and/or "Usenet" and wondered what they mean.  As you probably know, the World Wide Web (www.) is not the entire Internet.  There are email and other servers, and there is Usenet. Basically, there are thousands of newsgroups where people post text messages (although there are newsgroups dedicated to posting binary files) regarding a particular area of interest.  Although Usenet has been around for a really long time, it is a thriving area of the Internet.  Rather than take up your time here in this email with all the details, I suggest you go to:

http://groups.google.com/  and http://groups.google.com/googlegroups/help.html for a comprehensive discussion of what Usenet is and How You Do It.  You can look into various newsgroups that might interest you by using Google Groups' web-based interface.  If you decide you'd like to really get into Usenet deeper, you'll be far better off using a dedicated newsreader.  I know you are all using Microsoft operating systems, so you already have a newsreader built in - Outlook Express.  OE isn't generally considered a very good newsreader by Usenet veterans, and there are alternatives.  Netscape Communicator (http://channels.netscape.com/ns/browsers/default.jsp) includes a newsreader, as does the Mozilla browser (http://www.mozilla.org/). Another good free newsreader is Gravity.  Gravity is old and is no longer supported, but it does the job admirably.  It can be a bit hard to find, but I found it here, along with some good information on how to use it: http://cws.internet.com/news-gravity.html

Another popular Windows newsreader is Forte's Agent.  Agent is $29, I believe, but there is a free version.  Here is a link to Forte's home page:

Although there are free news servers on the Internet, generally your ISP will provide free access to newsgroup servers as part of your Internet service.  You should go to your ISP's webpage for instructions on how to set up a newsreader for their newsserver.  Some companies, such as Microsoft, provide their own news servers.

You should be aware that Usenet is often extremely "wild and wooly" and most newsgroups are not moderated.  So if your sensibilities are tender, be warned up front.  Like any society, Usenet has behavioral conventions.  The best way to participate in a newsgroup is to subscribe, read the group for quite a while, read its FAQ (Frequently Asked Questions, which are normally posted in each group on a regular basis), and get a generally sense of the culture of the group before posting.  This is called "lurking" and is a sensible thing to do.  A great compendium of links about Usenet is here:  http://www.faqs.org/usenet/index.html

Basically, if you don't want to be flamed:

1. Don't top post
2. Quote sensibly
3. Don't attach binary files in non-binary newsgroups
4. Set your line wrap to 72 characters
5. Don't use html to post - plain text is what is needed
6. Read the FAQ's.

In case you're interested, here are the newsgroups to which I currently subscribe:

(from my ISP's newsserver)

(from Microsoft - msnews.microsoft.com)

Back to top

12-14-02 -  Contents:
1. New Windows vulnerabilities

 Paul Thurrott (one of the best sources for Windows information), had this to say in today's WinInfo Update Newsletter (since I couldn't have said it better, I'm quoting him directly):

   So many Microsoft security vulnerabilities pass by me each week that I hardly pay attention anymore, but a series of vulnerabilities this week, including a particularly virulent one based on the company's Java Virtual Machine (JVM), is worth noting. You're already protected if you're using Auto Update (and you ARE using Auto Update, right?) but the JVM vulnerability affects all Windows versions since Windows 98 and could let hackers infiltrate a PC and take it over. Microsoft says that no users have been compromised to date, but we know this sort of thing is only fun until someone gets hurt. Head on over to Windows Update and grab the latest critical updates if you aren't sure whether you're already protected."
If you're interested in subscribing to WinInfo Update, go to http://www.winnetmag.net/ and click on WinInfo News.  It's listed under Resources.  There are lots of other excellent resources on the Windows & .Net Magazine site, too.

Back to top

12-22-02 - Contents:
 1. Major security flaw in Windows XP
 2. Outlook Express 6 doesn't allow you to open attachments
 3. End of the line for Windows 3xx, Windows 95, and NT 3.5x
 4. Web amusements - online comics

 1. A few days ago, Microsoft issued a report regarding a major security flaw in Windows XP.  Earlier operating systems (Windows 9x and ME) are not affected.  Briefly, the vulnerability is in the Windows shell - the part of the operating system that not only provides your familiar Windows Desktop, but also creates your working environment.  An attacker could host a specially created .mp3 or .wma file on a website; if the user hovered his mouse over the icon for the file or opened the shared folder where the file was stored, the vulnerable code could be invoked.  The .mp3 files are extremely popular music formats, and .wma files are played on the Windows Media Player.  Microsoft considers this a critical flaw.  You can find the technical explanation on Microsoft's Tech Web here:   http://www.microsoft.com/technet/security/bulletin/MS02-072.asp
A patch is available through Windows Update, and if you are keeping your system updated regularly, then you are protected.  It seems like there are security announcements for Windows every day, but because so many of you have teenagers who love to download music, I thought this one was worth a "heads up".
2. Even though the Elephant Boy has constantly warned you of the dangers of opening attachments, (Don't Do It!) some of you feel you must or like playing with fire. By default and as a security precaution to avoid saving a virus to your computer, OE 6 doesn't let you save files locally. To enable file saving within OE, perform the following steps:
    a. Start Outlook Express.
    b. From the Tools menu, select Options.
    c. Select the Security tab.
    d. Clear the "Do not allow attachments to be saved or opened that could potentially be a virus" check box, then click OK.
3. It's now official - as of December 31, 2002, all Windows 3.xx, Windows 95, and NT 3.5xx operating systems have come to the end of their supported life cycle.  This doesn't mean that if you are still running one of these older systems that they will go *poof* and disappear on January 1st, but it does mean that there will be no official support (which includes patches) for them from Microsoft.  Here is the link to Microsoft's support lifecycle page:
They're dead, Jim.

Back to top
EBC Current Reports

01-02-03 - Contents:
 1. New Ad-aware information
 2. Update reminder
1. There is some updated information for those of you who are using Ad-aware from Lavasoft to rid your computer of spyware.  Although Ad-aware has been recommended for a long time, the current version (5.83) is no longer being updated.  Lavasoft has stated that they are doing a complete rewrite of the program, and will make it available to paying customers in January, with the free version available sometime in February.  The general consensus among security folk is that you'd do best to uninstall Ad-aware, and I'm going to concur.  Remember, you do this from within the Control panel applet Add/Remove Programs.

From everything I've seen, Spybot S&D is the best choice to remove spyware/scumware.  You can get it from their website here: http://security.kolla.de/ .
A great resource for information about spyware is the SpywareInfo website here: http://www.spywareinfo.com/ . They put out a weekly email report which is extremely useful.
2. Since it is a new year, I'm going to remind you all to keep your systems safe and up-to-date by:
 a. Going to Windows Update for operating system patches
 b. Getting updates for Internet Explorer and Outlook Express
 c. Be sure you have a current antivirus program and keep its virus definitions up-to-date.

Back to top

01-16-03 - Contents:
 1. Nasty new worm - Lirva

I've been very busy lately (hurray - the children can eat!), mostly with disinfecting and repairing computers that have contracted viruses, worms, Trojan horses, and various kinds of malware.  The latest beauty making the rounds is the Lirva worm, named after the pop singer Avril Lavigne.  The worm infects users of Microsoft Outlook.  It can disable antivirus and firewall software, and overwrite (this means "seriously ruin" in non-technical language) Microsoft Word, Excel, and PowerPoint files, leaving the file sizes at 0 kb.  This means those files are unrecoverable, so the victim had better have clean backups.

Lirva spreads through the KaZaA file sharing network, Internet Relay Chat (IRC), Instant Messenging programs, and email.  Once infected, Lirva sends a copy of itself to everyone in the user's address book, using its own email server.  Lirva also collects address information from other files on the user's system.  Lirva also collects passwords from the infected system and emails them to an address presumed to be located in Russia. On the 7th, 11th, and 24th day of each month, Lirva automatically opens a Web browser on infected machines to Ms. Lavigne's website.
The worm can arrive with various subjects, message body content, and file attachments, including one that pretends to be a message from Network Associates (the makers of McAfee Antivirus) regarding a security problem with Microsoft IIS. You should know that Microsoft never distributes its security patches through email to end users, and Network Associates doesn't email Microsoft patches either.
a. Be sure you have a current antivirus program installed.
b. Be sure that program's virus definitions are kept updated.
c. Be sure you are backing up your data on a regular basis.

Back to top

01-20-03 - Contents:
1. APC product recall
2. Computer cleanliness

1. I know some of you are using an Uninterruptable Power Supply.  American Power Conversion (APC) has recalled some 2.1 million units produced under the Back-UPS CS line, specifically the CS 350 and CS 500 models in both 120-volt and 230-volt varieties.  Eight units have been reported to seriously overheat.  Symptoms included a melted outer casing and probable failure of the units.  Compare the first six characters of your UPS's serial number to see if your model qualifies for replacement:

AB0048 through

Units with an "R" at the end of the serial number are not included in the recall.  Here is a link to the article on the manufacturer's website:

If you don't know what I'm talking about, you don't have a UPS and shouldn't worry about it!
2. In all our talk about keeping our computers fit and happy, I've neglected to mention one very important factor - cleanliness.  It is a truism that a computer's most dangerous enemies are dirt and heat.  We often talk about heat-related problems and that is why there are fans inside a computer case.  The processor, RAM, and video card (especially modern ones) are the biggest producers of heat and that heat has to be dissipated so components don't suffer.  However, dirt is a culprit in hardware failures, too.  Computers attract dust, no matter how good a housekeeper you are.  Dust can form a blanket over fan openings, keeping heat inside.  Dirt can damage delicate electronic components, and/or prevent them from making proper contact with the motherboard (the main circuit board that everything inside your computer plugs into).  I've been in some very dirty environments, and when I've opened the computer cases have found literally drifts of dirt inside.  Not good!
Keep your computers in a clean environment.  Don't smoke around them.  I don't allow eating in my computer room because sooner or later someone is going to spill soda where it shouldn't go.  Don't let your cats sleep on the monitors. I'm guilty of letting my cats into the computer room because I love to do my morning surfing with Sonny the 16-lb. tabbycat on my lap, but it definitely adds to the cat hair buildup.  Look at your computers, particular the back parts.  Is there a lot of dust on the case fan?  The best way to clean a computer is to unplug everything, open the case, and *carefully* blow away the grime using a can of compressed air.  I usually take a computer outside to do this.  Using a vacuum cleaner is not a good idea, because vacuums can create static electricity, which can be fatal to computer components.  For this reason, using those fluffy dusters that use static to attract dust is not a good idea.  I have used one around the monitors, printers, and keyboards, but keep it away from the computers themselves.

Back to top

02-12-03 - Contents:
1. Reminder
2. Ad-Aware 6.0
3. Back-up refresher
4. Spam tip

1. This is a reminder for all of you to update your operating systems by going to Windows Update. There have been quite a few new vulnerabilities found in Internet Explorer and Windows operating systems for which Microsoft has issued patches. Remember, you can get to Windows Update from a shortcut on the top of your Start menu or from within Internet Explorer (Tools>Windows Update). Those of you running Windows XP will have been prompted by the automatic Windows Updater, which appears as a small blue globe in your system tray. Also, don't forget to update your virus definitions by running Live Update (or the equivalent for your specific software) from within your antivirus program. In most cases, automatic updating should be turned on, but it doesn't hurt to check it manually.

2. Lavasoft's new version of Ad-Aware - 6.0 - is now out. There is a free version and a paid version. I haven't tried it yet, but preliminary reviews indicate that Spybot Search & Destroy still finds and removes more instances of spyware/adware than Ad-Aware. However, Spybot does have a "geekier" interface and may be more difficult to use. You can download them both and use them both for complete coverage if you like. I plan to use both on my Windows boxen since I have a "belt-and-suspenders" attitude about computer security. Download these programs here:

http://www.lavasoftusa.com/ for Ad-Aware
http://security.kolla.de/ for Spybot
3. Back up your data! The best way is to burn your data on a CD-R disk. Remember, you do not need to copy programs which you can reinstall from the original CD's. You want to save your data - things *you* have created like documents, spreadsheets, financial information. I recommend saving files in one place - the My Documents folder is an excellent choice - so backup is quick and easy. To keep things neat, you can make new folders in My Documents and name them something useful (eg.,Schoolwork; Church; Recipes; Great American Novel, Plans For World Domination, etc.), just as if you were labelling file folders in a filing cabinet
Microsoft programs like Office and Money use the My Documents folder as the default saving location. Other programs, such as Quicken or QuickBooks, may not. You need to explore these other programs and know where your data is being saved. If you use industry-specific software in your business, you should call their tech support and find out what part of their program needs to be backed up. You can also save your Internet Explorer Favorites (bookmarks in Netscape) from within your browser by exporting them and saving in My Documents. Save programs you've downloaded from the Internet by keeping the installer.
On a regular schedule, back up everything you've saved by burning to a CD-R disk, copying to a Zip disk, or (worst choice but better than nothing) to a floppy disk. After you've made your backup, you can delete the downloaded program installers and any documents you don't need from your hard drive. I wouldn't get rid of any vital files (like financial ones) just in case the backup isn't good. It's a smart idea to test your backup regularly, too. Keep your backup in a safe place, not sitting next to your computer! Especially, don't store floppy disks next to a monitor. Monitors have a magnetic field and data is stored on floppies on magnetic tape, just like the old tape cassettes.  Leaving floppies next to a monitor will destroy the data and make blank disks unusable.
If you don't know how to backup or need help, call Elephant Boy Computers for some training. You will not be happy if your hard drive dies or a virus destroys Windows and all your important files are gone.
4. The Register has an interesting article this morning about how spammers are inserting tracking codes into their email messages and how to deal with this.  Basically, don't open spam but simply delete it. Spammers should die horribly! Read the article here:  http://www.theregister.co.uk/content/55/29289.html

Back to top

02-23-03 - Contents:
1.  Update on Ad-aware, NewDotNet
2.  Patches and updates
3.  Bulwer-Lytton 2002 Contest Winners

1. The latest SpywareInfo newsletter has additional information about the new version of Ad-aware. As you know, Elephant Boy Computers recommended that you uninstall any version of Ad-aware that was lower than 6.0. According to SpywareInfo, the new Ad-aware 6.0 Build 160 still had problems removing NewDotNet, CommonName Toolbar, and Webhancer. Reportedly, these issues have been fixed in Ad-aware 6.0 Build 162. If you are using Ad-aware 6.0, you can find the Build number by starting Ad-aware and looking at the very lower right-hand corner of its interface. Mine says "Ad-aware 6 Personal, Build 162". If you are using Ad-aware 6.0, be sure to update. Do this from within Ad-aware by clicking on "Check for updates now" in the lower right-hand corner of the interface above the "Start" button.  SpywareInfo also has a very good article about the NewDotNet software often found on systems. SpywareInfo is an excellent source of information about spyware/adware and privacy rights.  The website is here: http://www.spywareinfo.com/newsletter/archives/feb-2003/22.php
2. You know that you should regularly visit Windows Update to get patches for your operating system and Internet Explorer, but you should also check for patches on other software you use. Patches and updates fix problems with programs such as security vulnerabilities and/or hardware issues, and sometimes provide new features. Patches and updates are free. Upgrades are more extensive and give a "new and improved" product. Depending on the software manufacturer, upgrades may or may not be free. Usually you will have to pay for a new version, although there may be an upgrade discount. In most software for Windows, you can see the version of a program by going to its Help menu and clicking "About".
Games in particular get patches almost as soon as they are released. It is very expensive to develop a new game, and the publishers regularly push the product out the door before it is really "cooked" in order to get to market. Also, to be fair, there are so many possible combinations of hardware and software on Windows systems that, even with extensive beta testing, the game manufacturers cannot anticipate everything that might go wrong with their program on every computer. Whenever you get a new program, you should always go to the manufacturer's website and check for updates and patches. This includes drivers for hardware you might buy, too. The cd-rom that you get in the box was usually made months before you bought that new sound card or program.  Almost every patch and/or update will have a "readme" file with important information about it.  Read it!
3. The Bulwer-Lytton 2002 Contest winners have been announced. For those of you who don't know, Edward George Bulwer-Lytton was the author who wrote the immortal book, "Paul Clifford" (1830). It is generally agreed that this book has the worst opening sentence of all time:
"It was a dark and stormy night; the rain fell in torrents-- except at occasional intervals, when it was checked by a violent gust of wind which swept up the streets (for it is in London that our scene lies), rattling along the housetops, and fiercely agitating the scanty flame of the lamps that struggled against the darkness."
Contestants submit a sentence in the same vein. Those of you with a literary sense of humor can find the website here:
Back to top

03-18-03 - Contents:
1. Domain Names, Websites - How They Work
2. Virus Warning/New Vulnerabilities

1. It occurred to me that some of you might be interested in knowing about how to get domain names and websites. For those of you who couldn't care less, skip this part!

There is a great non-technical explanation of the Domain Name System by InternNIC, the Internet Corporation for Assigned Names and Numbers, on their website. Here's an excerpt, but if you want to know more, go here:  http://www.internic.net/faqs/authoritative-dns.html

"What is the Domain Name System?

"The Domain Name System (DNS)  helps users to find their way around the Internet. Every computer on the Internet has a unique address just like a telephone number  which is a rather complicated string of numbers. It is called its "IP address" (IP stands for "Internet Protocol").  But it is hard to remember everyone's IP address. The DNS makes it easier by allowing a familiar string of letters (the "domain name") to be used instead of the arcane IP address. So instead of typing, you can type www.icann.org. It is a "mnemonic" device that makes addresses easier to remember.

"Translating the name into the IP address is called "resolving the domain name." The goal of the DNS is for any Internet user any place in the world to reach a specific website IP address by entering its domain name. Domain names are also used for reaching e-mail addresses and for other Internet applications."

There's a lot more, but you can check it out yourself. Your Internet Service Provider probably offers you space on one of their computers to make a Homepage website. Because you are using their domain (like "aol.com"), your address will be something like "www.aol.com/~myusername/homepage.htm". But you can have your own domain. Here's an analogy that I think will help make the whole process clear:  think about getting a domain name and setting up a website as if you were starting a business. I'll use my domain, "elephantboycomputers.com", as an example. You register a domain name with an company that is accredited by ICANN. There are quite a few and rates vary. This action is like when you form a company and file papers with State and Local governments so you are "official" and your name is unique (for instance, you can't call yourself "Macy's" because that's already taken). I have my domains registered with my hosting company, HostingMatters, which is an excellent hosting service.

OK, so now I own "elephantboycomputers.com". What do I want to do with it? I need a public presence, or it's like being in business without a storefront. No one knows you exist. So you find a company that will host a website for you.  This is like renting a storefront, and HostingMatters is my landlord. The DNS for my site is set to Hosting Matters' servers so when you type "www.elephantboycomputers.com" into your web browser, you'll be able to find my website.

Now I have to fill my "store" with something, so I create webpages and save them as files on my hard drive. Because I'm not a website designer, I use a simple program to make the webpages - Mozilla Composer. Now I copy the files to the folder HostingMatters has for me on their computer by uploading them. And that's all there is to it! Well, not really, but this gives you an idea of what's involved in getting your own domain name.

2. Over the last few weeks, people have been getting bitten by an email with a virus attachment that is masquerading as a security update from Microsoft.  Microsoft never sends out patches in email. There have been new vulnerabilities found in various Windows operating systems (most recently one for Windows 2000). You should patch your operating system by going to Windows Update. And you know not to open attachments. But I just thought I'd warn you about this latest trick by the bad guys. Remember, for virus and hoax information go to www.sarc.com .

Back to top

03-30-03 - Contents:
1. Online music sites
2. Spam

1.  I've had a lot of clients needing major clean-up of their machines lately, mostly due to viruses and/or spyware-adware infestations. In most of those cases, KaZaA Media Desktop, WinMX, or some other kind of file-sharing software was installed. Now, all of you have heard my standard "don't do this" lecture; if you haven't or strangely want to experience it again, just go to the spyware and file-swapping sections.

I thought I'd do a bit of research on how to download music legally. Of course, if the artist has his/her own website and offers songs for download that's one way, but going to multiple websites for all the music you'd want to get would be tiresome. There are online music subscription services which might be a good way to go. CAVEAT AND DISCLOSURE:  I don't use any of these and I can't vouch for them one way or the other. You'll have to do your own research. That would include
reading the website's FAQ's (Frequently Asked Questions), Privacy Policy, and ALL the fine print. You can check out if the website in question has been rated by other users at sites like:  www.rateitall.com and www.epinions.com and/or just do some research by talking to friends, reading reviews, search the web with Google, etc. Using Google, I entered the search term: "music subscription site reviews" and came up with these articles which might be useful:


That said, here are links to some online music subscription services, listed in no particular order:


Update: As of 1/14/04, I believe eMusic is no more. However, iTunes and Rhapsody are the biggest players in the online music market right now.

2. I have a small section on junk mail - spam - on the website here:


but I'd just like to remind you to NEVER RESPOND TO SPAMMERS. Many spam mails include a link for you to click on to "unsubscribe" to future mailings. THIS IS A LIE. When you click on that link, all you've done is to confirm to the spammer that he/she has a live email address and you'll get more spam, not less.  DON'T EVER BUY ANYTHING FROM A SPAMMER. Here are some interesting links in addition to the ones on my website:

http://www.wired.com/news/infostructure/0,1377,57613,00.html (this is an article from WiredNews about what happens when you buy from or otherwise contact spammers)

Back to top

04-21-03 - Contents:
1. Windows Update reminder
2. Backing up
3. Messenger spam problem

1. This is a reminder for you all to visit the Windows Update site to get patches for your operating system. There have been quite a few Windows vulnerabilities alerts over the past week or so (how strange and unusual - NOT!). If you need a refresher on how to use Windows Update, here is a link to a previous EBC Report with details.
2. I've got information about backing up in another section on this website and also in a previous EBC Report.
However, I recently had a call from someone who wanted to know of a backup solution that would require no work from him. While there are many backup programs that run in the background ONCE THEY ARE PROPERLY SET UP, there is no Computer Brownie who will automagically copy all your data and back it up to a CD-R or tape without any user input. With a tape backup system, SOMEONE still has to put in a fresh tape and verify the backup. If backing up to CD-R's, an actual human has to put in a disk and start the burning program.
For most home users, simply backing up the data files in My Documents might be enough, but you should sit down and think about what you would miss if all your stuff was gone tomorrow. Browser favorites/bookmarks? Outlook contacts, calendar, and email files? Outlook Express addressbook? Quicken or QuickBooks data? Cards you've created in a greeting card program? You get the drift. If you have a business and don't have the time or inclination to do backups, then designate one of your employees to do this, or hire an in-house IT person. Remember, only someone intimately familiar with your business will know what programs your company uses and how to back up the data created.
If you want a program that will run in the background and copy files to a specified folder, I highly recommend SecondCopy. This program is very flexible and can be configured to do simple or complex backups as you prefer. I've used it for home computing backups and yet its feature set is rich enough to be used to back up server/client configurations. SecondCopy is shareware, which means you can "try before you buy". It is very reasonably priced at $29.95, especially considering that major backup programs from companies like Veritas and NovaStor can cost anywhere from $75 to $800 on up. Of course, if you need extremely fault-tolerant server backups for your business, you will want a heavy-duty backup system. However, in that case you have your own IT Department and aren't reading this newsletter!

3. Windows 2000 and Windows XP users (Win9x and ME are not affected) have been experiencing a new kind of spam. When connected to the Internet (like with an always-on connection such as cable), but not necessarily browsing, ads will suddenly pop up on the desktop. Spammers discovered they can take advantage of the Messenger service to send ads. The Messenger service has nothing to do with an instant messaging client; rather it is there so that a Systems Administrator in a large network can send a message to everyone connected, perhaps to tell everyone to shut down now or let them know something important about system performance. If you aren't doing this (and it is unlikely that anyone reading this Report is), you don't need to have this service running. To disable it, go to your Control Panel and open the Administrative Tools applet. Then double-click on Services. This will open the Services (Local) window. Scroll down to Messenger and double-click it to get the Messenger properties. On the General tab, you'll see the Service Status. If it is started, click Stop. Then change the Startup type to Disabled by using the drop-down arrow to the right. Click Apply and OK. You should also think about getting a firewall. Sygate makes a good one that is free for personal use.
An excellent place to learn about Windows 2000 and Windows XP services is Black Viper's website.
Back to top

05-19-03 - Contents:

 1. Warning - new email spoof - caution regarding patches
 2. Kid safety on the Internet
 1. This is just a reminder that no legitimate company will send you an email with an attachment purporting to fix their product. Another email trick has surfaced wherein the email pretends to come from Microsoft with a patch* but the patch is really the Palyh (aka Mankx) virus. Here is a quote from The Register's article this morning:
 "Windows users everywhere are urged to update their anti-virus definitions following the discovery of a new worm, which poses as one of a series of odd messages from Microsoft.
 "The pest is an email and network attack worm that includes a downloaded Trojan horse component, according to a preliminary analysis of the virus by security outfit iDefense. After a computer is infected with the worm it attempts to create copies of itself in remotely shared startup locations on a network.
 "The virus also attempts to update itself by linking to a Web site. Hopefully this avenue of mischief will soon be closed.
 "The virus normally arrives via email with one of the following subject names: Re: My application, Re: Movie, Cool screensaver, Screensavers, Re: My details, Your password, Re: Approved (Red. 3394-65467), Approved (Ref. 38446-263), Your details.
 "Within this emails is an infectious attachment of filetype .pif, .pi or .uue. Again selection of these filetypes is random. Double click of the attachment and you get infected, natch. Palyh scans files (with .dbx, .eml, .htm, .html, .txt, and .wab) for fresh prospects for infection."
 As always, your best defense is 1) always run a current antivirus program and be sure its virus definitions are up-to-date; 2) never open email attachments; 3) if you must open an attachment, scan it first with your antivirus program; 4) when in doubt, check the antivirus information sites for where to look.
 *A patch is a small (usually) program that will correct problems and/or add enhancements to an application such as an operating system, game, or other software.
 2. I had a question from one of my favorite clients as to how he can insure a kid-friendly Internet experience for his grandchild. The very best solution is three-part: 1) adult supervision and oversight; 2) discuss Internet safety with your child if the child is old enough; 3) keep the computer in a public room (not the child's bedroom). That said, there are software strategies such as filtering programs or modified browsers. Notice that I say "strategies" and not "solutions". No filtering program is perfect, each has its own quirks and can cause its own problems, and an older computer-savvy child can probably get around the filters.
 The best-known filtering programs are CyberPatrol and NetNanny . Symantec's Norton Internet Security suite also has a Parental Controls feature, along with its antivirus program and firewall.
 Internet Explorer also has a Content Advisor function. Go to Tools>Internet Options>Content (Enable and Settings). Be careful here, though - enabling Content Advisor can cause problems in getting to sites you want and if you forget the password, you'll need to call Elephant Boy Computers!
 All of these programs require you to set them up, so you will need to read the manual and help files. Caveat - I have never used any of these programs so I can't give more details on them. I did set up Norton Internet Security for a client and he found that he had trouble getting to sites he needed, but that was a while ago. In any case, relying solely on filtering programs will give you a false sense of security. You still need the 3-part solution.
 Another thing to do if you are running Windows XP is to make a Limited User Account for the child. The child will not be able to install programs and otherwise mess up your computer. This is actually good security practice for everyone - make yourself a Limited User Account and use that to surf around instead of running as Administrator. Unfortunately, in the Microsoft world it is difficult to do many day-to-day tasks if you are not Administrator and many Windows programs will not run under a Limited account since they were not designed for a true multi-user operating system. Still, this is something that will work for a younger child.
 Another idea is to run a modified browser just for the child. Earthlink has its Earthlink Kids service which is an inexpensive add-on to your monthly bill.  For those of you who don't use Earthlink as your ISP, you can use SurfMonkey's service directly.
 Here are some links to a few kid-friendly websites:
 Bonus.com - http://www.bonus.com/
 Neopets - http://www.neopets.com/
 I'm sure MSN, Earthlink, and AOL all have sites for kids, too.
 Back to top

05-22-03 - Contents:

1. Quick virus warning
2. File extensions (related to 1. above)

 1. A few days ago I sent out an Elephant Boy Computers Report warning you about various fake email messages purporting to come from Microsoft with an attachment of a supposed patch - which is really a virus. Another similar, but more insidious email is making the rounds. This one comes with the subject of "Undelivered Mail Returned to Sender" with a From address of MAILER-DAEMON@yahoo.com . Attached is a file called "error.hta", which is an executable script.  Here is a link to an earlier iteration of it - Downloader-BO.dr - at McAfee's site: http://vil.nai.com/vil/content/v_99806.htm . Usually returned mail does not come with an attachment, but will include the bounced message inline.
 If you're using a current antivirus with updated definitions, you're covered, but you should still not open attachments or at the very least, be cautious and scan them first. Also, in order to protect yourself by being aware of the nature of an attachment, see 2. below.
 2. File extensions are the three letters after the dot in a Windows file name - like "myletter.doc" or "winword.exe". Windows uses the file extension to know what program is associated with the file and thereby what to use to open the file. Certain files are executable, meaning they are programs or scripts and will do something active on your computer. All Windows operating systems when freshly installed default to hiding known file extensions. So when you look at files on your hard drive, you may not see the dot and the three letters after most files. Virus writers know this and take advantage of this fact. You should turn on viewing file extensions. Under Windows 9x, double-click My Computer and then go to View>Folder Options. Click on the View tab at the top, and in the first section find "Hide file extensions for known file types". Uncheck the box, then click Apply and OK. Windows XP users will find Folder Options as a separate applet in Control Panel. For a good list of file extensions, go to Whatis.com and look up the extension in question. When in doubt, don't open the attachment!
Back to top

07-09-03 - Contents:

1. Update reminder
2. Scams and hijackings
3. Register to disallow telemarketing (a little off-topic)

1. It's been a while since the last EBC Report. I'm assuming you are all having a lovely summer and remembering to visit Windows Update on a regular basis. There have been the usual Windows vulnerabilities and the usual patches issued by Microsoft. I don't send you an email every time a Windows security hole is discovered because then you'd be getting an email from me nearly every day. Keep your computer (and your data) safe by keeping your operating system, antivirus software program, and other important programs updated.

2. There have been a rash of scams trying to lure people into entering their financial information, passwords, etc. into forms on supposedly legitimate web pages. One of the latest scams - potentially very dangerous - is aimed at Paypal users. Here's the link on SpywareInfo's website to the information:


SpywareInfo is an extremely useful site. Their weekly newsletter is free (although you can donate if you're feeling generous) and absolutely a goldmine of information about spyware, spam, and similar scams. I highly recommend it.

3. This is off-topic for a computer-related email, but may be of interest to you. There is now a Federal law that has created a national "do not call" list and which will require telemarketers to check before calling you. There was something similar for California, but the State has joined with the Federal government to consolidate both lists. You can sign up for the National Do Not Call Registry here: http://donotcall.gov/

Back to top

08-12-03 - Contents:

1. Windows DCOM RPC Interface Buffer Overrun Vulnerability
1. Last month Microsoft issued a warning about a vulnerability that would affect Windows 2000, NT, and XP systems that would allow an attacker to run code on a compromised machine. They issued a patch for the problem which could be downloaded from various sites, as well as applied via Windows Update. Here is a link to a Microsoft article about the vulnerability:
As fully expected by the tech community, a worm exploiting this vulnerability is now rapidly making the rounds. Out of the 1,000 new posts in the microsoft.public.windowsxp.general newsgroup yesterday, approximately 700+ of them referred to problems with the RPC Buffer Overrun. Here is a link to the Symantec page regarding the W32.Blaster.Worm:
Machines running Win9x and ME are not affected.
Avoiding problems like this is simple:
a) Take advantage of XP's automatic update feature. If you are on a dial-up Internet connection, be sure to visit Windows Update on a regular basis. Download and apply critical security patches.
b) Have a current antivirus program installed and be sure the virus definitions are kept updated. Most antivirus programs will check for updates automatically, but you need to be sure your particular program is doing this.
c) Use a firewall, especially if you have a broadband connection to the Internet. There are many firewall programs available, with two of the best ones (ZoneAlarm and Sygate) having free versions. XP comes with a built-in firewall. It isn't a particularly good one, but it is better than nothing.
d) Do not open email attachments. If you must open an attachment, scan it with your antivirus software first and know that you are still taking a risk.  Be sure you back up important data regularly so if disaster strikes, you can (relatively) quickly restore your files if you do get an infection.
But you knew all that, right? ;-)
Back to top

08-27-03 - Contents:

1. Postmaster bounces for email you didn't send
1. I've had at least 3 clients ask me why they are receiving notices from Postmasters about bounced emails they didn't send. This is because of the Sobig.f virus epidemic. Here's a brief explanation of what happens:
a. Someone you know (we'll call him "Bill") opens an attachment infected with Sobig (or another virus du jour) which burrows itself in Bill's computer.
b. The virus sends emails with copies of itself attached to everyone in Bill's addressbook. You're his friend, so your address is on Bill's computer.
c. The virus also "spoofs" the return address of many of the emails it sends in order to foil virus hunters, using addresses it finds in Bill's addressbook as the return address instead of his. Since you are in Bill's addressbook, sometimes the return address will be yours.
d. Clueless ISP's start refusing and bouncing emails with infected attachments in an attempt to stem the tide of viral emails. Of course, the bounced emails only add to the amount of email being sent because of the virus. The ISP bounces the mail back to where it thinks it originated based on the spoofed return address. So even though your computer didn't send that email out, you get the "return to sender" notice.
So just delete those emails immediately, keep your antivirus program current, apply all security patches from Windows Update, and don't open attachments. And if you think it's time to consider running a less virus-prone email client and/or a more secure operating system like Linux, call Elephant Boy Computers for more information.

Back to top

09-10-03 - Contents:

1. More Microsoft vulnerabilities, problems with patches
2. What's a person to do? (see #1 above)
2a. More of what's a person to do (because of #1 above)
1. The last two weeks brought us around 5 new vulnerabilities in all Microsoft Office products, and this week sees 3 more operating system holes. I say "around" because truthfully, who can keep accurate count of all Microsoft's holes? Not me. Also, apparently a recent patch for Internet Explorer isn't effective and opens a different and horrible hole.
2.  Everyone running a Microsoft operating system needs to go to the Windows Update site and apply all critical security patches. Windows XP allows you to set Automatic Updates (see the Automatic Updates tab in the System applet in Control Panel). I highly suggest you do this. Those of you who don't use Windows XP should make weekly visits to Windows Update part of your regular schedule. Although Elephant Boy Computers occasionally will send out reminders (like the Report you're reading), you are responsible for keeping your own systems patched and safe.
In addition to Windows Update for their operating systems, Microsoft offers an Office Products Update which will scan your system and see what updates your installation of Office needs. Open Word and go to the Help menu. You'll find an entry for "Office on the Web". Click on it to be taken to the Office website (obviously you'll need to be on line first). Here's a link to Microsoft's front page which has loads of useful information:  http://www.microsoft.com/
If you feel you need an email reminder for updates, you can subscribe to Microsoft's free security alert newsletter here: http://www.microsoft.com/security/security_bulletins/decision.asp
Here's a link to where you can sign up for free Office newslettershttp://www.microsoft.com/office/using/newsletter.asp
2a. Aside from keeping your operating system and applications patched, running a good antivirus (also kept up-to-date), not opening attachments (or being extremely cautious if you must), and scanning to remove spyware regularly, if you're going to use a Microsoft operating system, Internet Explorer browser, and Outlook Express and/or Outlook for email, you're pretty much stuck with being at risk from viruses and other malware. As I've said in other Elephant Boy Computers Reports, you can use a different browser like Mozilla or Opera. You can use an alternate email client like the ones that come with Mozilla and Opera (Mozilla also has standalone browser and email components) or Eudora Mail. You will still have some risk, but it will be lessened.
 You might even think about not using a Microsoft operating system. I use Linux, and my friend The Mac King swears by Apple's OSX. A lot depends on what you want to do with your computer. My own personal opinion (and this is my newsletter, so that's what you get!) is that Windows is a toy operating system best suited for playing games, and people with serious computing needs should use Linux, Unix, FreeBSD, or OSX. That aside, if you choose Microsoft, you need to practice safe computing.
Back to top

10-06-03- Contents:

1. New cumulative Internet Explorer patch
2. Why Microsoft operating systems are so vulnerable compared to Linux and Mac OSX

1. Microsoft has issued another cumulative security patch for basically every version of Internet Explorer that has ever existed. Everyone should go to Windows Update and apply any security patches that show up as needed for your system. Because Internet Explorer (your browser) is so integrated into the operating system, security vulnerabilities in this software are serious and need to be addressed immediately.
2. There has been a lot of information in the regular press (as opposed to the technical press which has known about this forever) about the problem of security and viruses relating to Microsoft operating systems. The Register has an excellent article from Security Focus that clearly explains why Windows is inherently more insecure than Linux and Mac OSX. The link is here: http://www.theregister.co.uk/content/56/33226.html
If you want to stay with a Microsoft operating system, then you really should consider using a different browser and email program. Mozilla is very nice and is free. Elephant Boy Computers can set it up for you if you need help. And there's always Linux. Let us know if you'd like to try it!
Back to top

10-16-03 - Contents:

 1. Five new Microsoft critical security patches and a rollup for XP
 2. iTunes for Windows
 3. Searching with Google
1. Good news, everyone! Five more critical Microsoft patches to apply! Hurry over to Windows Update. For those of you using Windows XP, there is a handy all-in-one security roll-up here:
http://www.microsoft.com/downloads/details.aspx?FamilyID= d531bf00-d7be-48e3-abcc-961602bd72c2&DisplayLang=en
Or just go to the Microsoft Download Center Home, where it appears in the list of top five most popular downloads here:

2. Lots of my clients have asked about good sites where they can download music legally. Until recently, eMusic.com was considered one of the best sites for PC's. Now eMusic.com has been bought out and is no longer offering unlimited downloads, which makes it unattractive all around. Look for eMusic to tank real soon.
1/14/03 update - eMusic has tanked.
It is almost universally agreed that Apple's iTunes music store is the best place to download music. Since its inception, it has left PC-oriented music download sites in the dust. Unfortunately, only people running Macs could use the service because the iTunes software would not work on Windows. Now, there really is good news for everyone - Apple has ported iTunes to Windows. Why worry that the RIAA Gestapo is going to come knocking at your door when you can legally get your music fix with the very cool and easy to use iTunes. Check it out.
3. Everyone knows that Google is a fantastic search engine. Using Google has become so much a part of our lives that a verb has been born: "to google". Want to know the lifespan of the blue whale? Google it.
However, there are many refinements to the art of using Google. There is even a book about it, "Google Hacks" by Tara Calishain and Rael Dornfest. And here is a useful article with tips for using Google from PC Magazine (oddly enough, it is dated October 28, 2003 which has caused me to look at the date I've got showing on my computer twice - nope, it's still October 16th in my world. Should I worry?)
Back to top

10-30-03 - Contents:

1. Updates to 5 Microsoft patches
2. Outlook Express stationery and html mail

1. Good news everyone! More Windows vulnerabilities! Actually, Microsoft has updated five earlier patches, so go to Windows Update as soon as possible to get the new ones. A good explanation of the patches is here:


2. There has been a rash (and I use that word on purpose) of people asking about using Outlook Express stationery and fancy fonts in their email lately. The short answer is, "Don't do it". The longer answer is that stationery is created by using html. Html is the programming language used in making webpages. Sending html email instead of plain text (ASCII) is not desirable. First, an html email message will be much larger than a plain text message and that is a burden for people who have dial-up Internet connections. Second, because html is code, it can carry a virus. Third, if you send a "beautiful" message created in Outlook Express to someone who doesn't use OE or even a Microsoft operating system (Linux, Mac, Unix), it will not look the way it does to you to the person who gets it. The same thing applies to the fancy fonts. If you use a special fancy font to create your message, the recipient must have that exact same font on their system also. Probably they won't and their system will just use something plain instead. Here is a link to an excellent explanation of email basics, very well done, clear and simple but complete:


Back to top

11-18-03 - Contents:

1. Phishing and virus alert
2. Windows Update reminder
1. There have been several well-publicized scams to steal credit card information lately. Over the last few months, people have received emails purporting to be from legitimate companies such as PayPal, AOL, and Citibank. The emails can look quite official, although many contain spelling and grammatical errors. The recipient is told that they need to update their records or something like that and directed to click on a link to the "company" website. This type of scam is called "phishing". In some cases, the website is a clever fake and not the legitimate company site at all. In the latest Citibank scam, the website truly belongs to Citibank but a popup window for the victim to enter their account information goes to the Bad Guys. Here is a very detailed and interesting account of the Citibank scheme from SecurityFocus:
Now another phishing scheme has surfaced, this time with PayPal as the legitimate company bait and a as an attachment to an email with a subject line of "IMPORTANT" and an viral worm as part of the package. Mimail-J arrives as an attachment named either www.paypal.com.pif or infoupdate.exe. There is a good explanation of this latest threat at The Register here:
Of course, I'm sure that none of EBC's clients are stupid enough to 1) open attachments; 2) run an executable attachment;  and 3) not have a current (post-2002 version with updated definitions) antivirus program. However, Better Safe Than Sorry, eh?
2. Windows Update reminder, everyone. If I sent an email to you every time there was another patch available for another Windows vulnerability, you'd be getting too many emails from me. The Elephant Boy hates to be intrusive. As you all know, Windows XP includes an automatic update feature that periodically checks the Windows Update site for new security patches. However, lots of people are still running Windows 98 and ME machines, and those people need to manually go to the Windows Update site. If you've unaccountably forgotten how to use Windows Update, refer to the very first EBC Report I sent way back in August, 2002.

Also, remember that you need to update your Microsoft Office software, too. There have been some nasty vulnerabilities in Office programs lately. The easiest way to do this is to open an Office program like Word and go to the Help menu. You'll see an entry for "Office on the Web". Click on it and you'll get taken to the Office home page. There is a link to "Check For Updates" at the upper right, which will bring you to the Downloads page where you can "Check For Updates" again. This will scan your computer for what you need, just like Windows Update does. Here is the URL for the Microsoft Office home page:
Remember, with both Windows Update and Office Update, you need to check multiple times until you get the message that there are no more critical patches for your system. For instance, if you don't have SR1 installed, the Office Update won't show that you need to download SR2 or any of the other more recent patches.

Back to top

12-12-03 - Contents:
1. Phishing continued
2. Shopping spots

1. Heads up, everyone! In last month's EBC Report, I wrote about the scam called "phishing". Now another vulnerability in Microsoft's Internet Explorer allows phishing scammers to trick people by disguising the true location of a webpage in the addressbar. The security firm Secunia has an explanation of the vulnerability here: http://www.secunia.com/advisories/10395
I know that all of the EBC Reports readers are clever, but just remember that no reputable firm (eBay, PayPal, your bank, your ISP) will ask for your username, password, credit card number, Social Security number, mother's maiden name, waist size, etc. in an email.
Microsoft has not announced whether they will release a patch for this latest vulnerability or not. They are very proud that there were no patches for the month of December (they've gone to a monthly patch issuance scheme). Good for them - unfortunately that doesn't mean there were no holes to patch in December. Mozilla is such a great browser!  :-)
 2. Although the Elephant Boy has an obsessive-compulsive personality and therefore all the Christmas shopping is done, some of you may still be looking for last-minute presents. It's not too late to squeak in an order from some online merchants so you can miss being trampled at Target. Here are some of our favorite shopping spots:
 http://www.thinkgeek.com/ for your favorite geek (hint, hint)
 http://www.x-tremegeek.com/ more geeky toys
 http://www.thelibraryshop.org/index.html  NY Public Library Gift Shop
 http://www.tfaw.com/  Things From Another World
 http://www.magnetbox.com/riaa/  RIAA Radar for those of us boycotting RIAA member-produced albums
 http://www.karate-mart.com/index.html  for the ninja in your life
 http://www.jlist.com/PG/ wonderful fun things from Japan (some adult content, but clearly set up so you don't have to go there)
 http://froogle.google.com/froogle Search tool for shopping from Google
 http://www.ups.com/tracking/tracking.html And of course, where to track your UPS shipment!
From all of us here at Elephant Boy Computers (me and thousands of imaginary minions), have a wonderful Holiday Of Your Choice and a Happy New Year!

Back to top

 01-13-04 - Contents:
1. Microsoft extends Windows 98 support
2. Happy New Year - another great Windows virus

1. Although Microsoft's official support for Windows 98 was supposed to end on January 15th of this year, the company made the surprise announcement that they would extend the older operating system's end-of-life date to June 30, 2006.  Users will be able to receive paid phone support (from Microsoft) and critical security updates until then.  Apparently Microsoft realized that not enough of its customers had switched to Windows XP (or even Windows 2000).  This is good news, because there are many computers in service that do not have hefty enough hardware to successfully run Windows XP but that do quite well with the less demanding Windows 98.  Although Microsoft would like everyone to be on a constant upgrade cycle, in reality if your older computer running Win98 meets your needs, then there is no reason to upgrade.  Users of Windows 98 should just remember to visit Windows Update on a regular basis to get security patches for their machines.  You must do this manually because there is no automatic update feature in Win98.  Remember, once you are connected to the Internet, get to Windows Update either from the top of your Start Menu or from the Tools menu in Internet Explorer.

2. Although there are new viruses every day, Trojan.Xombe is particularly tricksy because it arrives as an attachment (remember how we told you not to open that?) in an email purporting to be a security alert from Microsoft.  You can read Symantec's write-up on Xombe here:


Remember, legitimate companies like Microsoft, Symantec (Norton Antivirus), Mcafee, etc. never send out security patches as attachments in emails.  Simply delete the evil email and always have a current (no older than 2002) antivirus installed using updated definitions.

Back to top

01-28-04 - Contents:
1. W32/Mydoom, W32.Novarg, Mimail_Worm
A new version of the Mimail worm is out in the wild causing a great deal of damage. Don't be one of the ones caught by this! Here is information from Trendmicro (a well-known antivirus company) about the worm:
"A new variant of the MIMAIL worm has been found in the wild. As of January 26, 2004 1:47 PM (US Pacific Time), TrendLabs has declared a yellow alert to control the spread of WORM_MIMAIL.R. Also known as W32/Mydoom@MM, Mydoom, Win32.Mydoom.A, W32.Novarg. This mass-mailing worm selects from a list of e-mail subjects, message bodies, and attachment file names. It can also propagate using the Kazaa peer-to-peer file sharing network.
"It performs a denial of service (DoS) attack against the software business site www.sco.com. It attacks the site if the system date is February 1, 2004 or later. It ceases attacking the site and running most of its routines on February 12, 2004. It runs on Windows 98, ME, NT, 2000 and XP. It sends e-mail with the following details:
"Subject (any of the following):

    Server Report
    Mail Transaction Failed
    Mail Delivery System
 "Message Body (any of the following):

    The message contains Unicode characters and has been sent as a binary attachment.  
    The message cannot be represented in 7-bit ASCII encoding and has been sent as a binary attachment.  
    Mail transaction failed. Partial message is available. 
    Attachment: <Random name>.zip"
 (end of quote)
In addition to preparing the infected machine to perform the DoS on the SCO website, the backdoor trojan installed by the worm can download and execute arbitrary files from unspecified locations on the Internet, including keystroke loggers. Like many other viruses, this one can also spoof email addresses, so if you start getting mail from people you know with viral attachments, do not automatically assume they are infected. Their email address may just be in an addressbook on someone else's infected computer. So before you shoot them off an angry email, stop to think. They may be infected, but they may not. If the mail is from a good friend, it would be better to call them on the phone. Otherwise you are just adding to the Internet traffic load.
So practice safe computing. Do not open attachments. If you or your children are using peer-to-peer sharing software like Kazaa, LimeWire, WinMX, etc. then control yourselves for a while and abstain. Of course, only Windows machines are vulnerable, but the huge numbers of these infected machines will have a severe impact on everyone else as the Internet becomes clogged with traffic generated by the worm. Most responsible Internet Service Providers are stripping all attachments of the following types: .exe, .scr, and .pif. So if you are trying to send or receive an attachment of this type and not getting it, this is probably why. Although you shouldn't be opening attachments or encouraging others to do so, especially executable files like that! Here's the link to Symantec's write-up:
Stay safe out there.

Back to top

02-02-04 - Contents:
1. Microsoft February updates
2. Foil phishers

1. Microsoft has issued updates for February. Those of you who do not have automatic updates set (or who are using Windows 98 and don't have that option), should be sure to visit Windows Update and get the latest security patches.
2. Included in the above patches is an update to Internet Explorer meant to help foil phishers. The patch may change how certain websites work for you. Here is a link to the Microsoft article:
Staying out of phishers' nets is not hard if you use good common sense. Remember, unless you've specifically subscribed to a security newsletter, Microsoft and other legitimate companies such as antivirus firms do not send individual emails directing you to download patches. These companies never send attachments in emails. If you receive an email requesting personal information such as passwords, account numbers, credit card numbers, etc. from anyone, treat it as highly suspicious. Real companies and banks don't do this. Email is not a secure medium - sending an email is the digital equivalent of sending a postcard; anyone can read the contents. Delete questionable emails like that. Do not click on any links in them!
Stay safe by being smart.
Back to top

02-26-04 - Contents:
1.  Warning about Win Antivirus 2004

Heads up everyone. I was at a client's yesterday and they told me that when their Norton Antivirus 2003 subscription renewal notice opened and they opted to renew, another window opened and they actually sent their credit card information ($39.95 worth, I believe) to this Win Antivirus 2004 company instead. So they got tricked into downloading and installing Win Antivirus 2004 instead of renewing their Norton. Win Antivirus promptly broke Norton and insinuated itself into the operating system. It was very hard to remove.
Now, their computer was absolutely loaded with spyware. They had all the biggies and some I hadn't even seen before, but which the normal spyware removal tools (Spybot Search & Destroy and Ad-aware) caught. A quick Google on WinAntivirus 2004 - which I had never heard of before - brought me to this interesting page:
where apparently another tech had the same experience with this scummy program that I did.
So it looks like this piece of scumware floated on in with some other spyware and just waited for Norton to request renewal. Pigs. I have extremely uncharitable thoughts about creeps like this. The moral of the story is that you should always be careful where you click, keep your legitimate antivirus program updated, and removal spyware regularly.
Back to top

03-23-04 - Contents:
1. Witty worm wrecks computers
2. Visit Windows Update to protect against the Phatbot worm (and other nasties)

1.  Just a quick heads-up for those of you running either BlackIce Firewall (or other security software from Internet Security Systems). The Witty Worm does not require you to open an attachment, but rather scans for vulnerable systems and infects through an open port. The Worm is extremely destructive. Users of BlackIce should immediately 1) disable the firewall; 2)  go to ISS's website and download the patch. Here is a link to the ISS home page, as well as links to other sites detailing the vulnerability:
This brings up the point that you should always be aware of the software you have installed on your computer and periodically visit the program manufacturer's website to check for updates.
2. You probably have read about the Phatbot worm in the mainstream media lately. Of course, Phatbot is just one of the many, many worms and viruses out there. Here is a link to Symantec's write-up:
 The main point about Phatbot is that you are protected against it if you have gone to Windows Update, downloaded and installed all security patches. Those of you running XP probably have done so because automatic updating is in place. Those of you still running Windows 98 and ME (if automatic updating is not turned on in your ME system) should immediately go to Windows Update.
Back to top

05-01-04 - Contents:
1. W32.Sasser.Worm
2. W32.Gaobot variants
3. Legal music downloads article
1. W32.Sasser Worm - There's another MS-Blaster type of worm spreading across the Internet by exploiting the LSASS Buffer Overrun Vulnerability.  If you have Windows 9x or ME, your computer is not affected.  If you have Windows NT, 2000, XP, or any of the server operating systems, your computer is vulnerable.  Please immediately download and install the critical update.  Here is a link to the Microsoft Security Bulletin, which includes download links:
Signs of infection are that you keep receiving the following error messages:
1. "LSA Shell (Export Version) has encountered a problem and needs to close.  We are sorry for the inconvenience."
2. Your system reboots due to the LSASS.exe error ).
Here is a link to Symantec's information about the Sasser worm:
To stop the shutdowns long enough to install the patch and scan with your updated antivirus:

a. Click Start, click Run and type "shutdown -a" (without quotations), then click OK.
b. Press Ctrl + Alt + Delete to bring up the Task Manager and terminate the "avserve.exe" process, then delete the avserve.exe from C:\Windows and restart your computer.
2. W32.Gaobot - We've been seeing quite a few infections by the many variants of the W32.Gaobot worm lately.  Go to the Symantec Antivirus Research Center's front page for information about this, and other latest threats.
This is just a reminder that you should have a current (post-2002 version) antivirus program installed and be keeping its definitions updated. All modern antivirus programs will download and install virus definitions automatically, but in some cases (dial-up, AOL dial-up, etc.) you will need to connect to the Internet before updating.
3. There is an interesting article on Cnet about the state of legal music downloading since it is now a year since iTunes opened its virtual doors.  Here's the link to the article: http://news.com.com/2100-1027_3-5199227.html
The article includes a little chart comparing revenues between the major competing companies, which is handy if you wanted to check out music download services besides iTunes but weren't sure where to look.
Back to top

05-07-04 - Contents:
1. Update on Sasser
1. After spending the last week fighting outbreaks of the Sasser worm, I thought it would be good to share some findings with you.  If you were one of the "lucky" ones to have gotten Sasser the very first day it came out and then had your machine cleaned immediately, you are probably in the clear. After the first few hours that Sasser was in the wild, variants started appearing.
Additionally, it seems that once Sasser is in a computer, that machine is vulnerable to one of the many forms of the Gaobot worm.  Gaobot was not picked up by either version of AVG (free or subscription) until today, a rather dismal showing by Grisoft. McAfee's Stinger tool still does not catch Gaobot, although the full-featured antivirus does.  The Sasser removal tools offered by Microsoft and antivirus companies will not remove Gaobot.  Patching the operating system after the fact will not remove Gaobot and will not protect you from that worm once Gaobot (or any of its many variants) is on your computer.
If you are not using a full-featured antivirus such as Norton 2003 or 2004 (earlier versions are no longer recommended), McAfee Antivirus, eTrust, or the like, your computer may still be infected. If you are not using a true stateful firewall like Sygate, eTrust Firewall, or ZoneAlarm but are only using the firewall that comes built-into Windows XP, you are not adequately protected if your computer is still infected with a worm and/or trojan.
Some symptoms of viral infection are:
a. You cannot run Task Manager, msconfig, regedit, or the cmd prompt, or those programs appear for a second and then immediately disappear.
b. You cannot update any of your virus definitions, get to online virus scanning sites, or get to any antivirus software manufacturers' websites. You may not be able to install an antivirus if you did not have one on the computer already.
c. Your computer is still slow, unresponsive, or otherwise just not acting "right".  If you do have a full firewall, it is constantly asking you to permit Internet access to programs that you do not recognize.
Disinfecting computers harboring multiple viruses and worms is rather complicated and requires more than simply running one or two antivirus tools.  The best solution is to take the computer to a professional for repair.  Of course Elephant Boy Computers would like your business, but the most important thing is to get an infected machine off the Internet, any local area networks, and get it cleaned up.
Back to top

05-14-04 - Contents:
1. Critical vulnerability in Symantec firewall products
2. Microsoft updates - May
1. A critical vulnerability has been found in the firewall of these Symantec products:
 Symantec Norton Internet Security and Professional 2002, 2003, 2004
 Symantec Norton Personal Firewall 2002, 2003, 2004
 Symantec Norton AntiSpam 2004
 Symantec Client Firewall 5.01, 5.1.1
 Symantec Client Security 1.0, 1.1, 2.0(SCF 7.1)
 Here is the link to Symantec's write-up of the problem:
 All users of these products should use Live Update immediately, which will patch the program. As an aside, it would be smart to be running Live Update more than once a week these days, since new viruses and definitions for those viruses have been coming out daily.
2. It's that time again - Microsoft has issued the May patches for their supported operating systems. If your computer is not set to automatically visit Windows Update (as it should be in Windows XP), then be sure to do this manually.
Back to top

05-29-04 - Contents:
1. A note about passwords
2. More about preventing spyware
1. There is a very good article in this morning's The Register about the need to create good passwords and why. Here's a link to the article:
Of course, we're not really going to send a copy of the "letter" written by Scott Granneman of SecurityFocus to everyone we know because that would be Wrong And Irritating To All. But you should read what Mr. Granneman has to say. Yes, even you over there in the corner.
As an aside, I'd just like to remind you that you do have a password originally assigned to you by your Internet Service Provider (ISP) to get on line and to get your email. I can't tell you how many people think they don't have one, so when Internet access or their email has to be set up again for one reason or another, they wind up having to talk to their ISP's tech support. We all know how fun that is. What usually happens is that Internet access gets set up when the user signs up with Earthlink or SBC/Yahoo, or whoever - including setting a password for logging on to the service and possibly a different one for email - and then years go by during which the original password is forgotten. Maybe it was never written down or maybe that tiny little scrap of paper that had all the important information has disappeared. Probably your Significant Other threw it out.
Then the day comes when you get a new computer or Windows has to be reinstalled and Elephant Boy Computers personnel (that's just me, of course, but "personnel" sounds so much more impressive) - anyway, the EBC Minion turns to you cheerfully and says, "OK, what's your username and password?" and you look at the Minion with hate and say, "I haven't got one". When the Minion (me again!) says, "Yes you have" then you hate me even more. So - yes, you have got a username and password for your Internet access and email; keep track of them.
2. The battle against spyware goes on, and frankly it doesn't look like Windows users are winning. I suppose I should be glad because all this malware infecting your computers helps Elephant Boy Computers personnel live in the Lap Of Luxury (hahahahah - that is so Not Funny), but really Spyware is Evil. However, I'm going to tell the children that they can't have those shiny new shoes because all the EBC clients are going to be smart and try a different browser!
Seriously, you can remove spyware on a regular basis and be really careful where you click, but a good way to avoid popups and the like is just to do an end run around them and use a different browser. For those of you who weren't paying attention during the Previous Lesson, a browser is the program that allows you to "see" the Internet. The browser that comes built into Windows is Internet Explorer. There are other browsers like Netscape and Opera and Mozilla. I haven't looked at Netscape in years because it really got awful. Opera is quite good, but the free version has ads and the ad-free version costs. However, if you try Opera and love it, the small price to pay all those starving coders programming their little hearts out to make you happy is worth it. Mozilla is wonderful and free and has lots of very neat features, like tabbed browsing. Best of all, Mozilla has excellent popup and cookie control. I believe that Opera has those features, too - I'm just most familiar with Mozilla since that is what I use both in Windows and in Linux.

Here are links to where you can download all three browsers to try them out if you like. Or call us and the EBC Minion (me again!) will come and install them for you.


Back to top

06-26-04 - Contents:
1. New vulnerability in Internet Explorer
 2. HP recalls notebook RAM (memory)
 1. From an article in The Register yesterday:
 Although I certainly wouldn't panic, it would be really smart to:
 a) Set Internet Explorer's security options as described in this article by Mike Healan on SpywareInfo:
 b) Use an alternate browser. My preference is for Mozilla. You can get the latest version of Mozilla here:
 2. HP recalls notebook RAM
 From an article in The Register this morning:

"Hewlett Packard has said it will replace memory in over a dozen series of its notebook PCs, affecting almost a million users, because of a design flaw. HP characterizes this as an "industry wide" design flaw not restricted to one memory supplier. Other PC manufacturers will be affected, said HP. Symptoms include more BSODs (Blue Screens of Death) than normal.
"The company says that it hasn't received a complaint yet, but is "pre-emptively" introducing a repair program. Owners will receive a kit including a screwdriver, and after mailing in the current stick, receive a replacement. The models affected include the Compaq Evo Notebook N610c, N610v, N620c, N800c, N800v, N800w, N1000c, and N1000v; Compaq Presario 1500, 2800, x1000, and x1200; and the HP Compaq nx7000 and HP Pavilion zt3000."
 If you have an HP notebook that is affected, here is a link to HP's instructions:  http://h30090.www3.hp.com/mmrp/
Back to top

8-01-04 - Contents:

1. New Microsoft patch for Download.Ject vulnerability
Everyone should go to Windows Update to apply the new patch. Microsoft considers this critical enough to issue the patch outside of their normal patch cycle. Microsoft issues new patches on the second Tuesday of each month.
Those of you using the automatic update feature of Windows XP, 2000, and ME should make sure to install downloaded updates. People using Windows 98 will have to manually go to the Windows Update site and scan for updates. Close open programs such as Word or Internet Explorer and disable your antivirus when installing.

8-7-04 - Contents:

1. Windows XP Service Pack 2

Windows XP Service Pack 2 ("SP2") is finally finished. A Service Pack is a collection of operating system patches and, in this case, improvements bundled into one installation. Everyone running Windows XP should upgrade to SP2. If Windows XP is not your operating system, this information does not apply to you.
According to Microsoft, SP2 should be available on Windows Update within the next two weeks. If you have your computer set to automatically download updates, you will get it. In the meantime, here is some further information to help you with this important upgrade:
1. SP2 will be available from Windows Update. Choose Express Install. If you are on dialup, you can order the CD for free or have Elephant Boy Computers install it for you. Even using Express Install, SP2 will be very large.
2. Your computer must be 100% virus and spyware-free before you install SP2. If you are unsure of whether your computer is clean, have Elephant Boy Computers take care of it.
3. Back up all your data to removable media such as CD-R, DVD-R, or external hard drives. If you don't know how to back up your data, Elephant Boy Computers is happy to teach you, although we cannot take responsibility for your data. Only you know what is important to you.
4. Turn off or disable all antivirus software and firewalls. Have no other programs running in the background. This means close any programs you have started, such as Outlook/Outlook Express, Office, etc. Obviously, if you are getting SP2 from Windows Update, you cannot close your browser and any Internet connection software.
Links to some Microsoft sites about SP2:
 Main page for SP2 information:
 Feature list:
 Overview of changes:
 Changes in Internet Explorer:
 Changes in Outlook Express:
 Changes in Windows Update:
 SP2 FAQs (Frequently Asked Questions):
 SP2 How-to:
 Where to order the CD:

Back to top

9-14-04 - Contents:

1. Windows XP Service Pack 2 Report
Service Pack 2 (SP2) has been out for a while now. I have updated many computers with little or no problems. The instances where we are seeing problems are usually when the computer was not 100% virus and spyware-free and when other normal precautions were not taken. As a reminder, here are some preparatory steps you should do before installing SP2:
1. Back up your data. This means copying your files - not your programs - to some sort of removable media, preferrably a cd-r or dvd-r. If you use specialized software and you are not sure how to back up data created in it, contact the program's tech support and find out. Go to the program's website and look for Frequently Asked Questions (FAQ's) or a support database. If some of your programs need to have data exported to a file - like QuickBooks or Outlook for instance - know how to do it and do it. You should be backing up your data regularly anyway. With proper preparation, your installation of SP2 will go smoothly, but you must always be prepared for the worst.
 2. Make sure your computer is 100% virus and spyware-free. This means you need a full-featured antivirus program installed. The version should be no earlier than 2003 and your virus definitions must be up-to-date. Remove spyware with free tools such as Ad-aware and Spybot Search & Destroy . It is best to run antivirus and spyware scans in Safe Mode.
 3. Do routine maintenance on your computer. Use Disk Cleanup (Start>All Programs>Accessories>System Tools>Disk Cleanup) to get rid of all temporary and Temporary Internet Files. Go into Safe Mode and run Defrag (Start>All Programs>Accessories>System Tools>Defrag).
 4. If you have a computer made by an Original Equipment Manufacturer ("OEM") like Dell, HP, Sony, Compaq, etc. go to the OEM's website and look for instructions how to update those systems to SP2. There may be proprietary drivers or software that needs to be patched before you install SP2. Laptops in particular use proprietary drivers and software.
 5. Review the programs you use on your computer. Go to their websites and see if there are upgrades you will need to do to make the programs compatible with SP2. For instance, Nero 6 needs several patches. If you have any specialized hardware, including peripherals such as printers, do the same thing. Go to the device manufacturer's website and search for information about how their product interacts with SP2.
 6. Now you know that your computer is clean and you have all necessary patches on hand, preferably burned to cd-r. When you install SP2, shut down all running programs and disable any antivirus. If your computer is not behind a router firewall and you have an always-on broadband connection, disconnect from the Internet by unplugging the ethernet cable from your computer's network card. A Windows computer that is not protected by a firewall and goes on the Internet will get infected by a virus in 20 minutes or less. That is the average infection time; it can take as little as a few seconds.
Some people are suggesting that you also disconnect all peripherals such as printers, pda's, etc. I did not disconnect the local printers on two XP machines here and had no problems, but it wouldn't hurt to be proactive and do this anyway. This is a major operating system upgrade and you want things to go as smoothly as possible.
Now you should be ready to install Service Pack 2. Here are some links to additional information to help you:
Main page for SP2 information: http://www.microsoft.com/windowsxp/sp2/default.mspx
Are You Ready for WinXP SP2?:  http://support.microsoft.com/default.aspx?pr=windowsxpsp2
Feature list: http://www.microsoft.com/windowsxp/sp2/features.mspx
Overview of changes: http://www.microsoft.com/windowsxp/sp2/technologiesoverview.mspx
Changes in Internet Explorer: http://www.microsoft.com/windowsxp/using/web/sp2_ie.mspx
Changes in Outlook Express: http://www.microsoft.com/windowsxp/using/web/sp2_oe.mspx
Changes in Windows Update: http://www.microsoft.com/windowsxp/sp2/whatsnewforwu.mspx
SP2 How-to: http://www.microsoft.com/windowsxp/sp2/howto/default.mspx
Where to order the CD: http://www.microsoft.com/office/ork/xp/journ/Oxpsp2cd.html
Most computer and office supply stores have SP2 cd's available also.
And some other useful sites:
http://forum.aumha.org/index.php -See SP2 forums

Back to top

9-19-04 - Contents:
1. Arrrr, Matey!
2. Windows Update reminder
3. Antivirus subscriptions reminder
1. Lest we forget - today, September 19th, is Talk Like A Pirate Day:
Shiver me timbers! Arrrrrrr!
2. This is just a reminder: all of you using older Windows operating systems need to go to Windows Update on a regular basis. New, severe vulnerabilities have been discovered and there are patches for them. Those of you with Windows XP with Automatic Updating turned on should already be getting notices that updates are available and/or ready to install. Don't forget to do this. If you have already applied Service Pack 2, this does not mean there will be no more updates!
3. Remember, an antivirus program is useless if the virus definitions are not updated. Make sure the program version you are using is not earlier than 2003 and that your subscription is current. You are not protected if your virus definitions have not been updated since 2002! Your antivirus program should be updating the definitions at least once a day.
To find out the version, subscription, and virus definitions information, open the antivirus program and look at its status. The information will be displayed differently depending on your program, but it will be there. Look for it and take action to update if needed.
Yo ho!

Back to top

9-25-04 - Contents:
1. Update for JPEG vulnerability
1. This is a quick reminder that there is a rather serious vulnerability in the way that Windows handles JPEG image files. Naturally, there is now a toolkit for the bad guys to exploit the vulnerability.  Here is a link to an article at The Register that describes the issue:
Even if you have Windows XP with Service Pack 2 applied and automatic updates enabled, you should go to Windows Update yourself. The easiest way is to open Internet Explorer and use the Windows Update entry found under the Tools menu. Anyone running an older Windows operating system needs to manually update their computer at Windows Update.
On each of our XP systems here, all of which have SP2, I had to go to Windows Update, which scanned and then downloaded a tool to see if the system was vulnerable to the GDI+ buffer overrun. Then I got a prompt that the system was vulnerable because MS Office products are installed, and following the "wizard" took me to the Office homepage. There, I clicked on Check For Updates, which does the same thing for Office as Windows Update does for the operating system. I was then prompted to download and install the patches. You may need your Office installation cd, so have it handy.
Remember, you need to be proactive with your computers. Regularly check for updates for your operating system and important programs.
Back to top

10-31-04 - Contents:

1. Betrayalware
2. Malware removal steps
1. Betrayalware - As most of you know, spyware has become a huge problem for Windows users. At its most benign, spyware is responsible for giving you all those horrible popups when you surf. More evil spyware can hijack your homepage, change your hosts file so you can't get to anti-spyware websites, and open your computer to all sorts of pornography and trojan horse viruses. The situation has gotten so bad that most of us techs have started referring to spyware and the like as "malware". If you need a refresher on what spyware is, here's a link to information on my website and some other useful sites:
 http://www.safer-networking.org  - Spybot Search & Destroy
 http://www.lavasoftusa.com - Ad-aware
 http://forum.aumha.org - look under "Security" for various forums
 http://www.aumha.org/a/parasite.htm - The Parasite Fight
In their desperation to rid themselves of these vile parasites, users will download and install programs that they are trusting to remove the spyware but which in reality put even more spyware on the system. We techs have taken to calling these rogue programs "betrayalware".
Just today it has come to my attention (thanks to the efforts of MS-MVP's Randy Knobloch and Eric L. Howes) that a formerly trustworthy program, Aluria, has apparently gone over to The Dark Side. Here is a link to the discussion that took place on the BroadbandReports.com forum (another great resource, by the way):
It provides a very clear description of what Aluria has done and the danger this poses for the anti-spyware industry and end users. It is well worth taking the time to read through this. You need to know how to protect your computer and your data.
Here are some links to sites where you can find good information about what programs are really betrayalware:
http://www.spywarewarrior.com/rogue_anti-spyware.htm - Eric L. Howes' fine work
2. General malware removal steps:
1) Scan in Safe Mode with current version (not earlier than 2003) antivirus using updated definitions;
2) Remove spyware with Spybot Search & Destroy and Ad-aware. These programs are free, so use them both since they complement each other. There is a new version of CWShredder from http://www.intermute.com/spysubtract/cwshredder_download.html. I would not install the other Intermute programs, however. Alternately, there are CoolWebSearch malware removal steps at http://www.silentrunners.org/sr_cwsremoval.html. A combination of HijackThis and About:Buster (http://www.majorgeeks.com) works well in removing homepage hijackers.  Always read the instructions before running a spyware removal tool. Be sure to update these programs before running, and it is a good idea to do virus/spyware scans in Safe Mode. Make sure you are able to see all hidden files and extensions (View tab in Folder Options);
3) If you are running Windows ME or XP, you should disable/enable System Restore because malware will be in the Restore Points. With ME, you must disable System Restore completely. With XP, you can delete all but the most recent (presumably clean) System Restore point from the More Options section of Disk Cleanup (Run>cleanmgr).
4) Make sure you've visited Windows Update and applied all security patches. Do not install driver updates from Windows Update;
5) Run a firewall.

Back to top
EBC Current Reports

1-01-05 - Contents:

1. Happy New Year!
2. Security and maintenance comments

1. Happy New Year everybody! I hope you all had a wonderful (insert name of holiday here) and that 2005 brings you much joy and good things.

2. I was going to write a summary of all the things you should do to keep your computers safe in 2005, but I see that Scott Granneman of Security Focus has
written a perfect article for The Register that does everything I wanted to and more. Here's the link:


In addition to Mr. Granneman's excellent suggestions, here are a few more:

a. Keep your operating system patched. If you have Windows XP or ME, you should have Automatic Updates turned on. If you are still running Windows 98 (not that
there's anything wrong with that!), make sure you visit Windows Update on a regular basis.

b. You should also regularly check for updates to other software you use by going to the product's website and looking. Applications that are actively maintained will often have security updates available for free. Examples are MS Office, Adobe Reader, Java, alternate browsers (Mozilla, Firefox, Opera), and alternate email clients (Eudora, Thunderbird).

c. Keep your computers well maintained, physically and from within the operating system. Heat and dust are the great enemies of computers. When cleaning a computer, always have it unplugged (not just turned off) and use compressed air to blow the dust out. Use short puffs of the air rather than sustained ones to avoid creating moisture. Make sure the insides are completely dry before turning the computer on again! Electricity and moisture don't play nicely together. Don't touch the delicate components inside, and if you must touch anything make sure you've discharged any static electricity by grounding yourself first. Static electricity shocks that don't bother us humans will fry computer components.

For Windows maintenance, refer to the Maintenance section of this website.

d. Always have a full-featured antivirus installed. Make sure it is a current version, preferrably at least 2004 and that your virus definition subscription is up-to-date. Anyone running an antivirus from 2003 (or older) with a current subscription should replace the program when the subscription expires.

e. Always run a firewall. Windows XP comes with a firewall, and the version in Service Pack 2 is superior to the original one. However, the built-in Windows Firewall is not as good as third-party firewalls. ZoneAlarm and Sygate make excellent firewalls and the free personal versions they offer are all you need. If you run a third-party firewall, disable XP's - you only want one software firewall running.

Of course, Elephant Boy Computers is always happy to take care of your silicon-based lifeforms, so don't hesitate to call for service.

Happy New Year!

Back to top

1-16-05 - Contents:

1. Security updates support timeline for Windows XP
1a. Support Life Cycle information for Microsoft operating system
2. Support for Grisoft's AVG antivirus software
3. Support for Computer Associates' EZ-AV software
4. Microsoft's Windows AntiSpyware Tool (Beta)

1. Security Hot Fix support for XP RTM (Release to Manufacturing; i.e., no Service Packs installed) from Windows Update ended on September 30, 2004. To get continuing security updates from Windows Update, you will need to apply at least Service Pack 1. Security fixes for XP (both Pro and Home) with Service Pack 1 will be discontinued on September 17, 2006. If you have no Service Packs applied, it would be far better to apply Service Pack 2.

You must prepare your computer properly to install Service Pack 2 (SP2). Difficulties arise when a) the computer is not 100% spyware and virus-free; b) you have an OEM computer (HP, Sony, Compaq etc.) and have not applied manufacturer-supplied patches; c) you have programs installed that are incompatible with SP2 such as virtual drive software like Alcohol 120%. Here are links to help you with SP2:

Are You Ready for WinXP SP2?

Order XPSP2 cd

Visiting a Service Center to Get SP2

SP2 links to OEM's

http://forum.aumha.org/index.php - See SP2 forums

Of course, Elephant Boy Computers is happy to install SP2 for you. Just give us a call.

1a. For your convenience, here are links showing Microsoft products Life Cycle:


2. Support for AVG 6 free antivirus is ending February 15th. Everyone one using AVG 6 should upgrade to AVG 7.


3. Those people using Computer Associates EZ-AV should also check to see what version they are running and upgrade to the newest version if applicable. Here is a link to their website:


Remember, in order to be effective your antivirus must be a current version (not earlier than 2003) using updated definitions. This means that your subscription must be up-to-date. I can't tell you how many infected computers come in where the client is running the antivirus software that came preinstalled on his/her computer years ago. In those cases, the program was never upgraded and the subscription expired long ago. Those computers are most definitely not protected!

4. As you may know, Microsoft has recently purchased antispyware technology from Giant Software. The program, now known as "Microsoft Windows AntiSpyware" (MAS) is available for download. HOWEVER, please note that this program is still in beta. In non-technical terms, that means it isn't cooked yet. It is extremely unwise to install beta software on production machines. If you feel you would like to try MAS, make a System Restore point before installing it. Older Microsoft operating systems - Windows 9x/ME - are not supported. Here is a download link:


Information and support for MAS Beta can be found through the following Microsoft newsgroups:

 - microsoft.private.security.spyware.announcements
 - microsoft.private.security.spyware.appcompat
 - microsoft.private.security.spyware.general
 - microsoft.private.security.spyware.install
 - microsoft.private.security.spyware.networking
 - microsoft.private.security.spyware.signatures
 - microsoft.private.security.spyware.onlinecommunity

These newsgroups can be accessed via NNTP or HTTP. To access these newsgroups using HTTP, please go to the following location:


To access these newsgroups using NNTP, please use the following information for your NNTP client (such as Microsoft Outlook Express):
 - NNTP Server: privatenews.microsoft.com
 - Account name: privatenews\spyware
 - Password: spyware

NOTE: No password will be required via the HTTP link.

When removing spyware, more than one antispyware program is required. All tools should be current with updated reference files, and all scans should be done in Safe Mode. Should your computer become infested, remember that we here at Elephant Boy Computers are extremely skilled at removing malware. Simply call for an appointment.

1-24-05 - Contents:

1. Reminder that NT 4.0 has reached its End of Life
2. How to tell what Service Pack level you have
3. Recovery cd's on OEM machines, etc.

1. In the last EBC Report, I wrote about the End of Life timetables for various Microsoft products. This information was posted by Microsoft for their NT 4.0 Server operating systems. If any of you are still using NT 4.0 Server at work, it is time to think about upgrading to one of the many varieties of Windows Server 2003. You will probably need to upgrade the hardware in order to do this. Here is the Microsoft post:

"This update provides important information about end of publicly available support for Windows NT 4.0 Server and Windows NT 4.0 Terminal Server.

"As Windows NT 4.0 is now out of support, security fixes for Windows NT 4.0 Server and Terminal Server will no longer be produced after January, 2005. Any security fixes that were in the process of being fixed during December for Windows NT 4.0 Server and Terminal Server will be available during the January, 2005 regular security update release.  However January represents the last month security fixes will be available for Windows NT 4.0 Server, Windows NT 4.0 Terminal Server and Windows NT 4.0 Workstation without
Customer Support Agreements in place. 

"Custom Support Agreements for Windows NT 4.0 line of products are still available to customers that need them. Please contact your Technical Account Manager or Account Manager is you are interested in pursuing this option."

Just thought you should know.

2. I had a call from a client who, after reading the last EBC Report, wanted me to install Service Pack 2 for her. I asked her to please check to make sure she didn't already have it, and sure enough she did. So for those of you who don't already know how to find your operating system and Service Pack level:

a. Find the My Computer icon on the desktop, right-click it and then left-click on Properties


b. Go to Start>Settings>Control Panel and find the System applet. Double-click it to open it. On the first tab - the General tab - you will see your System information and Service Pack level. It will say something like:

Microsoft Windows XP
Professional (or Home)
Version 2002
Service Pack 2 (if no Service Packs are listed, you need to get updated!)

3. Once again, one of my good clients has gotten bitten by HP's cheap tactics. HP does not care to spend the pennies to provide their customers with a physical Recovery cd. Instead, there is a special recovery partition on the hard drive. My client's hard drive died, so she naturally called HP to replace it. I installed the new drive, and much to our surprise, HP had shipped her a completely blank hard drive without the recovery program. I called HP tech support and was told, "Didn't she (the client) make Recovery cd's?" Of course she hadn't; she hadn't even known she could. Naturally she had to order the Recovery cd's so she would have an operating system to install. HP banged her for an additional $25.00 to do this.

So this is a heads-up for all of you with HP computers: some of the recent HP computers will allow you to create physical Recovery cd's. You should definitely do this. Refer to the manual that came with your computer for how to do this. If you have one of the older models that do not allow you to create the Recovery cd, it would make good sense to call HP tech support and spend the $25.00 to have the disks on hand. You don't want to have to get a new hard drive and pay $100.00 for a retail copy of Windows XP.

To be fair, HP isn't the only OEM that doesn't provide a physical cd. My IBM laptop did not come with any physical media (boo! hiss!). Be aware of what is included when you are buying a computer. An OEM (Original Equipment Manufacturer) who is selling a computer with a preinstalled Microsoft operating system legally must provide the customer with a way to reinstall Windows. That can take the form of:

1. Physical operating system cd's (Dell is the only big OEM that still does this as far as I know, and that's why I recommend them);

2. Physical Recovery cd's which will take the system back to factory-condition;

3. Hidden or special partition on the hard drive which will take the system back to factory-condition.

If you buy a computer with a Microsoft operating system, you must have one of the above ways of reinstalling Windows. In all cases, you will be provided with a Product Key. This is usually on a sticker on the back or side of an OEM desktop case and on the bottom of a laptop. Do not lose this key! You cannot reinstall Windows without it. If a private party sells you a computer with Windows preinstalled, he must give you the Product Key and operating system software or you have an illegal copy of Windows.

2-10-05 - Contents:

1. Microsoft Patch Tuesday
2. Vulnerabilities in alternate browsers
3. Vulnerability in Symantec's products

1. This past Tuesday was the Monthly Microsoft Patch day for their operating systems. As always, people with Windows 2000 and XP should have Automatic Updates set. People running Win9x/ME should go to Windows Update and patch their systems. Windows Update might be slow because of heavy demand, so if you have trouble getting through just try again later or the next day. Don't forget to do it, though!

2. A rather serious vulnerability in alternate browsers such as Mozilla, Firefox, and Opera was recently discovered where an url could be spoofed using international characters. Here is the write-up from Secunia:  http://secunia.com/multiple_browsers_idn_spoofing_test/

As far as I know, patches are being written for Mozilla and Firefox although www.mozilla.org doesn't have anything for download that I can see yet. Opera has said their browser is not affected and does not plan to issue patches; however, it has been proved that their browser is susceptible. In the meantime, users of those browsers should be careful and can follow the workarounds outlined on Secunia's website when going to sites that might be spoofing targets, like PayPal, eBay, or online banks.

While Microsoft's Internet Explorer is not vulnerable to this particular spoofing exploit because it doesn't handle international characters in a standard way, this isn't a reason to use IE. IE still has enough holes in it that it should only be used for those sites where no other browser will work, such as Windows Update. Friends don't let friends use IE.

3. There is a highly critical vulnerability in many Symantec products such as Norton Antivirus and Symantec corporate security software. Here is the write-up from Secunia:


Go to Symantec's website here:

http://www.sarc.com/avcenter/security/Content/2005.02.08.html  or  http://www.symantec.com/techsupp/

or use Live Update to patch any vulnerable Symantec software on your systems.

The lesson in all this is that even if you are not an IT professional, you need to know what software you have installed on your computer and occasionally go to the manufacturer's website to check for product patches and upgrades.

Back to top

2-27-05 - Contents:

1. Program updates to plug vulnerabilities - Firefox and TrendMicro
2. New email scam purporting to be from FBI
3. Explanation of beta software
4. Windows XP System Restore

1. Just to let you know that Firefox has a new version available for download to plug various security holes. Firefox users should update. See the announcement
here: http://www.mozilla.org/press/mozilla-2005-02-24.html

TrendMicro has also announced that it has updates to close vulnerabilities in many of its antivirus/security products. Here is information about the vulnerability from SecurityFocus: http://www.securityfocus.com/bid/12643

This information is pretty technical, so if you don't care about the details, just make sure you update your TrendMicro products.

2. We remind you fairly frequently that Microsoft never sends out emails with attachments purporting to be a security patch. If you forgot, consider yourself reminded again. A new twist on this old favorite has arisen whereby the email will appear to come from the FBI. The email tells the recipients that their Internet use has been monitored by the FBI’s Internet Fraud Complaint Center and that they have accessed illegal web sites. The recipient is told to open the attached "questionnaire" which of course contains a virus. Here's the FBI press release: http://www.fbi.gov/pressrel/pressrel05/022205.htm

3. As you probably know, spyware infestation is a huge problem for Windows users. Microsoft recently bought Giant Antispyware and has been busy fine-tuning the program for Windows 2000 and XP (it will not run on Win9x/ME). The application, known as Microsoft AntiSpyware (you'd think with all those billions of dollars the company could come up with a catchier name!), which is still in beta is available for free download. I want to explain very clearly to all of you that beta software means "software that isn't cooked yet". Application development goes through a series of phases before it is ready for public consumption. Roughly, they are:

a. Kicking around the idea before writing the code.

b. Alpha - a very "rough draft" of the program.

c. Beta - a less "rough draft" of the program. There may be several betas. A beta may be offered to private beta testers or public beta testers. The purpose of beta testing is to see what the program breaks when used on a wide variety of computers. The beta testers report problems back to the company so bugs can be fixed.

d. RC1 - Release Candidate 1 is after beta but before the program is absolutely finished. Again, the program is being tested for bugs. There may be an RC2 if a lot of bugs are still found in RC1.

e. RTM - Release to Manufacturing is the finished product. If a serious bug is found when the program is out in the real world - being used in "the wild" - or if a vulnerability is found, the company will write patches.

Here's the thing to really remember - never install beta software on a production machine. I can guarantee you there will be tears before bedtime. I think MSAS will be quite a good product; it looks promising. But I've seen it break Outlook's ability to get email, disable the Windows Firewall, and various other showstoppers. I'll definitely get MSAS for my Windows machines, but not until it's out of beta.

4. I was at a client's the other day (hi, Phil!) and it came out that he didn't know about XP's System Restore. Maybe some of you also don't know about this useful XP tool. Windows ME had a rudimentary System Restore whereby if you messed up your computer but weren't really sure what you did wrong (maybe you left your kindergartner alone with the computer), you could restore the system to an earlier date when things worked. The ME version wasn't that reliable.

XP's System Restore is more sophisticated and implemented better. It isn't perfect, but most of the time it does exactly what it should - helps you unwind from a mistake and go back a few days. You can create a Restore Point before installing a program and if things don't work out, go back to that Restore Point. Doing a System Restore is not a substitute for backing up your data.

To run System Restore, go to Start>All Programs>Accessories>System Tools and click on System Restore. To learn more about System Restore, start XP's Help &
Support and you will see the topic under "Pick A Task".

Back to top

3-20-05 - Contents:

1. Vulnerability/patch for Limewire
2. New anti-phishing consortium
3. Nasty file-sharing/MSN Messenger worm
4. Darwin Awards

1. Although I strongly suggest not using file-swapping programs, anyone using LimeWire should UPDATE YOUR CLIENT to 4.8.0 or above! There is a new serious vulnerability in the program as follows:

Logo-image port vulnerability (Affects versions 4.1.2 - 4.5.6, inclusive). Magnet port vulnerability (Affects versions 3.9.6 - 4.6.0, inclusive). The vulnerabilities allow anyone on the network to read any file on a machine that is connected to the Gnutella network with the LimeWire client. The first vulnerability can be exploited even if the host is behind a firewall. A simple telnet client is sufficient to take advantage of these vulnerabilities.

2. There is a new and interesting consortium that has been formed to fight phishing. "The Anti-Phishing Working Group (APWG) is the global pan-industrial and law enforcement association focused on eliminating the fraud and identity theft that result from phishing, pharming and email spoofing of all types."  The group is sponsored by companies such as Microsoft, Visa, and Symantec to name just a few. There is a lot of excellent information at the site, including reports on the latest phishing schemes and a way to report phishing attempts.


3. There is a very nasty worm that spreads through file-sharing networks and MSN Messenger. It immediately breaks all antivirus software, disables Administrative tools, and sends copies of itself to all your MSN Messenger contacts. Here is information on the worm from Symantec (Norton Antivirus):

"Sky Devil" MSN Messenger/File Sharing worm:

In order to protect yourself, make sure:

a. You have a current version antivirus - not earlier than 2004* - installed on your computer. Make sure that your subscription to the virus definitions has not expired and that the virus definitions are up-to-date.

* If you have antivirus that is version 2003 with a current subscription, when the subscription runs out do not just renew the subscription. Replace the older antivirus with a current version one. Elephant Boy Computers can suggest a good replacement.

b. You know you aren't supposed to open attachments that come in email unless you are absolutely sure you are expecting them and you have antivirus protection in place. You are also not supposed to accept files via your instant messaging program. Running a program you got from an instant messaging contact isn't any different than running a program you get in an email attachment.

Stay Safe - Practice Safe Hex

4. For those of you with a twisted sense of humor (like me), we have a new Darwin Award to enjoy:


Darwin Awards celebrate those individuals whose amazing acts of stupidity have removed them from the gene pool.

Back to top

4-28-05 - Contents:

1. Multiple vulnerabilities in Firefox browser
2. Microsoft April Windows Updates
3. Transferring data from an older computer to a new one

1. If you are using the Firefox browser, you should upgrade it to the latest version. Here is a brief description of the vulnerability from Secunia:

"A vulnerability has been discovered in Mozilla Firefox, which can be exploited by malicious people to gain knowledge of potentially sensitive
information. The vulnerability is caused due to an error in the JavaScript engine, as a "lambda" replace exposes arbitrary amounts of heap memory after the end of a JavaScript string. Successful exploitation may disclose sensitive information in memory."

Read more here:  http://secunia.com/advisories/14820/

Get the latest version of Firefox here:  http://www.mozilla.org/products/

2. Make sure your operating system is patched with April's security updates from Windows Update. Those of you running XP with Automatic Updates turned on are already covered. If you have your system set to manually update or you have a computer running an older supported operating system (Windows 98/ME), go to Windows Update. Important things to remember about updating Windows:

a. Never get patches for Microsoft operating systems from anywhere except the official Windows Update site. Do not use non-Microsoft web sources for updates.

b. Look at the updates that are being offered to you. With Automatic Updates, you will be presented with a dialog box that gives you two choices: Express Install and Custom Install. Always take the Custom Install to be sure you are only installing security updates and the monthly Malicious Software Removal Tool. Do not install driver updates from Windows Updates.

c. Microsoft never sends emails with attachments. If you receive an email purporting to be from Microsoft with an attached "security patch", delete it. The "patch" is a virus and the email is from The Bad Guys.

3. I am seeing a lot of clients with older machines running Windows 98/ME who are ready to replace their computers with new ones running
Windows XP. The question of how to transfer their data from the old computer to the new one comes up a lot. There are various ways to do this.

First, understand that except for very old DOS programs (which may or may not work with XP), you cannot just copy a program's folder from one computer to another. Programs need to be installed on the new system with data created in the program transferred. You install the program from whatever installation media you have - either cd's or the executable file if this is a program you downloaded from the Internet. What you want to transfer (and what you should be backing up on a regular basis) is your data; i.e., your documents, pictures, music, Quicken or QuickBooks data, addressbooks, emails you wish to save, your Great American Novel.

Remember, in order to open your data on the new computer, you will need to install the program in which you created the data (or a different program that is capable of reading the data). In other words, if you have documents that you created in Microsoft Word, you will need Microsoft Word installed on the new computer or another word processor that can read the MS Word file format such as Corel WordPerfect or

a. Files and Settings Transfer Wizard (F.A.S.T.) - Windows XP has this function which is supposed to do exactly what its name implies - transfer your data and settings from programs like Outlook Express to the new computer. Sometimes it works. Here is a very detailed and
excellent article about F.A.S.T. by MVP Gary Woodruff. The article also briefly discusses the issue of transferring settings from Outlook Express and links to MVP Tom Koch's OE site for more information on that:  http://aumha.org/win5/a/fast.htm

b. Copy your data onto removable media and then paste it where desired on the new computer. Removable media includes floppy disks (worst choice), cd-r's or an USB thumb drive. Be aware that since floppies are rapidly becoming obsolete, most new computers do not come with a floppy drive as standard. You can buy a USB floppy drive in this case. If your old computer doesn't have a cd burner, then the USB thumb drive will be your best bet.

c. If the old computer doesn't support USB, like Windows 95 or older (could you still have an old Windows 3.1 computer around?!), then the
hard drive from the old computer can be removed and slaved in the new computer so that the data can be copied off from within Windows XP. If desired, the old drive can be left as slave and formatted to be used as extra storage.

Back to top

5-02-05 - Contents:

1. Instant Messaging viruses

1. Although you may be careful about not opening attachments in email, don't forget that good security practices also apply to using Instant Messaging ("IM") software. Some examples of IM programs are AOL Instant Messenger ("AIM"), MSN Instant Messenger and Yahoo Messenger. You can get a virus through IM by accepting files or by clicking on a link that takes you to a website that immediately downloads an infected file. Accepting files in IM is just as risky as opening an email attachment. If your antivirus is a current version (not earlier than 2004) and its virus definitions are up-to-date, it should flag and block the infected file immediately. But remember, your antivirus can only catch those viruses which it already knows about - if the virus is a new one and no virus definitions exist yet, your computer will be infected.

Here are some tips on using your IM program safely:

a. Make sure you have the latest version of your IM software. Go to the program's home webpage and check for updates, then download and install any.

b. Make sure your Windows operating system is patched via Windows Update.

c. Set your IM program's preferences to not automatically download files. You may decide to not allow any file transfers at all. Examine the options carefully and then set up your IM software the way you feel is best for you. Don't just accept the defaults without looking at what they are.

d. Use a strong account password and change it occasionally. Don't tell anyone your password.

e. Don't send credit card numbers, Social Security Numbers, or any other vital information over IM.

f. Don't open attachments or click on Web links sent by someone you don't know. Be cautious even if the link is from someone you do know. Just because your buddy thinks "this is a cool site" doesn't mean it is cool or safe. You don't know where he heard about it. If you decide to go to that site, hover over the link with your cursor before clicking it to check whether the Web address seems legitimate. If you have any doubts at all, don't go there!

g. Don't send files over IM unless you have no other alternative, and never send files containing information you want to keep private.

h. Be wary of odd behavior from people contacting you over IM, just as you would in person. If someone on your allowed list is sending strange messages, end your IM session and contact them over the phone or on email. All IM programs have the ability to block certain people and to provide you some protection from contact from strangers. Again, look at the program's options/preferences.

i. Make sure your antivirus is a recent version and your subscription is current.

Even if you don't use IM, if your children are older than toddlers they do. Talk openly with your children about IM. Teach them how to stay safe just like you taught them not to talk to strangers in Real Life(tm). Share the information above with your children to help them practice "Safe Hex" with IM and also:

a. Talk to your children about IM safety, warning them specifically about the dangers of talking with strangers over IM. Teach them the old Internet adage -  "On the Internet, nobody knows you're a dog".

b. Make sure your family's IM profiles do not contain personal information - especially phone numbers, addresses, photos, or anything that could connect your children with their IM identities. Make sure your children's IM programs preferences are set for safety.

c. Show interest in your children's online life. Get to know their online friends the same way you'd get to know their local friends. Be aware of what your kids are doing and saying.

d. Know your children's IM member names and the names of their online buddies.

There are ways of knowing exactly what your children are doing on a computer, but the best way is to have open communication with them.

Back to top

5-14-05 - Contents:

1. Patch for new Firefox vulnerabilities
2. Patch for new iTunes vulnerabilities
3. How you got the spyware

1. Three new critical vulnerabilities in the Firefox browser have come to light. Here is an article by Robert Lemos of Security Focus: http://securityfocus.com/news/11155

All Firefox users should upgrade the browser to the latest version: http://www.mozilla.org/products/firefox/

2. A serious flaw that could allow a classic buffer overflow attack was discovered in Apple's iTunes program. Here is an article by John Leyden: http://securityfocus.com/news/11153

All iTunes users should update to version 4.8: http://www.apple.com/itunes/

3. I had just finished removing malware from a client's computer. Reasonably, she asked, "How did we get this? I thought we were being so careful!" In her case, I was able to pinpoint a download by her son or daughter from Smiley Central, a known supplier of spyware along with their cutesy icons. Spyware "vendors" definitely target children. There have been articles about this in the popular press - here's one from MSNBC News: http://www.msnbc.msn.com/id/7735192/

The article quotes Ben Edelman, a highly-respected member of the anti-spyware forces. If you really want to have your eyes opened to the miserable state of things in our War Against Malware, spend some time on Mr. Edelman's site: http://www.benedelman.org/

You will be amazed and appalled. It will also help you stay safe by knowing some of the dirty tricks the Bad Guys will try to play on you.

Back to top

6-2-05 - Contents:

1. MYTOB worm (and others) use social engineering
2. New versions of Spybot Search & Destroy (1.4) and Ad-aware (1.06)
3. Very interesting article SpywareInfo article today

1. There is a new worm out that uses social engineering to get a user to run the virus executable. Like many other viruses, it comes as an attachment to an email. Once the computer is infected, as is common with these types of worms the virus will use its own email engine to send messages with an attached copy of itself to all email addresses on the hard drive. There are always new viruses, but the main reason I wanted to write you about this is the social engineering aspect. "Social engineering" means in effect tricking the victim into doing something harmful to them - in this case opening the attachment and running the infected executable.  Here is a link to Symantec's writeup on this particular worm:


If you scroll down, you will see that the virus comes attached to an email saying something about your email account having a problem. The email looks and sounds "official" and a busy or less-aware user might become alarmed and fall for the trick. This technique of social engineering is used a lot by The Bad Guys, and some of the recent (and quite destructive) malware that is coming from Instant Messaging programs uses it also. A "buddy" will send you (or your teenager!) a link to something "cool". The victim will click on the link and automatically download and execute something really nasty. Remember, you can protect yourself by:

a. Above all, practice Safe Hex. Do not open email attachments. Do not click links or download a program from within an Instant Messaging program. Do not be seduced by The Dark Side into clicking on those flashing banners on websites.

b. Always have a current version (not earlier than 2004 and with an active virus definition subscription) antivirus program installed. Remember that you still need to practice Safe Hex because if you run an infected executable for which a virus definition has not yet been written, your computer will be infected.

c. Be wary of messages purporting to be from "official" sources such as Microsoft, your bank, and your Internet Service Provider. Remember that those companies will never send you an email with an attachment or ask for your password and/or other personal information in an email.

2. There are new versions of Spybot Search & Destroy and Ad-aware ready. You should uninstall previous versions of Spybot before installing the new version. If you have customized your version of Spybot by using Internet Explorer protection, Hosts protection, and/or TeaTimer turn off those features before uninstalling. Then use Add/Remove Programs to uninstall the program. Afterwards you may need to delete the Spybot folder in Program Files. Then you are ready to install the new version 1.4.

The Ad-aware installation will automatically uninstall the older version.

Spybot - http://www.safer-networking.org/en/download/index.html
Ad-aware - http://www.lavasoftusa.com/

3. The June 2nd edition of the SpywareInfo newsletter is particularly interesting. Mike Healan (the author) describes what can happen when the user clicks "Yes" and allows one ActiveX Control to install from a dodgy website. Mike goes through what he had to do to clean up his computer, and this will give you some idea of what I do for my clients. It takes less time for me and I'm more efficient than Mike was in this instance because I do this kind of work all the time, but if Elephant Boy (or any other tech) has cleaned up your machine you will now get a taste of what we have to do. I don't charge $70/hour like the techs in Mike's area, though. Hmmm.... ;-)


Back to top

7-10-05 - Contents:

1. Microsoft reportedly in talks to buy Claria and the resultant fuss
2. London Bombing Trojan
3. Warning over unpatched IE bug
4. Reminder about free viewers, pr0n sites and betrayalware - how to tell how you got the crud

1. The big news in antispyware-warrior circles is that Microsoft is reportedly in talks to purchase Claria, the company responsible for the infamous Gator and for suing antispyware sites for saying that Gator is spyware. No one is really sure why Microsoft would want to do this, but it has been noticed that the beta MS Antispyware tool ("MSAS") has downgraded Claria/Gator infestations to "ignore". Here is an article by the always-excellent Benjamin Edelman about it:


and another from the sometimes inflammatory but always-interesting The Register:


I don't recommend putting beta software on production computers. "Beta" means software that isn't finished yet and is still in the bug-checking phase. Even though Microsoft has offered MSAS as a free download (and it looked like a promising antispyware tool), I don't put it on my customer's machines. Downgrading the Claria threat (which is not a rumor - this has really been done) makes this tool suspect in my mind. It will be interesting to see how this whole thing plays out, but if MS really does buy Claria the value of MSAS is questionable. Companies producing antispyware software have to be very careful about their ethics and connections; it's the old "fox in the henhouse" thing.

2. As an illustration of just how low some people can go, there is a virus-laden email circulating purporting to be about the tragic bombings in London. The email poses as a CNN newsletter with an attached "news video". Of course the attachment is nothing of the sort but is rather a trojan horse that will turn the victim's computer into a spam-spewing zombie. Here's an article about this:


Remember, I've always told you not to open attachments that come in email unless you are absolutely sure it is something you've requested from the sender. Even then, you take a chance. Keep your antivirus software updated and be wise about what you allow to run on your computer.

3. Here's another entry in the "friends don't let friends use Internet Explorer" category:


I would expect Microsoft to patch this IE vulnerability soon (the next series of Windows Update patches is scheduled for this coming Tuesday, July 12), but it would be wise to use a different browser instead. We use Firefox and Mozilla on the Windows machines here. Using an alternate browser doesn't make you bullet-proof - other browsers can have their own vulnerabilities and you have to check for updates on their home sites regularly. However, I still believe Internet Explorer is not a Good Choice and should only be used if a website you absolutely need to visit only works with IE (stupid webmasters, but it happens). Remember, those of you not running Windows XP, Windows 2000, or Windows ME (or if Automatic Updates are not on) should regularly visit the Windows Update site for patches and manually update.

4. I recently cleaned up a client's machine that was badly infested with the Aurora-Nail malware (and other crud). My client was beside herself because we had just gone through an intensive cleaning a few months ago. She only visits "good" websites, uses Firefox instead of IE, and has current antivirus software. "How did this happen?" she wailed. Well, it was a lovely Sherlock Holmes exercise to look at the browsing history in both Firefox and IE. There we found that someone in her household had gone to Google and searched for pr0n* sites. It was completely clear that the person then went to those sites and downloaded a "free viewer" with which to view the movies offered. Of course the "free viewer" came with a trojan horse and now the computer was infested. The resultant crud downloaded more crud, which downloaded more crud, and so on. The person now panicked and clicked on an ad for SpySpotter to remove the malware. SpySpotter is malware itself, and falls into the "betrayalware" category; i.e., it is one of those ugly programs that pretends to be a malware-remover but is itself malware. You can research rogue antispyware on MVP Eric Howes' excellent site here:


You can look at your browser's history like this:

In Internet Explorer, you may have a History icon or on the menu bar go to View>Explorer Bar and click History. To clear the History, go to Tools>Internet Options and on the General tab you'll see a History section with a button to Clear History. The default is to keep the History links for 20 days. You can change this if you like.

In Firefox, to see the History on the menu bar go to View>Sidebar and click History. To clear the History, go to Tools>Options and click on the Privacy icon on the left. There is a Clear button, and the default is also to keep files for 20 days, which you can change.

Of course, a computer-savvy surfer will know about this and clean up after him/herself. There are still ways to find out where someone has been surfing, but we'll leave that for the computer forensics specialists. Most young children and many teens will not know about clearing the History so it is a good place to start looking if you suspect there is an issue you need to address.

*You will often seen "pr0n" used as a substitute for "substitute the zero with the letter o and switch the position of the letters r and o and you'll get the word. This is done because many people have mail servers (particularly schools and businesses) that will bounce emails with naughty words in them. So because I want you to have this information, we have to allow for that possibility in the email version of EBC Reports.

Back to top

7-13-05 - Contents:

1. New version of Firefox, watch for updates to Thunderbird.
2. Microsoft-Claria deal is dead.
3. Patch Tuesday yesterday.
4. Apple updates to Tiger

Just a quick update for you all:

1. There is a new version of the Firefox browser which takes care of some recently discovered vulnerabilities. Here is a link:


If you use the Thunderbird mail client, visit Mozilla.org occasionally and check for updates to that program. None are available as of this writing, but the T-bird coders are apparently working on a new version.

As for the new Firefox, if you use Roboform with the Firefox plug-in, you might want to hold off on updating. There was a report that after updating to Firefox 1.05, Roboform and then Foxfire crash on pages where Roboform is active.  Reverting to 1.04 solved the problem for the person reporting the issue. Check on Roboform's website for news and updates to their program.

2. Good news, everyone -  the Microsoft-Claria deal is dead. Apparently somebody at Microsoft woke up and realized that buying Claria would not make for a Happy Public Relations Event.

3. It was Patch Tuesday yesterday, so if you need to manually visit Windows Update you should. Patches were applied to all my Windows machines with no ill effects. Remember, do a Custom Install and don't install drivers from Windows Update.


4. I know we usually ignore the Mac users, but if there are any of you who use Tiger, Apple has just released some updates to their operating system.


Stay cool, stay safe, have fun.

Back to top

8-12-05 - Contents:

1. Very serious identity theft ring discovered
2. Patch Tuesday
3. On the lighter side, the results of the 2005 Bulwer-Lytton Fiction Contest are in

1. Over the last week, a very serious identify theft ring was discovered by the researchers at Sunbelt. I hesitated to send out general information about this because I didn't want to panic anyone, but you really need to know about this. If your antivirus is a current version and your subscription is up-to-date and you routinely run antispyware software like Ad-aware and Spybot Search & Destroy, and use a firewall you are probably just fine. So please don't panic. The FBI is working with antispyware forces, and there is of course no information about their investigation as yet. Here are links about the identity theft exploit and how to tell if you are infected with the malware that opens your computer to the Bad Guys.


2. This past Tuesday (8/9) was Patch Tuesday for Microsoft operating systems. As always, if you have Automatic Updates on you should have received the patches. You should always install critical security patches from Microsoft. If you have an obsolete operating system like Windows 98 which is no longer supported, you should still visit Windows Update to see if there are any patches for Internet Explorer.

3. On the lighter side, the winners of the 2005 Bulwer-Lytton Fiction Contest have been announced:


Stay safe, people.

Back to top

9-11-05 - Contents:

1. No Microsoft Windows security updates this month
2. Vulnerability in Firefox/Mozilla
3. Be careful out there - sleazy spyware
4. Sept. 19 - Talk Like A Pirate Day and more

1. Posted on Microsoft TechNet: "No new security updates on September 13th as part of the September monthly bulletin release cycle. This represents a change in the information found in the Advance Notification on Thursday, September 8, 2005. Late in the testing process, Microsoft encountered a quality issue that necessitated the update to go through additional testing and development before it is released. Microsoft is committed to only releasing high quality updates that fix the issue(s) in question, and therefore we feel it is in the best interest of our customers to not release this update until it undergoes further testing.

"Microsoft will release an updated version of the Microsoft Windows Malicious Software Removal Tool on Windows Update, Microsoft Update, Windows Server Update Services and the Download Center."

This is a Good Thing. We don't want them to release any patches until they are ready!

2. Security researchers have discovered an Internet Explorer-like vulnerability in Firefox and Mozilla. You can read about it and see the workaround here: http://www.mozilla.org/security

Firefox 1.5 is in Beta now. Remember, "beta" software is not finished and is still in the bug-checking phase. Do not run beta software on a production machine.

3. Sunbelt calls this company's tactics the "sleazy install of the week". It is pretty bad. Do not be tempted to click on the Sleazy Company's website link if you are running any version of the Windows operating system!


Here's Spyware Warrior's take on it: http://www.netrn.net/spywareblog/

4. Warning - The following item is based on what I think is amusing. If you know me then you know that although I am not a politically correct person and have a quirky sense of humor, I do not go out of my way to offend people. You have been warned.

How quickly a year goes by! September is half over already and we are coming up to one of our favorite holidays, Talk Like A Pirate Day.


TLAPD is on Monday, September 19th and is the start of Holy Week for those of us who are Pastafarians*.

*See Wikipedia entry here: http://en.wikipedia.org/wiki/Flying_Spaghetti_Monster
and the original site that started it all here: http://venganza.org/index.htm

Back to top

9-20-05 Contents:

1. New malware that spoofs Google.
2. The Opera browser is now completely free.
3. New Microsoft Shared Computer Tookit
4. Brief notes on what you should be looking for when you buy a new computer

1. Virus writers have developed a worm that spoofs the behaviour of internet search engine Google, varying the results displayed to suit the requirements of hackers. Since the worm spreads via file-sharing networks like Shareaza, this is just another good reason to stay away from pirating (unless you plan to sacrifice your PC). Here's the article from The Register:


2. Opera is an interesting, well-made browser that has been around for a long time. It used to be available in two versions - free and ad-supported. Now Opera has dropped the for-pay version and the ads and is offering it ad-free at no charge. I'm not sure how well this marketing strategy will work for them, but if you would like to try a good alternate browser, you can download Opera here:


Here's the article about it from The Register:

3. Microsoft has developed a new tool to help limit access on Workgroup computers. The Shared Computer Toolkit might be useful for parents trying to control their children's computers or for small businesses. It looks like you'll need some amount of computer-savvyness to set it up although the tool doesn't appear to be aimed at IT professionals. The Shared Computer Toolkit is free for licensed users of Windows XP. Here's Microsoft's webpage about it:


4. A lot of my clients are in the position of having older machines that are starting to fail. At this point with new computers so affordable, it doesn't make sense to try and repair a Windows 98/ME machine if the problems are with hardware. Here are some essentials you should look for when you are considering buying a new computer:

a. Get a minimum of 256MB of RAM (memory). Personally, I'd always go with 512MB instead.

b. Make sure the computer has a CD-RW drive (CD burner). If you have a lot of music files and/or pictures, consider getting a DVD-RW instead since DVD's hold much more data than CD's. Many of the big computer companies like Dell are now offering a DVD-RW drive as an option.

c. Almost every computer will come with an 80GB hard drive now. For people moving up from Win98/ME, this will be fine. If you have a lot of music, video and image files, then a larger drive will be better.

d. If you are still using an old 15 or 17" CRT monitor, considering getting a flat panel LCD instead. Often a flat panel will be offered as a "deal", and they are really nice and easy on the eyes.

e. Examine the software "bundle" that comes preinstalled. The Windows XP operating system does not come with word processors and DVD video players, etc. built in. When you buy a computer from a big company like Dell or HP, they will provide some combination of preinstalled software. Compare what the different companies are offering to help decide what is the best deal for you.

Another thing to be aware of when purchasing a computer is what, if any, physical media comes with it. A computer builder selling a machine with Windows preinstalled has a legal obligation to Microsoft to provide the buyer with a way of restoring the computer to factory-condition. The computer builder can do this in one of three ways:

1) With a physical CD containing the operating system.
2) With a physical CD containing an image of the machine as it came from the factory, called a "Restore" or "Recovery" disk.
3) With a Restore/Recovery image on a special partition on the hard drive.

For future repair purposes, obviously having 1) above is preferable but you don't always have a choice. Just be aware that if your computer only has option 3), if the hard drive fails you will need to have an operating system to reinstall. Most of the computers from big OEM's (Original Equipment Manufacturers) now come with a way to create backup physical media of the operating system. The end user has to make these CD's so if you buy one of these computers, make sure you find out how to do this and that you do it.

Back to top

10-12-05 - Contents:

1. Patch Tuesday for Microsoft operating systems
2. Fake Google Toolbar is malware
3. Tip - Recovering Windows

1. Yesterday was Patch Tuesday for Microsoft operating systems from Windows Update. Since there were no patches last month, there are quite a few this month. A good practice to follow when applying MS updates, especially when there are so many of them, is to first set a Restore Point and then apply the patches one at a time, testing after each patch installation. If you are unsure whether a patch will negatively impact your Windows installation, there is nothing to prevent you from setting multiple Restore Points between patch installations. If a patch interferes with your installed programs (there were some reports in the MS newsgroups about a problem with MS ActiveSync after one of the patches), you can uninstall it or use System Restore to go back to before you installed the patch.

To select individual patches in XP, don't use the Express Install but instead choose "Custom". Now you can examine the patches and install them one by one. Never install driver updates from Windows Update; however, you definitely want security patches.

To set a Restore Point:

Start>Programs>Accessories>System Tools>System Restore
"Create a Restore Point"

System Restore is not available in Windows 98 or Windows 2000. Windows ME and XP have the System Restore feature.

2. There is currently a browser hijacker in circulation which installs a fake Google Toolbar, hijacking the HOSTS file to redirect most Google domains and placing a homepage hijacker in the Temporary Internet Files folder, from which an Internet Explorer based search engine claims to be powered by Google. The bundle also includes a rogue antispyware tool, called "World Antispy". Here is a report on the malware by the excellent SpywareGuide.com:


Some of the installs are coming from instant messaging and IRC links. As always, practicing "Safe Hex" means not clicking on links or running programs received in your instant messaging/IRC program. SpywareGuide.com has a lot of good information about malware and how to
keep safe:

Staying safe - http://www.claymania.com/safe-hex.html
If you didn't practice Safe Hex

3. Over the last few years, many computer manufacturers have stopped providing physical operating system CD's or Restore Disks. Even Dell, which used to be the exception to this cheapskate practice, no longer provides the XP installation CD unless you specify physical media when you order the machine. Many of the large OEM's (Dell, HP, Acer) allow you to create a physical CD to restore your operating system. When you buy a new computer, be aware of what process will be used should you need to reinstall Windows and/or take it back to factory condition. At some point there is a very good chance you will need to do this, so it is a good idea to make the CD if your OEM has provided that ability.

If a computer builder sells you a machine with a Microsoft operating system installed, the builder has the legal obligation to provide a way for you to restore the computer to factory condition. This obligation can be fulfilled in any of these ways:

a. With a physical CD of the actual operating system;

b. with a "Recovery Disk" containing an image of the factory installation;

c. with a Restore Image on a (sometimes hidden) partition on the hard drive that is accessed by a specific key press at computer startup (F10 for HP's for example).

There are more details about what you will need if you have to reinstall Windows at the bottom of this section on the website here.

Back to top

11-2-05 - Contents:

Computer disaster planning

Here's a common scenario: you turn on your computer and hear a loud clicking and/or grinding noise. Then you see an error message something like, "Operating system not found" or "No boot device". This means your hard drive has failed. Or you have a power outage that fries your computer since you didn't have it plugged into an Uninterruptible Power Supply. What do you do? How do you get back up and running with minimal loss of data and time? If you are a home user, you may have precious pictures, legal documents, or your Great American Novel stored on your computer. If you are a business owner, your computer may be integral to your livelihood. Computers are just machines and they break. Are you ready for when this happens to you?

Here are some suggestions for computer disaster planning. You may think of other things, too and you should spend the time preparing for recovery. A professional (like Elephant Boy Computers) can help you with planning and implementation, but only you know what is important to you. Only you know your business and what you need to have in order to continue. For business owners, even if you delegate the day-to-day backups to a staff member, you cannot allow yourself to be ignorant of the process. What if the staff member doesn't do the job properly or leaves? The Boy Scout motto is a good one, "Be Prepared".

A. Hardware replacement - If your entire computer needs to be replaced (and not just the hard drive), how will you quickly get another one? Can you wait and order a good machine or do you need to run up to the local BestBuy? What should you buy? Is your computer still under warranty? What are the terms of the warranty? If you have an older computer, start thinking about replacing it. If you have a newer computer, have all the paperwork handy so you can call Dell (or whoever) and get a new machine out immediately. If you have a business relationship with your computer supplier (like Dell), you can get a new machine shipped out on an emergency basis. Small business owners should know whether or not you have this option.

B. Now you've gotten the new computer (or new hard drive). If you just needed a new hard drive, now you need to install the operating system (Windows), all the programs you use, and restore your data from backups. You did make backups, didn't you?

C. Operating system - Your operating system is the software that enables you to run programs. Examples of Microsoft operating systems are:

1. DOS/Windows 3.1
2. Windows 95/98/ME
3. Windows 2000/XP

You must have the installation media to reinstall Windows. You must have the product key. I addressed this in the last EBC Report. You can read it on the website here:


Make sure you know where your operating system or Restore Disk CD is.

D. Drivers - Every piece of hardware in a computer has software that tells the operating system how to use that hardware. That software is called a "driver". If you have a soundcard but no drivers, Windows may know you have a soundcard but you will not have any sound. If you bought a computer from an OEM ("Original Equipment Manufacturer") like Dell or HP, the computer will have come with driver CD's. If you bought a computer from a local supplier, it will also have come with driver CD's. Make sure you know where those CD's are.

E. Programs - Programs are the software that enable you to do things. Examples of programs are:

1. Microsoft Office (Word, Excel, Outlook, Access, PowerPoint)
2. QuickBooks/Quicken/TurboTax
3. Roxio or Nero to let you create CD/DVD's (burning software)
4. Specialized programs for your business

You must have CD's to install programs. You cannot copy the Microsoft Office program folder (for instance) from C:\Windows\Program Files for reinstallation purposes. Know where your installation CD's are.

F. Specialized or "niche" programs

1. Upgrade - If you use specialized software, it would be wise to make sure you have a recent version. Many people run into trouble because they use a database designed for DOS which will not run on a modern operating system like XP. If you replace your computer, the new one will come with Microsoft's current operating system which is Windows XP. You will be scrambling to find a new program that will meet your needs and then have to figure out how to get your data from the old program into the new one.

Another problem that can occur when using obsolete programs recently happened to one of my clients; the programs she was using for her business required activation after being installed, but the software company no longer makes the programs. The activation servers had been shut down long ago. How will you activate a program when the software manufacturer is out of business or the program is no longer being supported?

2. Many programs require a license code and/or product key. Make sure you can find all the necessary paperwork.

3. Many industry-specific programs require a yearly support contract with the software company. Make sure you have kept your support contract current. Know how to contact the software manufacturer's tech support.

G. Backups - Now you've got your new operating system, drivers, and programs installed. Where's your data? Data is what you made with the programs, such as:

1. Word documents or Excel spreadsheets
2. Pictures/music
3. Client records
4. Mailing lists/contacts/calendar/emails
5. Niche software data
6. Browser Favorites/Bookmarks
The only way to restore data is from backups you made. That data has to be put onto the new hard drive either by copy/paste or by placing the data where (and in a format) a program expects to find it. You need to think about what programs you use and then learn about them. You need to know how to reinstall the programs and where the programs keep the data so you can do regular backups. You need to know how to restore the data. Obviously, the backups cannot have been kept only on the computer. You must have the data backed up somewhere external. Here is some general information about backing up:


Understanding your programs is particularly important if you use specialized software that has its own backup/restore method. If you don't know how your niche software gets backed up, reinstalled, and your data restored, you need to find out. Either read the manual or call the software's tech support. Document your findings if necessary. A tech like me coming into your home or office to do the restoration work will most likely have no idea how to reinstall/restore your particular niche software.

H. User names and passwords - You have a user name and password for your Internet access and/or your email. Your main account name might not be the same as the email address you regularly use. You may need a user name and password for online banking and other websites. Have user names and passwords written down somewhere safe. You will need them eventually.

I hope this information is useful to you. Remember, only you are responsible for your disaster plan and backups. You might have a tech like me come in to do backups, but you must be in charge. The tech might forget or be busy or leave town. If you close your eyes and wave your hands around and say, "I know nothing!" when the computer disaster strikes - and the operative word is "when" and not "if" - there will definitely be Tears Before Bedtime. Trust me on this and Be Prepared.

Back to top

11-30-05 - Contents:

1. Firefox 1.5 available
2. Beware of fake IRS phishing email
3. Sober worm warning
4. Does anyone *not* know about the Evil Sony and its DRM?

1. For those of you using the Firefox alternate browser (most of you, I hope), there is a new version now available. Get it from http://www.mozilla.com/firefox/

2. I'm sure all of you are too smart to be caught by this phishing email that pretends to be a refund notice from the IRS. Here's the article about it from The Register: http://www.theregister.co.uk/2005/11/30/irs_phishing_scam/

3. The big virus outbreak this past month was caused by variants of the ever-popular Sober worm. Since all of you are practicing "Safe Hex" and not opening email attachments I suppose we don't have to worry, but here is an article about it anyway: http://www.theregister.co.uk/2005/11/30/november_virus_chart/

4. For those of you who haven't been following the antics of Sony and its evil copy protection software, here is a link with the explanation and history of this fiasco: http://www.boingboing.net/2005/11/14/sony_anticustomer_te.html

Back to top

12-2-05 - Contents:

1. Warning re Internet Explorer dangerous vulnerability

As you probably know, Microsoft's normal Windows Upgrade schedule is that patches are issued on the first Tuesday of every month - "Patch Tuesday". A serious vulnerability in Internet Explorer (your browser) has been reported that can cause a malicious website to download a trojan, even on a fully-patched XP Service Pack 2 system. Microsoft considers the vulnerability to be so critical that they are considering issuing a patch before the next scheduled Patch Tuesday on December 13th. Here is an article detailing the threat.


In my last EBC Report, I told you that a new version of the Firefox browser is available. Although Firefox - like all software - is not perfect, I strongly suggest that you use Firefox (or another browser such as Opera) instead of Internet Explorer. I installed the new version of Firefox on my Windows machines and the upgrade went very smoothly. At this point, you should only use Internet Explorer to go to a Microsoft website or only if absolutely necessary (like if your online banking website is so poorly coded it will only work with IE - in this case, complain to your bank's webmaster).

Note the new home for Firefox and Thunderbird (email client) - http://www.mozilla.com/
Opera is now free - http://www.opera.com/

Back to top

12-8-05 - Contents:

1. Evil Christmas screensavers and desktop wallpaper
2. How to lose data from Outlook and Outlook Express

1. Now that Christmas is upon us, people often go looking for holiday desktop pictures and screensavers. Please be very careful when you do this, since many of the sites where these so-called "free" screensavers and themes are hosted will also give your computer a nasty case of spyware. Personally, I never use screensavers. Screensavers were useful a long time ago (in computer-years) when monitors would get burn-in; leave an image on the screen for too long and a faint trace of it would remain on your monitor. A screensaver provided a constantly moving image to prevent the burn-in. Modern monitors don't have this problem, although I have heard that some plasma screens are susceptible. So now screensavers are really just toys. If you want a screensaver for privacy, you can always choose a blank one.

However, if you have your heart set on using screensavers, be aware that you need to be particularly careful about what you install. A screensaver - which will have the file extension *.scr - is actually a program. So if the screensaver you've downloaded and run is a virus (and your antivirus isn't up-to-date or up to par), your computer will get infected. Also you need to actually read any End User License Agreement ("EULA") that appears when you install anything so you don't agree to install spyware along with that Santa-Dancin' Screensaver. One of my favorite clients got a quite ugly malware infestation recently when she downloaded what she thought was a religious picture. She was most outraged that the picture was of Jesus. My dears, the people who are pushing this malware are Not Nice and don't care about things you consider holy. They are scum.

So how do you get pretty things for your computer? Microsoft has downloads of themes, games, and other great ideas. Start here and look around: http://www.microsoft.com/athome/default.mspx

National Geographic has lovely photographs you can use for desktop wallpaper. Look here: http://www.nationalgeographic.com/photography/

WinCustomize has themes, wallpapers, etc. You don't have to use the WindowBlinds theming application for many of them, either. You can also use Google Images Search, but again - be careful where you go. I suggest doing your searching with Firefox instead of Internet Explorer.

2. How many of you have made loads of folders in your email program where you are now keeping 5,000 emails? Those of you who don't do this can leave now; the rest of you had better listen. One of these days, sooner rather than later, you are going to have an unpleasant surprise. Both Outlook and Outlook Express keep all the emails and other information in databases. Databases are prone to corruption and OE is particularly fragile in this regard. Here are two sites which discuss why keeping all these emails in your email program are a recipe for disaster.

This first link is MS-MVP Tom Koch's website about Outlook Express and it has everything you should know about using OE:  http://www.insideoe.com/

Here's an article by Tom written for one of Microsoft's Communities websites that addresses this problem directly:

And here's another article he wrote covering the Top Ten Outlook Express issues:

What InsideOE.com is to OE, Slipstick.com is to Outlook. Also created by MS-MVP's, Slipstick.com is the premier source for information about Outlook:  http://www.slipstick.com/

Here's a direct link to the page which discusses message management and how to keep Outlook healthy:

So what do you do instead? You make folders - usually in My Documents - for all your different projects and save the emails and any attachments in there instead. Then delete the emails from Outlook or Outlook Express. Not only does this prevent OE/Outlook corruption, it will facilitate backing up your data. You are backing up, right? Protect your precious data by saving it properly and backing up regularly.

Back to top

1-2-06 - Contents:

Windows MetaFile (WMF) vulnerability

The old year ended and the new year began with one of the most serious vulnerabilities in Windows operating systems ever. At this writing, Microsoft has not issued a patch for the problem. If they stick to their normal update schedule, we will not have an official patch until January 9th at the earliest. This is not A Good Thing.

A temporary patch has been created by Ilfak Guilfanov. Normally, I would never suggest that you install a patch from anyone but Microsoft. Never, ever, ever. But because of the seriousness of the vulnerability, I'm going to suggest that you install Mr. Guilfanov's patch coupled with one other easy step.

The SANS Internet Storm Center has the best explanation of the vulnerability with instructions on what to do and a link to the download.


I highly recommend you go to the SANS site and read the information about the WMF vulnerability. To make things even easier for you, here are paraphrased highlights and what you need to do:


The WMF vulnerability uses images (WMF images) to execute code. This means it can run programs like trojans, which can download more trojans. It will execute just by viewing the image on a webpage. In most cases, you don't have click anything.

Internet Explorer will view the image and trigger the exploit without warning. New versions of Firefox will prompt you before opening the image. However, this offers little protection since most people will consider images to be safe and say "yes".

The Bad Guys are already sending spam email with attachments carrying a new version of the WMF exploit resulting in the installation of a various trojans. This spam email may look like this:

Subject: Happy New Year
Message Body: picture of 2006
Attachment: HappyNewYear.jpg (actually a WMF file with a .JPG extension)


Email attachments, malicious web sites, and instant messaging are the most likely sources as well as P2P (file-swapping) like with Kazaa, Limewire, etc.


All. Windows 2000, Windows XP, (SP1 and SP2), Windows 2003. All are affected to some extent. And to quote the good people at SANS:

"If you're still running on Win98/ME, this is a watershed moment: we believe (untested) that your system is vulnerable and there will be no patch from MS.  Your mitigation options are very limited. You really need to upgrade."


1. Install the patch from either the link on the SANS site above or here is a direct download link (TinyURL'd):http://tinyurl.com/8stt5

Note that you will need to uninstall the patch before you install an official Microsoft one. So you need to pay attention during the next Windows Update. Set your Automatic Updates (in Control Panel) to download updates automatically but notify you before installing them. Then instead of taking the "Express" install option for the updates, take the "Custom" install option. Now you can see if there is a patch for the WMF vulnerability and if there is, go to Add/Remove Programs and uninstall Mr. Guilfanov's patch first.

2. Unregister the affected Windows system file. Do this by:

Click Start, click Run, type "regsvr32 -u %windir%\system32\shimgvw.dll" (without the quotation marks), and then click OK. A dialog box appears to confirm that the un-registration process has succeeded. Click OK to close the dialog box.

3. Make sure you have a current version antivirus program installed with an active subscription and that your virus definitions are up-to-the-minute. Most antivirus companies have said their very latest definitions will catch trojans coming from the WMF vulnerability, but new variants are being created every day. Do not be complacent.

4. Don't open email attachments unless you absolutely must and/or you are absolutely sure of the source (not just "someone you know") and that the attachment is a crucial piece of information you must have.


Per the SANS article:

"Not much :-(. It very much depends on the exact exploit you are hit with. Most of them will download additional components. It can be very hard, or even impossible, to find all the pieces. Microsoft offers free support for issues like that at 866-727-2389 (866-PC-SAFETY)."

If you are a local client, you can call Elephant Boy Computers and we will try to clean your machine. Make sure you have current backups of all your important data because a format/clean-install of Windows may be necessary.

Back to top

1-26-06 - "On two occasions I have been asked [by members of Parliament!], `Pray, Mr.  Babbage, if you put into the machine wrong figures, will the right answers come out?'  I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question." -- Charles Babbage


1. New version of Thunderbird
2. End of the line for Win98/ME
3. Stopbadware.org

1. For those of you using Thunderbird as an email client, there is a new version available now. Get it from http://www.mozilla.com/thunderbird/

For those of you not using Thunderbird as an email client, you may want to give it a try. It has excellent Junk Mail filtering capabilities, and like the Firefox browser many people have written some extremely useful extensions for it. Extensions are small code snippets that extend the functionality of a program. To learn about and see some extensions for Firefox and Thunderbird, visit:


2. It is finally the end of the line for Win98/ME. From my TechNet mailing this morning:

"Important Notice for Windows 98 and Windows ME Users - On June 30, 2006, assisted support will end for Windows 98, Windows 98 Second Edition, and Windows Millennium Edition (Windows Me) operating systems and their related components.

"After this date, Microsoft will no longer provide any incident support options or security updates. Online support will be available through the Microsoft Support Product Solution Center Web sites.

"Find additional information on the support lifecycle of Windows 98, Windows 98 Second Edition, and Windows Me on the Help and Support Web site. And you can find more information about Windows XP and migrating to this platform at the Windows Resource Center."

Here are the links referenced in the TechNet notice above:

Announcement - http://www.microsoft.com/presspass/features/2006/jan06/01-10Support.mspx
MS Support Product solution Center - http://support.microsoft.com/select/Default.aspx?target=hub
Win98/ME Support website - http://support.microsoft.com/gp/lifean1
Installation/Migration from Resource Center - http://tinyurl.com/at9kx

What does this mean to you if you're still running these older operating systems? It means that if your computer is connected to the Internet at all - or is connected to a network where there are other computers with Internet access and file sharing is enabled - it's time to think about upgrading to Windows XP. If your computer has no Internet access, then by all means stay with Win98/ME. Your computer will not magically stop working because Microsoft no longer provides support.

In most cases, a computer happily running Win98/ME will not upgrade well to XP. Windows XP requires much beefier hardware than the older operating systems and it is rarely cost-effective to try and upgrade an old machine. With new computer prices relatively inexpensive, it is almost always a better solution to just buy a new machine. Naturally, Elephant Boy Computers will be pleased to help you with your decision.

3. We have a new resource for fighting malware with StopBadware.org. From their "About Us" page:

"StopBadware.org is a "Neighborhood Watch" campaign aimed at fighting badware. We will seek to provide reliable, objective information about downloadable applications in order to help consumers to make better choices about what they download on to their computers. We aim to become a central clearinghouse for research on badware and the bad actors who spread it, and to become a focal point for developing collaborative, community-minded approaches to stopping badware.

"Harvard Law School's Berkman Center for Internet & Society and Oxford University's Oxford Internet Institute are leading this initiative with the support of several prominent tech companies, including Google, Lenovo, and Sun Microsystems. Consumer Reports WebWatch is serving as an unpaid special advisor.

"John Palfrey, Executive Director of the Berkman Center and Harvard Clinical Professor of Law, and Jonathan Zittrain, Harvard Law Visiting Professor and Professor of Internet Governance and Regulation at Oxford University, are StopBadware.org co-directors. Supporting them are an advisory board and working group made up of some of the top experts in the field, including Internet pioneers Esther Dyson and Vint Cerf."

It will be interesting to see what they can do. http://www.stopbadware.org/

Back to top

1-30-06 - "A black cat crossing your path signifies that the animal is going somewhere."  -- Groucho Marx


1. Winamp vulnerability
2. Kama Sutra/Blackworm

1. If you use Winamp, please note that there is a vulnerability that has already been exploited. Some security experts have already rated this vulnerability as "critical". Here is information about the vulnerability and the exploit:


It is expected that Nullsoft will issue a patch but in the meantime use Winamp only at highly trusted sites or for offline media. Check with Nullsoft for a patch and when available, download and install it - http://www.winamp.com/

2. Now, I don't want to get all Chicken Little about this newish worm, but I thought I'd mention it since the worm is quite destructive and the payload is scheduled to be delivered in just a few days (February 3rd). Naturally, all of you know that you need to have a current version (not earlier than 2004) full-featured antivirus installed, with an active subscription and updated virus definitions. If you don't - you know what to do. Here are a few articles about the Kama Sutra worm.


Back to top

2-1-06 - "Writing about music is like dancing about architecture." -- Frank Zappa


1. Online music - legal and available
2. Safer web surfing with SiteAdvisor

1. In my work cleaning up people's computers, I find that a large majority of the machines have become infected because their owners (or their owners' kids) have been pirating music (Kazaa, Limewire, etc.). My clients then ask me what they should use instead. Since I'm not a big music listener/buyer, I've said either iTunes or Rhapsody. While those services are excellent, they also have DRM restrictions. Also, what if you can't find what you want on those sites? I've done a little research and have come up with a couple of online companies which may be of interest:

A. Magnatune - http://www.magnatune.com/

Here's what the owner of Magnatune has to say:

"We're a record label. But we're not evil. We call it "try before you buy." It's the shareware model applied to music. Listen to 427 complete MP3 albums from musicians we work with (not 30 second snippets). We let the music sell itself, because we think that's the best way to get you excited by it. We pick the best submissions from independent musicians so you don't have to. If you like what you hear, download an album for as little as $5 (you pick the price), or buy a real CD, or license our music for commercial use. And no copy protection (DRM), ever. Artists keep half of every purchase. And unlike most record labels, they keep all the rights to their music. No major label connections. We are not evil."

They don't have a huge playlist, but what they do have looks interesting. My only criticism of the site is that the instructions for use and payment aren't completely clear immediately. Basically you click on an artist you like, listen to the music, and if you want to buy it click on the "Buy" button. You are then taken to a page where you're given the choice to download the music or have a CD sent to you. They take Visa, Mastercard, or Paypal.

B. Mindawn - http://www.mindawn.com/index.php

Mindawn looks quite a bit bigger and slicker than Magnatune and has a much larger catalog. Their Customer FAQ (Frequently Asked Questions) covers who they are and how they do it very well - http://www.mindawn.com/customers.php

Mindawn seems to be aimed not only at those of us who hate DRM, but at musically-savvy people who want to download great quality music.  Apparently you can browse and buy music from their main website, but to hear the music you need to download a player. I can't imagine why you  would buy music unheard. From a quick perusal, I would say that first downloading the Help file (in .pdf format so it will open with Acrobat Reader) would be a good idea. You can right-click on the Help file and Save As. I think that Mindawn is aimed at fairly sophisticated users so  I'm not sure your teens would do well there.

C. If you don't want to download music but just want to listen to some tunes on your computer while you're working, there's always Internet radio. Here are a few links I find interesting:

Radio DavidByrne.com - from the amazing creator of Talking Heads - http://davidbyrne.com/radio/index.php
BBC Radio 1 - http://www.bbc.co.uk/radio1/listen/index.shtml?hp_lhn
KEXP - http://kexp.org/home.asp?noflash=false
Public Radio Fan - hundreds of links to public radio stations around the world - http://publicradiofan.com/
You can listen to the new "Venue Songs" from the fabulous They Might Be Giants - http://www.tmbg.com/
Soma FM - listener-supported, commercial-free, underground/alternative radio broadcasting - http://www.somafm.com/
WFMU from Jersey City - http://www.wfmu.org/ssaudionet.shtml

2. Safer surfing with SiteAdvisor - I just heard about this website/application to help make your surfing experiences safer and it looks very interesting. Here's their homepage - http://www.siteadvisor.com/preview/

Since Ben Edelman - a most highly-respected spyware researcher - is one of their technical advisors, I think this is definitely worth a try. I'm going to download the browser plugins for Internet Explorer and Firefox and you might want to check this out for yourselves, too. The SiteAdvisor blog is also extremely interesting - http://blog.siteadvisor.com/

Back to top

3-27-06 - "Any sufficiently advanced technology is indistinguishable from magic." --  Arthur C. Clarke


1. Warning - Internet Explorer, etc. vulnerabilities
2. Warning - new variants of Smitfraud (Spyaxe, Spyfalcon, SpywareQuake)
3. Beware the DRM, the jaws that bite, the claws that catch! (Starforce)
4. Free stuff from Microsoft

1. There are always vulnerabilities in operating systems and programs and you are supposed to be practicing Safe Hex and keeping your systems/programs patched. But just in case you've forgotten this, I thought I'd remind you. There are some particularly nasty vulnerabilities in Internet Explorer right now and there are exploits to take advantage of this. This doesn't mean that alternate browsers are bullet-proof, but using one instead of Internet Explorer is a good idea. Remember, if you use an alternate browser to make sure you have the latest version of it.


Also make sure you have the latest version of Java. Uninstall older versions before installing the newest one.

And for your convenience, here are some links to help you stay safe:

http://www.wilderssecurity.com/showthread.php?t=27971 - So How Did I Get Infected Anyway?
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://msmvps.com/blogs/harrywaldron/archive/2006/02/05/82584.aspx - MVP Harry Waldron - The Family PC - How to stay safe on the Internet
http://www.microsoft.com/security/protect/default.asp - Protect Your PC
http://www.cert.org/homeusers/HomeComputerSecurity/ - Home Computer Security

Another way to stay safe is to use an operating system other than Windows. While Apple's OSX, Unix, and Linux have their own vulnerabilities, they tend to give you safer surfing. If you'd like to know more about using Linux, feel free to contact Elephant Boy Computers.

2. It seems like almost every day there is a new variant of the Smitfraud malware. To add to SpyAxe and SpyFalcon, we now have SpywareQuake. For more information see information here, which includes the link to the BleepingComputer.com removal steps:


I've mentioned it before, but MVP and security expert Eric Howes' site is an invaluable resource to help you determine if a program is "rogue" or not. It is well worth visiting Eric's site regularly to see what new programs have been added to the list.


3. Beware the DRM, the jaws that bite, the claws that catch! Late last year we had the huge fiasco with some Sony music CD's installing copy protection software on users' computers that caused all sorts of problems. See:


You should know that this is not the only instance of software being installed on users' computers that can have extremely adverse effects. If you are a gamer or have gamers in your household, you should know about the Starforce copy protection malware - and I use the term "malware" on purpose. The Starforce software can seriously damage your Windows installation and possibly the hardware itself. Here is a link to a site explaining the issues and listing games that currently include the Starforce program if you would like to boycott them. At the very least, be aware of the issue.


While Elephant Boy Computers would never suggest that you do anything illegal, the April issue of MaximumPC has some very interesting articles
about copying movies and music. The content is not on their website yet since the magazine is still in stores. If this is a subject in which you are interested, it would be well worth picking up a copy of the magazine.


4. Free stuff from Microsoft - After taking some calls last week from people looking for training on Microsoft Office programs (no, I don't do this), it occurred to me that you may not realize how much free content and help is available from Microsoft for their products. For instance, there are many training sessions for Office programs on the MS Office website. I learned how to do a mail merge for my Christmas card labels using Excel and Word by watching a training movie.

While many people already know about Office clipart, there are also a lot of templates which you can download and use. For instance, why spend hours creating a personal budget template for Excel when someone else has already created one?

Microsoft wants you to use their products and to use them successfully. If you use Microsoft products, it is very much worthwhile to spend some time exploring the excellent and vast resources the company provides you. Start at their homepage: http://www.microsoft.com/ and go from there.

Back to top

4-28-06 - "You will remember, Watson, how the dreadful business of the Abernetty family was first brought to my notice by the depth which the parsley had sunk into the butter upon a hot day." -- Sherlock Holmes


1. Update about the Windows Update KB908531
2. Common computer mistakes made by small business owners

1. Microsoft issued a reworked patch for the vulnerabilities covered in KB908531 last Tuesday, April 25th. Windows Update took care of this for you if your computer needed it. Based on reports, it looks like the new patch took care of the problems caused with the first update. If you weren't one of the many people affected by the first patch's problems, don't worry about this!

2. Common mistakes made by small business owners - My client base consists of home users and small business owners. Although my comments in this section are aimed at small business owners, some of the information may be useful for home users also. Here are some of the mistakes that small business owners make that I see all the time, not in any particular order.

A. Mistake - Buying cheap equipment. Those $399 machines are aimed at the home user who does light computing. They are not meant to be on 24/7 and act as a "server". You might get lucky and get good use out of those machines, but then again you might not. Most of the computers for the home market are running Windows XP Home or Media Center Edition which are not designed for business use.

Solution - Buy quality business-class computers. It is preferable to have workstations that are all the same make/model for ease of maintenance and repair. If you want your workstations to run a Microsoft operating system (as opposed to Linux), then it should be Windows XP Pro. Buy business-class printers, preferably laser printers that are connected to the network and not locally to a computer.

B. Mistake - Using a workstation computer as a server - known as a "pseudo-server". Companies with more than 7 computers using a pseudo-server, all running Microsoft operating systems, will start to run into the inbound concurrent connections limitation. The limitation  is on inbound concurrent connections, not computers or number of users. Each workstation can make more than one connection to a machine acting as a server. Here is a link to Microsoft's information about this: http://support.microsoft.com/?id=314882

Inbound concurrent connections limitations:

5 for XP Home
10 for XP Pro/Tablet/Media Center Edition
49 for SBS 2000
74 for SBS 2003
Unlimited for full Server operating systems

Solution - Get a real server running a real server operating system. Server computers also have hardware designed to handle the the job. Buy a server that is powerful enough to meet your needs. If you must run Windows programs on the server, you will need to buy a Microsoft server operating system such as Small Business Server or Windows Server 2003. If the server will only act as a file server, you can use Linux instead - or even a Mac server.

With a server, you should set up a domain instead of keeping the peer-to-peer Workgroup network structure. Among other advantages, a domain permits centralized security, control, and maintenance.

C. Mistake - Lack of proper security and maintenance. The type of security needed depends on your particular business, but here are some things that all computers need to have:

1. Current version (not earlier than 2005) antivirus with an active subscription and updated virus definitions.

2. A firewall - this can be a software firewall running on each Workgroup or Domain member (and the server) and/or a hardware firewall solution at the perimeter of your network.

3. Operating system and major applications used kept patched and current with Service Packs and updates.

4. Security procedures and company policies regarding computer use. Workstations running XP Pro can be locked down to restrict user behavior with Group Policy, either locally on each computer in a Workgroup or domain-wide from the server. Employees should not use company workstations for private web surfing and should not be able to install programs. This limits the ingress of viruses and malware. Computers used for accounting, financial, or privacy-sensitive data such as medical records should not be on the same network as other workstations and, if at all possible, should not have Internet access. Email use should be regulated since one of the prime causes of virus infection is opening attachments in email.

User access to computers should be restricted. Servers or computers with crucial and/or sensitive data should not be accessible to all employees. In some cases, these computers should be in a room that can be locked. Your brother-in-law or your child should not be able to come into your office and surf for pr0n or install games. If your business requires visitors to attach a laptop to your network, you need specialized security measures.

If you only have one computer and work from home, you should not use this computer for the family. Computers are relatively affordable now; buy a computer for your family and do not allow them to use your business machine. If you use the same Internet connection, do not share files with the family computer. This will help keep your business computer free from viruses and malware and protect your data.

If you are not able to set up proper security yourself, hire a professional to do it for you. If you don't know what you're doing, don't do the work yourself. Don't rely on a friend or relative who "knows about computers" either unless they are a computer professional and skilled in this area of the industry. A programmer cousin may have no idea how to set Group Policies.

D. Mistake - No formal backup system and disaster recovery strategy.

Solution - Be aware of what data you have and where it is stored on your hard drive. If it is not all in one location, use a backup program like SecondCopy (www.centered.com) to funnel backups of all data into one folder. Understand how and where the programs you use store your data and how to restore it. I prefer layered backups, with data being saved or copied to a second hard drive (internal or external) every day and then being burned to CD/DVD regularly and taken off-site or put in a fireproof cabinet or safe. Ask yourself "If my computer died tomorrow, what would I need to get back in business as soon as possible? What would I lose?". If you have a server or a pseudo-server all data should be stored there; nothing should be saved locally on the workstations. The backup procedure must be quick and easy or you won't do it.

E. Mistake - Lack of organization.

Solution - Someone in your company needs to know and be responsible for:

1. What programs and operating systems you have installed and where the installation media for them are. If the programs and operating systems require product keys and licenses, they should be in one place where they can be easily found.

2. Updating your operating systems, antivirus program, and other important software. I addressed this and other disaster-planning strategies in the Elephant Boy Computers Report of 11/2/05.

3. Knowing the structure of your computer setup, usernames and passwords - how you connect to the Internet; some details about the network and your server if you have one; usernames/accounts and passwords for the computer, the Internet, and email. A computer technician coming into your business to fix things for the first time is not going to know any of this and time is money.

Important information necessary to get your business back up and running in a minimum of time after a disaster should be written down and put where you will remember it. Someone must be responsible for keeping the information updated.

Obviously if you are a busy professional with employees, you will not be doing all this work yourself; however, you should assign the tasks to one of your employees and you should occasionally check to make sure these tasks are being done. If you just roll your eyes and wave your hands around because you don't want to take the time to learn these things, I can assure you that someday you will be sorry and there will be Tears Before Bedtime.

Back to top

5-27-06 - Endless Loop: n., see Loop, Endless.
Loop, Endless: n., see Endless Loop.


1. Vulnerability in Corporate Symantec Antivirus
2. Vulnerability in Microsoft Word
3. Veterans Affairs warns of massive privacy breach
4. Sun Java update
5. New Yahoo Instant Messenger Worm poses as "Safety Browser"

1. A critical vulnerability has been found in Symantec Corporate Antivirus that would allow an attacker to execute code without user action. Here are some articles about it:


The home products - called "Norton Antivirus" or "Norton Internet Security" as opposed to the "Symantec" name do not have this vulnerability. If any of you are using the Symantec Corporate product at your business or if your company gave you a license to use on your home machines, you should follow up on this.

2. A vulnerability has been reported in Microsoft Word, which can be exploited by malicious people to compromise a user's system. See this link for details: http://secunia.com/advisories/20153/

The solution is to not open untrusted Office documents, which you shouldn't be doing anyway. A trusted document would be one that you are expecting and that is coming from a known-clean source. Remember, just because you know the sender doesn't mean you should open attachments.

3. The U.S. government warned on Monday (5/22) that a database containing sensitive information about veterans and their families had been stolen, after an employee violated policy and brought the data home. Here's an in-depth article about the breach:


4. Sun has an update for their Java program here: http://java.com/en/

Download it and before you install it, uninstall all older versions of Java from Add/Remove Programs. You may have multiple entries for older versions of Java; uninstall them all.

5. A new Yahoo Instant Messenger Worm is making the rounds posing as a "Safety Browser". Here's an article about it:


The way to stay safe is - as I'm sure you all know - by not clicking on links and/or downloading programs sent in instant messages, no matter
the source.

Back to top

6-13-06 - Nature is by and large to be found out of doors, a location where, it cannot be argued, there are never enough comfortable chairs. -- Fran Leibowitz


1. Yahoo webmail vulnerability
2. Windows Vista beta now available to the public
3. Passwords and other important things to remember

1. There is a rather serious vulnerability in Yahoo's webmail, opening Windows users to infection by the JS-Yamanner worm. As of this writing, the service has not been patched yet. Windows users should be extremely cautious when using Yahoo Mail and block any emails from av3@yahoo.com. Here is some information about the issue:


2. The big news in Microsoft Land is that a beta of Vista, the upcoming Windows operating system, is now available to the public. For those of you who might be interested in trying it out, please be very sure you understand what "beta" means. A program goes through quite a few phases before it reaches you, starting with alpha releases - very rough beginnings. The next step is a beta release - the program is still unfinished and is in the bug-checking phase but is more usable than it was. After beta, the next step is RC1 - Release Candidate 1. If there are no bugs found in it, it will become the final version. There may be more than one alpha, beta, and Release Candidate version before the final "gold" version - the one that will be released to manufacturers for public consumption. And usually there are patches to the released program to fix the bugs that got away afterwards!

You should never run beta software on a production machine or on any machine which you are unwilling to wipe.

For more information about Vista, see http://www.microsoft.com/Windowsvista/

3. After speaking to the third person who forgot or didn't know their wireless router setup information, I thought it might be useful to remind you all about keeping a record of your passwords and other important computer-related information. Naturally, it would be smart to keep this record somewhere other than only on your computer! I created a simple spreadsheet for my own use and this method might work well for you. My spreadsheet has only four categories - Item, Identity, Password, Other Notes - but that is enough for my purposes. I keep a printout of it handy, making notes on it when I add or update passwords. Occasionally I update the actual file and print out the new version. Here are some things you will need to know when setting up a new
computer, reinstalling the operating system, adding a computer to your network, etc.:

a. Computer user accounts - account names and passwords
b. Product keys/license numbers for Windows operating systems and other software
c. Internet Service Provider - master account user name and password
d. Email - user name, password, and mail server settings
e. Website accounts (banks, shopping, forums, etc.) - user name, password, email you used when you set up the account with them
f. Router information (Linksys, D-Link, Netgear, etc.) - configuration login name and password
g. Wireless router - name of your wireless network (SSID) and the encryption key.

Back to top

6-15-06 - "He's dead, Jim!" -- Dr. Leonard McCoy

1. Microsoft End of Life information, Windows 98/ME and Service Pack 1
2. Patch Tuesday

1. There are two important End Of Life announcements from Microsoft.

A. The first is for the end of support for products with Service Pack 1 applied. For most of you, this means that if you have any version of Windows XP without Service Pack 2, you will need to upgrade to SP2 in order to get any more security updates. It is extremely important that you keep your operating system current with security patches.

Windows Service Pack 2 has been available since August, 2004. If you haven't applied it, you need to do so but not without proper preparation. See the end of this section of the EBC Report for links about preparing for SP2.

End of support for Microsoft's Service Pack 1 - http://support.microsoft.com/gp/lifesupsps

Windows XP SP1 and SP1a support ends on October 10, 2006 - http://support.microsoft.com/gp/lifean19

Microsoft Office XP transitions from Mainstream to Extended Support phase - http://support.microsoft.com/gp/lifean21

Windows and SP EOL Links:

Are you still using Internet Explorer 5.5? The support for that version has ended: http://support.microsoft.com/gp/lifean20

Some of the affected Microsoft products:

End of support (Oct 10, 2006 and July 10, 2006):
SP1 for Windows:
Windows Tablet PC Edition Service Pack 1
Windows XP Home Edition Service Pack 1
Windows XP Home Edition Service Pack 1a
Windows XP Media Center Edition 2002 Service Pack 1
Windows XP Media Center Edition 2004 Service Pack 1
Windows XP Professional Service Pack 1
Windows XP Professional Service Pack 1a
Windows XP Tablet PC Edition Service Pack 1
SP1 for Internet Explorer:
Internet Explorer 6 Service Pack 1 on Windows XP Home Edition
Internet Explorer 6 Service Pack 1 on Windows 98 (end of support for
this is on 11-Jul-2006)
Internet Explorer 6 Service Pack 1 on Windows 98 SE (end of support for
this is on 11-Jul-2006)
Internet Explorer 6 Service Pack 1 on Windows Millennium (end of support
for this is on 11-Jul-2006)
SP1 for Office:
Office Professional Edition 2003 Service Pack 1
Office Professional Enterprise Edition 2003 Service Pack 1
Office Small Business Edition 2003 Service Pack 1
Office Standard Edition 2003 Service Pack 1
Office Students and Teachers Edition 2003 Service Pack 1
Office Visio Professional 2003 Service Pack 1
Office Visio Standard 2003 Service Pack 1

Windows XP Service Pack 2 Preparation:

Are You Ready for WinXP SP2? - http://support.microsoft.com/default.aspx?pr=windowsxpsp2
Download full SP2 - http://tinyurl.com/5bobl
Order SP2 on CD from MS - http://tinyurl.com/6g675
Follow the Service Pack Installation Checklist - http://www3.telus.net/dandemar/spackins.htm
SP2 links to OEMs - http://www.microsoft.com/windowsxp/sp2/oemlinks.mspx
http://aumha.net - See SP2 forums
http://www.kellys-korner-xp.com/xp_s.htm#sp2 - Windows SP2 Information, Guidelines and Troubleshooting

B. Support for Windows 98, 98SE and ME finally and irrevocably ends on July 11, 2006:

If you still have Windows 98, 98SE, and/or ME machines there are a few ways you can handle this.

a. Upgrade to a current version operating system. For Microsoft, this would be Windows XP Service Pack 2. Since XP has far more demanding system requirements than the older operating systems did, in most cases a computer happily running Win98x/ME will not be a great candidate for upgrading to XP. With the cost of a basic computer relatively low, a better choice is to simply buy a new computer.

b. If your circumstances permit, consider changing to a different operating system such as Linux.

c. If you do not want to upgrade the operating system and you use the older machine on the Internet, be extremely careful and practice "Safe Hex" rigorously. Some suggestions for doing this are:

i. Do not use Internet Explorer to surf; use Firefox instead.

ii. Make sure you have a current version antivirus installed (not earlier than 2005) and that its virus definitions are always updated. There are still a few antivirus programs that will run on Win9x/ME; many will not.

iii. Make sure you have a firewall installed. Again, not all firewalls will run on Win9x/ME; you will need to look around.

iv. If you have a broadband connection to the Internet (cable or DSL), buy a consumer-level router (Linksys, Netgear, etc.) even if you only have one computer. This will add protection.v. Be circumspect in where and how you surf. Here are some links about practicing "Safe Hex":

http://www.wilderssecurity.com/showthread.php?t=27971 - So How Did I Get Infected Anyway?
http://www.aumha.org/a/parasite.htm - The Parasite Fight
http://msmvps.com/blogs/harrywaldron/archive/2006/02/05/82584.aspx - MVP Harry Waldron - The Family PC - How to stay safe on the Internet
http://www.spywarewarrior.com/rogue_anti-spyware.htm - MVP Eric Howes on Rogue Antispyware Programs

2. This past Tuesday was Microsoft's monthly Patch Tuesday. A lot of critical vulnerabilities are addressed, so you should most certainly update.


Back to top

7-12-06 - "I've had a perfectly wonderful evening.  But this wasn't it."  -- Groucho Marx


1. Microsoft Windows Update - Patch Tuesday reminder
2. Image Shack spyware warning
3. Microsoft End of Support reminder
4. Computers and Heat

1. Yesterday was Microsoft's monthly Patch Tuesday. If you have Automatic Updates enabled, this will happen all by itself. If you are doing this yourself, go to Windows Update. Users of Windows 98, ME, and XP with only Service Pack 1 are not covered (see Item #3 in this Report).

2. Many people use Image Shack (and I'm purposely not giving a link to their site) for free image hosting for use on web forums. A lot of teens do this in particular. Image Shack is a popular site and has apparently added scumware to its advertisers. Various people on a security list of which I'm a member commented on the fact that when they clicked on a thumbnail hosted on Image Shack, malware tried to install on their computers. Here are a few links about the problem:


If you don't use image hosting, this isn't anything to worry about. If you do - or your kids do - this is just a heads up and a suggestion to use a different service. PhotoBucket and IMGMonkey are good ones.


3. "Effective today [July 11, 2006], Microsoft no longer provides support for Windows 98, Windows Millennium Edition (Windows Me), and Windows XP Service Pack 1. Customers can access existing support documents through the Microsoft Support Product Solution Center, but telephone and e-mail support and security updates are not available."


If you are questioning why this is so important, take a moment to review this month's Windows Updates and what is covered. Many of the vulnerabilities allow an attacker to take control of your machine. This would not be A Good Thing. To clarify, Windows XP is still Microsoft's current operating system but in order to get updates you will need to have Service Pack 2 installed.

If you're still not sure why keeping your operating system current is important, read the last paragraph of this article (quoted for your convenience):


"In related news, the BBC reports on hi-tech crime gangs in Eastern Europe who specialise in making viruses that target weaknesses in Windows 98. The concern is that these gangs may up the ante and increase malware attacks now that security updates for the software are discontinued."

4. Now that it is most definitely Summer, give some thought to your computer's staying cool, too. Heat and dirt are great enemies of computers. If you've never cleaned out your computer, it is probably time to do so. With the computer unplugged, take off the case and and get rid of the dust bunnies. Use compressed air to gently blow out the case. I usually do this outside on the back porch. It can be very messy. Don't use a vacuum cleaner - they can create static electricity which will kill computer components. Try not to touch the components with your hands. Make sure all the fans are clean and not covered in a blanket of dust. On very hot days, I leave my desktop machines off and work from my laptop. It helps keep the utility bill down since otherwise the air conditioning has to work extra hard to deal with all the heat the computers put out in the office.

Back to top

8-9-06 - "...when you have eliminated the impossible, whatever remains,
however improbable, must be the truth." -- Sherlock Holmes


1. Google Antiphishing
2. MS Patch Tuesday
3. RIAA tactics

1. Google is working with StopBadware.org to warn people who click on links to known Evil Websites. This is A Good Thing. You can read about it here: http://www.stopbadware.org/

2. Yesterday was Microsoft's monthly Patch Tuesday. I never set my Windows Updates to download and install automatically since I prefer to see what is being installed and because it is a good idea to temporarily disable your antivirus while installing Windows Updates. However you do it, you should always install security updates and never install driver updates from WU. It is wise to make a System Restore point before installing updates. If you've forgotten how:

Start>Programs>Accessories>System Tools>System Restore
"Create a new restore point"

Name the restore point something useful like "before Windows Updates".

If you have problems with your computer immediately after applying an update, Microsoft offers free tech support for issues arising from Windows Updates.

Customers in the U.S. and Canada can receive technical support from Microsoft Product Support Services. There is no charge for support calls that are associated with security updates at (866) 834-8317.

Contact MS - http://support.microsoft.com/gp/contactuswindows?sd=win

3. RIAA tactics - I have told you many times before that peer-to-peer (P2P) file-sharing is dangerous because 1) it is one of the top ways to infect your computer with viruses/malware; and 2) it leaves you open to being sued by the Recording Industry Association of America ("RIAA"). Grant Robertson has written a very useful explanation of RIAA tactics in layperson's terms on his blog. If you or anyone in your household is doing file-sharing, I highly recommend that you read the article. Here's the link: http://tinyurl.com/emchs

Since this is a blog, there are comments and they are interesting to read also.

Back to top

9-16-06 - I hate it when someone phones me up for help with some problem and I ask them "what's on your screen?" and they say "blood." - Brian Briggs (BBspot)


1. Some wireless setup tips
2. Don't forget to check the Microsoft Office website for updates
3. International Talk Like A Pirate Day

1. Since almost everyone has broadband (cable/dsl) now and almost everyone has more than one computer, wireless networking has become one of the most popular technologies around. In general, it is very easy to set up a wireless network by buying a consumer-level wireless router. Some of the most recognizable brands are Linksys, Belkin, Netgear, and Buffalo. I don't recommend D-Link products. You buy your router, bring it home, pop the CD into your computer's drive and follow the wizard. And here's where most people make their big mistake - they don't set up wireless security. This is like leaving your front door open and inviting people to come in and trash your house and steal your stuff. Here are some simple things to do to increase security:

a. You need a user name and password to get into the router's configuration screens. Change this from the default setting to something else. Write it down!

b. The SSID is your wireless network's name. Do not leave it at the default (like "Linksys"). Change it to something you will recognize when you see it. Write it down! I suggest that people not use their family name. Remember, wireless networks are visible to foreign computers. That's the way wireless works - it's "in the air".

c. Use wireless encryption. This is like requiring a lock for your front door. For most home users, WPA2-Personal is what you want to use. All devices on your wireless network must support the encryption you choose. If you have an older laptop with hardware that doesn't support WPA, you must use the older and less secure WEP standard. It's better than nothing. You will need to enter the encryption key into each device that you want to connect to the wireless network. Write it down!

If you are in the Fresno area, Elephant Boy Computers is happy to come and set up your wireless network and create a working file/printer sharing network. But because I'm a generous and caring person, here are some links if you want to DIY:

Wireless - Basic Configuration - http://www.ezlan.net/Wireless_Config.html
Wireless - Basic Security -  http://www.ezlan.net/Wireless_Security.html
My New Wireless does not work - http://www.ezlan.net/wireless.html
Tom's Hardware Wireless Security FAQs

2. I'm sure I don't need to remind you all about using Windows Update to keep your operating system patched. However, don't forget about Microsoft Office if you have it installed. Either enable Microsoft Updates (at the Windows Update homepage) or go to:


At the right side of the page, click on "Check for updates". This will take you to another page where you get to click "Check for updates" again. If you are prompted to install the ActiveX component, go ahead. You'll then be shown the security updates for your Office programs.

I have heard of some people running Windows 2000 having difficulties after changing from Windows Update to Microsoft Update, so I don't recommend doing that if you are running that older operating system.

3. Another year, another wonderful September 19th - it's International Talk Like A Pirate Day next Tuesday! Get pirattitude! Arrrrr, Matey!


Back to top

10-12-06 - Sattinger's Law:  It works better if you plug it in.


1. Spam scam
2. Eudora goes open source
3. Patch Tuesday
4. Internet Explorer 7

1. There's a very clever phish email going around lately. Like all good scams, it relies heavily on social engineering. You receive an email to one of your legitimate addresses which appears to be from a large, well-known company like BestBuy or Dell purporting to be a confirmation of your credit card purchase of a Sony Vaio for $2,499. It has an attachment supposedly of instructions, either zipped or as a .pdf file. It looks very, very real and you are alarmed. If you opened that attachment, your computer was infected with an extremely nasty rootkit trojan. Since it was a new infector, your trusty antivirus made not a peep.

The cleverness of this phish is that it looks so plausible; I know at least 10 computer professionals (including me!) who have gotten this in the last few days. Even those of us who most definitely know better gave it a second look.  Remember that antivirus programs work by matching known viral/malware characteristics; if an infector is new, your antivirus will not know about it and your machine will be infected. This particular infector has been sent on to various antivirus companies so they can include it in their virus definition databases, but there will always be new infectors. So this is a good warning - remember not to open attachments and not to rely only on your antivirus for protection. Use good common sense.

2. Qualcomm, which among other unrelated items makes the Eudora email program, has announced that it will stop selling the program and make the ad-sponsored free versions stop showing ads. Qualcomm has opened Eudora up to the Mozilla Project as open source, which means that it will be free and probably improved. Some bits of the Eudora code will undoubtedly wend their way into the Thunderbird email program, which should be interesting and useful. I know that quite a few of you use Eudora, so here is a link to the FAQ about this development: http://www.eudora.com/faq/

3. This is just a reminder that this past Tuesday was Microsoft's "Patch Tuesday". Those of you who don't have Windows Updates set to download and/or download and install automatically should pay a visit to the Windows Update site. You most definitely do want to apply these security patches.

4. Internet Explorer 7 (IE7) is expected to be out of beta and available for download later this month. Here are some links with information about MS's new browser and some pointers about upgrading it.

http://blogs.msdn.com/ie/default.aspx (MS Developer Network blog)
http://www.microsoft.com/windows/ie/default.mspx (IE7 homepage)
http://www.ie-vista.com/index.html (site by MVP Sandi Hardmeier, IE and OE specialist)
http://www.microsoft.com/windows/ie/community/default.mspx (MS page for the IE7 community)

Here's what Sandi has to say about the IE7 delivery method:

"Some important notes... firstly, although IE7 will be offered via Automatic Updates, Automatic Updates will first notify users when Internet Explorer 7 is ready to install and then show a welcome screen that presents key features and the choices to “Install, “Don’t Install” or “Ask Me Later.” In short, you won't be forced to install it, it won't be a silent install, it won't be a hidden install."

Whenever you are installing a major piece of software, follow these best practices:

a. Make sure your data is backed up. You should be doing this regularly, but most definitely before you install something major like IE7.

b. Read about the program first so you know what to expect. Learn how to use it. The MS IE7 homepage and Sandi's site - as well as the program's own Help file - are the best places to start. Take a look at the Community site for even more excellent information.

c. Pay attention to any cautions and known installation issues and don't just install blindly without proper preparation. Here's a direct link to Sandi's Known Issues and suggestions for preparation:


It is best practice to not install beta software on production machines or on any machine which you are unwilling to wipe. So I would most definitely wait until IE7 final is out before installing the new browser. IE7 is only available to people running XP Service Pack 2, XP Pro 64-bit, Server 2003 SP1, and the 64-bit and Itanium versions of Server 2003. It will be included in Vista.

Back to top

11-1-06 - Benford's Law of Controversy - Passion is inversely proportional to the amount of real information available.


1. More on IE7
2. Firefox 2.0
3. Windows Defender final

1. IE7 is due to be rolled out via Automatic Updates today. Per fellow MVP PA Bear (who knows all about IE7):

Required reading before installing IE7 (and I'd strongly urge anyone to do so manually, not via Automatic Windows Updates, for best results):

Release Notes - http://msdn.microsoft.com/ie/releasenotes/default.aspx

MVP Sandi Hardmeier's notes on "IE7 Gold", including "Best Practices" Installation Tips <= Read This!

IEBlog : IE7 Installation and Anti-Malware Applications - http://blogs.msdn.com/ie/archive/2006/10/11/IE7-Installation-and-Anti_2D00_Malware-Applications.aspx

What's New in Internet Explorer 7 - http://msdn.microsoft.com/workshop/essentials/whatsnew/whatsnew_70_sdk.asp?frame=true

2. Firefox 2.0 is out and very nice it is indeed. Download and install it; no need to uninstall the older version first. Get it from

3. Apparently Windows Defender is out of beta. I haven't been terribly impressed, but if you are a WD user you should uninstall the beta version and get the final. Windows Defender no longer supports Windows 2000 as it will be out of mainstream support in October 2006. Please refer to the support lifecycle website for more information. Do some reading here first:

Windows Defender newsgroup - Please post your queries to - http://tinyurl.com/9epfo

Please see the Release Notes to learn more about known issues with Windows Defender

Windows Defender Home Page - http://www.microsoft.com/athome/security/spyware/software/default.mspx

Product Information (Links: Overview, FAQ, License Terms/EULA, System Requirements, and Release Notes)

Support and Training - http://www.microsoft.com/athome/security/spyware/software/support/default.mspx

Back to top

11-3-06 - All journeys have secret destinations of which the traveler is unaware. - Martin Buber


1. Microsoft Vista - should you upgrade?
2. Linux offer
3. New online music site

1. Microsoft has announced that their new operating system, Vista, will be officially released to the big manufacturers on November 30th of this year. Retail copies should be available in the stores by January 30, 2007. Since some people may be considering buying new computers for Christmas, I thought this would be a good time to write about whether to upgrade or not and to give you some things to consider before just plunging in.

http://www.microsoft.com/windowsvista/ - Microsoft Vista homepage

A. Hardware

A-1. The computer itself

Most people will move to Vista when they buy a new computer. It is my understanding that the major computer manufacturers - Dell, HP, Sony, etc. - will be offering some sort of upgrade certificate if you purchase a machine from them with XP preinstalled. If you are considering a new computer before Vista comes preinstalled with the idea of upgrading later, you should purchase one that will be able to run Vista satisfactorily. Here are Microsoft's system requirements for Vista. MS breaks this down into two categories: "Vista Capable" and "Premium Ready". Here's a link to the "Get Ready" site - http://www.microsoft.com/windowsvista/getready/default.mspx

According to this site, the "Vista Capable" machine will have at least:

A modern processor (at least 800MHz1).
512 MB of system memory.
A graphics processor that is DirectX 9 capable.
20 GB hard drive with 15 GB free space.

This is MS marketing-speak, people. This just means you might get Vista to install on this system. Frankly, Vista will run like a dog with these specs. Even XP would be slow on a machine like that. You also will not get the Vista "look", which is called "Aero".

The "Premium Ready" computer will have at least:

1 GHz 32-bit (x86) or 64-bit (x64) processor1.
1 GB of system memory.
Support for DirectX 9 graphics with a WDDM driver, 128 MB of graphics
memory (minimum)2, Pixel Shader 2.0 and 32 bits per pixel.
40 GB of hard drive capacity with 15 GB free space.
DVD-ROM Drive3.
Audio output capability.
Internet access capability.

Again, this is marketing-speak. You're really not going to want to run Vista on a machine that is running at much less than a 2.5-3GHz processor with a great big hard drive. I wouldn't put less than an 80GB hard drive in a Vista box, and that would be the lower end. As for the RAM, I consider 1GB to be the minimum. If buying a new machine, I'd put in at least 2GB of RAM to start with.

If you have a machine that is currently running XP and doesn't meet my recommended specs, I wouldn't bother upgrading. This is my personal opinion and of course, your mileage may vary. However, I don't see the point in taking a machine that is happily running XP and installing an operating system that is outside the machine's design parameters. It's cruel to our little silicon-based friends and you won't be pleased with the performance. If you have a WinME or - the horror! - a Win98 machine, the only reasonable upgrade is to buy a new machine.

A-2. Hardware peripherals

This means printers, scanners, music players, joysticks, cameras, etc. Every piece of hardware inside or outside that gets attached to a computer has software - called a driver - that tells the operating system how to use that hardware. Without the correct drivers written for your particular operating system, the hardware won't work. While MS certainly goes to great lengths to provide backwards compatibility, not all hardware or software will work in Vista. The hardware manufacturers need to write the drivers and submit them to Microsoft. If UMax didn't write a Vista driver for your older scanner you will be out of luck, so do your research ahead of time.

One thing you should definitely do is run the Windows Vista Upgrade Advisor:

B. Software

Vista is an entirely different operating system from XP. It was written to be far more secure, and that means there are restrictions on program behavior that did not exist in XP. Software developers have been aware of this for a number of years now, but it is up to them to make sure their programs work in Vista - not Microsoft. While Vista - like XP - will have a "compatibility mode" for older software, not every older program will run in Vista. For those of you using "niche software" (industry-specific programs) in your businesses, it is extremely important that you contact the software manufacturer to see what plans they have to make their programs work in Vista. For instance, Intuit has announced that Quickbooks 2006 (and older versions) will not run in Vista. If you want to run Quickbooks in Vista, it will have to be Quickbooks 2007. Do your homework first!

If you have an essential program that will definitely not work in Vista, there are ways to deal with this. You can 1) not upgrade; 2) keep a machine running the older operating system going just for this program; 3) contact the software manufacturer for an upgrade - if they have written one; 4) look into using virtualization under Vista. Elephant Boy Computers is happy to explain options like virtualization and help you test your program under Vista. Just give us a call.

C. Other things to consider

C-1. Patience is a virtue - Unless you are buying a new computer with Vista preinstalled on it, it is always a good idea to delay upgrading to at least 6 months after the new operating system has come out. This will give time for the early adopters to discover all the bugs and problem areas, Microsoft to issue patches and/or service packs, and techs time to figure out how to fix things.

C-2. Cost - At this point, Microsoft is offering five different versions of Vista.

Here is a comparison chart created by MVP Tom Porterfield - http://support.teloep.org/vistaver.htm

At this writing, prices look to be around $200-$400 for full versions; update versions around $100 less. Of course, if you buy Vista preinstalled on a new computer it will be included in the manufacturer's price.

In conclusion, at this point you have these choices after Vista comes out:

1. Do nothing and stay with XP.
2. Upgrade your current machine to Vista if it meets system requirements.
3. Purchase a new computer with Vista preinstalled.
4. Move to a different operating system such as Linux or Apple's OSX. After all, if you are going to learn a new operating system - and make no mistake, that is what Vista will require - you might want to think about choosing something other than Windows.

OSX is a beautiful operating system, but only runs on Apple computers. Now that Apple is using Intel processors, you can dual-boot a Microsoft Windows operating system with OSX or even run it in a virtual machine. Elephant Boy Computers is considering purchasing an Apple laptop next year and if we do, will support OSX.

Linux is a very stable and powerful operating system. See Item #2 of this Report below for more information about Linux.

Elephant Boy Computers will support Windows Vista, just as we do all other Microsoft operating systems.

2. Linux offer - The Linux operating system has been around since 1991. Although Linux has the reputation of being difficult to use, this is no longer true. I have used Linux for many years and it is my operating system of choice. Naturally, Elephant Boy Computers supports Linux.


A great way to explore and play with Linux without touching your Windows operating system is to boot with what is called a "live CD" - an operating system that runs from CD or DVD. To get a good taste of Linux, I suggest booting with Knoppix. If you decide to install Linux, Kubuntu or openSUSE is a good choice. If you are in the Fresno area and would like to experiment with Linux, you can come over and try it on one of my machines. I will also show you how to set your computer to boot from the CD/DVD drive and give you a Knoppix disk to take home. For free! Just give me a call.

3. For those of you who have eclectic musical tastes, I have found an excellent online music site that provides DRM-free music from all over the world. It's called Calabash Music - http://calabashmusic.com/ and the songs are in .MP3 format so you can play them anywhere.

Back to top

12-11-06 - There's children throwing snowballs / instead of throwing heads / they're busy building toys / and absolutely no one's dead!
-- Jack Skellington, "The Nightmare Before Christmas"


1. Various program updates
2. Various MS Word vulnerabilities
3. Reminder that 12/12 is Patch Tuesday
4. Seasonal warning
5. Good Internet safety site

1. There are new versions of Adobe's Acrobat Reader and Sun's Java.

http://www.adobe.com/ - for Adobe Reader 8.0

http://java.sun.com/javase/downloads/index.jsp - for Java 6 (scroll down to about the middle of the page; you want the Java Runtime Environment (JRE) 6)

2. There are a couple of rather serious vulnerabilities in MS Word that aren't slated to receive a patch tomorrow. Basically, this means you need to be extra careful about opening *.doc attachments. But you are already being extra careful about opening email attachments, aren't you? ;-) Here's a link to an article about this at The Register:


3. Tomorrow - Tuesday, December 12th - is Microsoft's Patch Tuesday. For those of you who don't have Automatic Updates set, please go to Windows Update and take care of your operating system. You might want to wait a day or two to let the MS servers calm down as they will be experiencing heavy traffic tomorrow. Even if you have Automatic Updates enabled, don't be surprised if you don't get the little yellow shield right away. Because there are so many computers running supported Microsoft operating systems the company stages updates to balance server load.

As an aside, it is a good practice to set your Automatic Updates to download automatically and then let you know when the updates are ready. This gives you a chance to look at what is being offered. Just click on the "Custom" choice instead of leaving it at the default "Express". You always do want security updates but never driver updates.

4. We're in the full swing of the Christmas season. This means that many computer users have a craving for holiday themes, screensavers, and wallpaper. This also means that many people are in a generous mood, either because charity is a mitzvah (blessing), the eggnog has given them that Warm And Fuzzy Feeling, or because they want to make sure they're on Santa's Nice List instead of the Naughty One. Whatever the reason, scammers know this. Only download holiday decorations for your computer from trusted sources and even then, scan anything you download with your antivirus. Screensavers are particularly prone to being infected because most people don't realize that a screensaver is a program. If you receive requests for charity in emails, delete them. Of course I'm not saying you shouldn't give to charity; just not to that person who sent you an email detailing his/her woes.

5. Here's a relatively new website that is aimed at the "normal" computer user:


The site has some really useful resources and I highly recommend it.

Back to top

1-2-07 - Cheops' Law - Everything takes longer and costs more. Named for the pyramid-builder, who presumably found it out the hard way.


1. More on Vista
2. New Year's Resolutions for you
3. Happy New Year

1. I've installed Vista RTM (Release To Manufacturing - means the final version) on one of my machines (named "Merlin") and am doing a bloggish thing on my experiences with Microsoft's newest operating system. I'll try to update this regularly but since Vista is installed as a dual-boot on my son's computer and he's still on his winter vacation, I won't really be able to work with Vista intensively until he goes back to school next week. For anyone who might be interested, here's the link:


As of this writing, there's only the one entry there. Yes, yes, I'm working on it. ;-)

Although Vista RTM won't be available to the general public (retail) until the end of this month, many of you may be considering the upgrade so I wanted to address that. I haven't changed my mind on upgrading advice, which is basically don't do it yet. When changing to a new operating system, you always must take two ("no, three my Lord") things into account:

a. Driver availability
b. Program compatibility
c. Bugs

a. Drivers - As I'm sure you know, all hardware in a computer must have software which tells the operating system how to use that hardware. This software is called a "driver". Without proper drivers, you might have a physical sound card in the machine but no sound within the operating system. Vista ships with 19,500 drivers provided to Microsoft by the hardware manufacturers. This is far more than XP shipped with and you would think it would be enough, but it isn't. One of the difficulties in working with PC's as opposed to Mac's is that there are thousands of different hardware components, in a zillion* different combinations.

Drivers come from the hardware manufacturers, not Microsoft. Vista has far more stringent requirements for drivers than previous MS operating systems did, which is A Good Thing. Many hardware manufacturers have not written drivers yet for current hardware, have only beta drivers so far (means "not fully cooked"), or will not be writing drivers for Vista at all for older hardware. For instance, Merlin has a very common - and not terribly old - Creative SB Audigy2 ZS sound card. Creative only has beta drivers available and they will expire in 30 days. They work OK, but I will need to uninstall them when they expire and get new ones from Creative at that point. Hopefully they will work. Merlin also has a lovely Logitech G5 gaming mouse which is current-generation hardware.. Logitech has not yet written drivers for Vista, which means that you can't configure the mouse properly. It works, but only with the most basic functions because it is using the generic mouse driver provided in Vista. Because of this, I can't get my son to even surf in Vista - spoiled brat. He insists in booting into XP instead.

Some of the XP drivers for Merlin's hardware worked, and some didn't. So it is still a crapshoot. If you plan to upgrade your existing XP operating system with Vista, I believe the upgrade process will automatically check for potential problems, including driver issues and report back. An interesting fact is that you can no longer do a clean install with an upgrade version of Vista as you could do with the earlier operating systems. Upgrading XP with Vista requires you to install from within the currently installed operating system. If you have Win9x/ME, you will not be upgrading to Vista on that machine. Don't even think about it.

So you must be sure that there will be drivers for all your hardware - motherboard, sound, video, network adapters, joysticks, printers, mice, etc.

*Obviously the exact number is estimated by me based on the "it's a very very large number" theory where you just say "a zillion" and leave it at that. But you get the idea.

b. Programs - You must take the time to research whether the programs you depend upon will run in Vista. In some cases, you will need to upgrade to the very latest version (which may not be out yet). An example is QuickBooks, an accounting program made by Intuit and used by millions. Intuit has announced that no version of QuickBooks prior to QuickBooks 2007 will run properly (if at all) on Vista. On the other hand, older programs may run just fine in Vista either natively or in compatibility mode. The point is that you can't just jump into an upgrade and then find out the hard way that the specific program on which you depend won't run. There will be Tears Before Bedtime, or worse. We'll go into options for running older software on Vista in later Elephant Boy Computers Reports or you can always contact me directly for specific help if you're a client.

c. Bugs - There is no perfect software. Even though Vista had a huge beta testing program (and I was a beta tester) because of the zillions (see note above) of hardware and software combinations possible in PC's, many bugs won't surface until the operating system has been in use "in the wild" for a while. Businesses should never upgrade their operating systems without doing extensive research and testing. A good rule-of-thumb for businesses is to wait until the first Service Pack is released and even then, don't just throw a new operating system onto your production machines. Always use a testbed box first.

For people who bought a new computer this past Christmas from big OEM's (Dell, HP, Sony, etc.) who offered an upgrade coupon - you'll be fine. Presumably those OEM's will be providing drivers and any OEM-supplied preinstalled software with the upgrade. Otherwise, for most end users the smartest thing to do is to wait until computers are available from the big OEM's with Vista preinstalled. That way you'll know the hardware will Just Work. You will still need to research whether your favorite/necessary programs will work, though.

Here are a few Vista links, to which I'll be adding as I collect them:


2. New Year's Resolutions for you to remember:

a. Back up your data
b. Keep your antivirus subscription current
c. Stay safe out there

3. Happy New Year - Finally, let me wish each one of you and your families a very Happy New Year. All of us here at Elephant Boy Computers (me and my thousands of imaginary minions) hope that 2007 brings you Wonderful Things.

Back to top

1-3-07 - If only God would give me some clear sign! Like making a large deposit in my name in a Swiss bank. -- Woody Allen

1. New F-Prot version for home users out.
2. Good antivirus - Avast!
3. Unpatched bug in Apple's QuickTime
4. The 2006 Darwin Award
5. A few interesting websites I like

Yes, yes, I know I wrote you only yesterday but Some Things Have Come Up.

1. For those of you who use F-Prot Antivirus, there is a new version out for Windows 2000 and Windows XP - F-Prot 6. Older MS operating systems are not supported by F-Prot 6. The new version is for home use only; the corporate version is apparently still in beta.  Current subscribers can upgrade to the new version for free. Go to the download site, log in with your Customer Number (you can find this in F-Prot's Updater section), and continue to the Downloads section. You'll see two choices - you want F-Prot 6. You will get a new Subscription Key - write this down because you'll need it during the installation. It is not the same as your old Customer Number. You can run the executable and it will ask you if you want to uninstall the older version of F-Prot. Click "yes" and follow instructions not to restart your computer after the uninstallation. The installation of the new version will commence. At the end of that, do restart your computer.

I use F-Prot on my Windows machines (don't need antivirus on Linux, hahahahah) so I downloaded the new version and have installed it on one of my machines so far. I haven't played with it much, but here are my impressions:

a. The user interface is a definite improvement over the older version.

b. You can now exclude detections, which is a welcome addition for when a scan finds a false-positive or detects something you want to keep and know is safe.

c. The older version of F-Prot would not automatically update from within a Limited User account (XP) without a registry hack. I don't have any Limited User accounts on my machines so I'll need to set one up to test if this has been fixed.

d. There is one thing which may be a deal-breaker as far as me recommending F-Prot 6 to end users; the installation is apparently hard-coded to default to C:\Program Files. For most end users this will not be a problem since they either have only one hard drive and/or their Windows installation is on the C:\ drive. However, it is completely possible to have XP installed on a drive other than C:\  and in fact two of my machines are configured that way. According to F-Prot's site, if you want to install elsewhere you'll need to do the install from the command line with switches. For end users, doing that is Right Out.I will experiment with this and post the results along with the Limited User account question in a later EBC Report.

Here are the subscriber login and the upgrade instructions links:


2. Avast! is a very good antivirus for Windows made by Alwil. They have a free version as well as a commercial version. The free version works quite well. Avast! even installs and works on Vista, so that is what I'm using there.

http://www.avast.com/eng/avast_4_home.html - Free Home version
http://www.avast.com/eng/avast_4_professional.html - Professional version
http://www.avast.com/eng/avast_4_professional2.html - Professional pricelist
http://www.avast.com/eng/av4_version_comp.html - Comparison between Free and Professional versions

Frankly, for most people the Free version is just fine and I recommend it.

3. There is a vulnerability in Apple's QuickTime 7x that as of this writing has not been patched. The vulnerability affects both Windows and Mac OS X  and would allow a user's system to be compromised by hackers. Stay away from questionable sites and watch your pr0n on some other media player until Apple patches the program.


And now for something completely different...

4. Two Florida people have received the 2006 Darwin Award for contributing to the "improvement of the human genome by accidentally removing themselves from it". Read all about it here:


The main Darwin Awards site is here: http://darwinawards.com/ - don't go there unless you have a rather black sense of humor. You Have Been Warned.

5. I thought you might be interested in knowing about a few websites I find amusing and/or useful. Please note that these are sites that I like and so reflect my own peculiar tastes.

Acronyms used:

NASFW - Not always safe for work. May have adult pictures and language. Definitely not for children.
NSFW - Not safe for work, ever. Actually, I don't go to any of those types of sites but I thought you might like the definition. ;-)
FF - Family-Friendly. Safe for children and adults of all ages.

http://www.boingboing.net/ - One of the oldest "interesting things" sites around. In fact, its motto is "A Directory of Wonderful Things". NASFW

http://www.penny-arcade.com/ - A famous web comic aimed at gamers. NASFW
http://en.wikipedia.org/wiki/Main_Page - Wikipedia is always interesting, not always accurate.
http://cuteoverload.com/ - Pictures of adorably cute animals. Awwwwww. FF

http://consumerist.com/ - NASFW because of language, not pictures. A blog whose motto is "Where Shoppers Bite Back". Very useful and interesting. Includes the Walmart Nazi T-shirt watch, now in its 52nd day.

http://bibliodyssey.blogspot.com/ - FF but I don't think children would care for it. BiblioOdyssey is a visual blog where the owner posts scans of rather wonderful images from "Books, Illustrations, Science, History, Visual Materia Obscura, Eclectic Bookart". Lovely stuff, but don't go there unless you have broadband.

http://xkcd.com/ - One of my favorite web comics. NASFW because of language and subject matter. The drawings are done with stick figures so you can't see any naughty bits, but sometimes they are referred to. The comic is unabashedly for geeks and math people, calling itself "a webcomic of romance,sarcasm, math, and language".

Well, that's enough for now. It's time for me to explore Vista some more and later, brush the cats. My life is one of stunning interest and diversity.

Back to top

1-22-07 - Ce qui embellit le désert, dit le petit prince, c'est qu'il cache un puits quelque part... ("What makes the desert beautiful," said the little prince, "is that somewhere it hides a well.") -- Antoine de Saint-Exupery, "Le Petit Prince"


1. Outlook users and the new Daylight Savings Time rules.
2. More on Vista
3. Buying a new computer (related to #2 above)

1. In August of 2005 the United States Congress passed the Energy Policy Act. The Energy Policy Act changes the start and end dates of daylight saving time (DST). When this law goes into effect in 2007, DST will start three weeks earlier (March 11th, 2007) and end one week later (November 4th, 2007) than what had traditionally occurred.

Those of you using Outlook 2000, Outlook 2002 (Office XP), or Outlook 2003 should download the Time Zone Data Update Tool from Microsoft. Here's the MS article:


For most of you, the information about Exchange Server will not be applicable, but the rest of the article will be and it is worth taking the time to read it if you rely on Outlook for your email and calendaring.

For more information about how to prepare for changes in daylight saving time in 2007 for all affected Microsoft products, visit the following Microsoft Web site:


2.  I'm getting quite a few questions about Vista as we are getting closer to its retail release date (1/30). I'd like to repeat my previous caution:

Do not upgrade lightly. Run the Vista Upgrade Advisor and make sure your computer meets/exceeds Vista system requirements. Vista will not even install on a computer with less than 512MB of RAM. If you have a computer that was designed for Windows 98/ME, it will not run Vista. Buy a new machine.

I'm still suggesting that people who wish to buy a new computer soon wait until Vista is available preinstalled. This will insure that all OEM (Dell, HP, Sony, etc.) drivers and preinstalled software will work.

If you must buy a new computer and get it with XP preinstalled, be aware that in order to have the fancy Vista user interface  (Aero) you must have the right video card. Computers that are being sold "Vista Capable" instead of "Vista Premium" mean that they can run Vista but not the Aero interface. Most big OEM's like Dell and HP are offering a "free express upgrade to Vista" on their machines that currently come with XP preinstalled.

Make sure that all your important programs will run on Vista. This means going to the program mftr.'s website and reading any information available. Make sure that all your peripherals such as printers, scanners, PDA's, etc. will work with Vista. If they will require new drivers/software, you'll need to get this.

Be an informed consumer or you may have an unpleasant experience with Vista.


Like XP, Vista comes in more than one version. You can read about the different versions at the link above. Most home users will want Vista Home Premium.

I've been working on learning Vista and there is some information at my website here:


You can read my Vista Diary, an informal bloggish page about my experiences with Vista, here:


There aren't a lot of entries right now since I've been working on learning Apple's OS X on my new MacBook for the last week. See #3. below for more about that.

And understand that you must be willing to learn a new operating system. Much about Vista will be familiar to XP users, but much is different.

I do not suggest that businesses upgrade to Vista at this time. Wait at least 6 months or until the first Service Pack comes out. Do your research about any industry-specific software you use first.

3. Buying a new computer

a. General comments - The first thing to do when considering purchasing a new computer is to ask yourself what you want to do on the machine. If all you do (and will ever do) is email, word processing, and play Solitaire you will want a different machine than one on which you will do video editing, photo management, 3D gaming, creating music, etc. You can buy a much less expensive machine for the first situation; you will be unhappy if you want to do some of the latter items if you buy only a basic PC.

As a general rule, except for some very basic PC's, you can upgrade the memory, hard drive, optical drive, and video card later so if your budget doesn't allow you to get the Desktop you really want, buy one with a fast processor and leave the other components at the default. Whether you buy a lower-end machine or not, I would not buy any computer with less than 1GB of RAM and without a DVD burner.

Laptops are different since in most cases you can only add memory and a bigger hard drive. I think you should buy the most machine you can afford when you purchase a laptop. Always buy at least a 2-year warranty and matching accidental insurance when you purchase a laptop. Only buy a laptop from a well-known company which you believe will be around for a long time. Since many parts on laptops are not user-serviceable, your hardware tech support/repair will come from the laptop mftr.

b. Should you buy a Mac? - I've had quite a few clients ask me this lately, particularly since now that Apple is using an Intel processor you can dual-boot the Mac OS X with Windows (or use Virtual Machine software).

As a new MacBook owner, I can tell you that the MacBook is truly lovely. But there is no perfect hardware and there is no perfect software. Here are a few things to ask yourself first:

1. What do you want to do on the machine? This will help you make the decision as to which Mac you buy.

2. Are the programs you need to use available in Mac versions? Do you want to purchase them? If you have a lot of expensive PC programs such as Photoshop and Microsoft Office, you would need to purchase new ones for your Mac.

3. Will any peripherals you have (printers, PDA's, etc.) work on the Mac? Remember, you must have drivers for all your hardware for whatever operating system you are running. Are Mac drivers available?

4. Are you willing to learn a new operating system? OS X is very user-friendly, but it isn't Windows. An excellent book for people making the switch to OS X is "Switching to the Mac - Tiger Edition" by David Pogue and Adam Goldstein. "Tiger" is the name of the current Mac OS X version. A new version, "Leopard", is expected to be released sometime this year. If you're not in a hurry, you may want to wait.

Back to top

2-15-07 - If you wait long enough, it will go away... after having done its damage. If it was bad, it will be back. - Anonymous

1. Update on Daylight Savings Time patches
2. Vista Grand Openings; Vista and antivirus programs
3. Vista on new machines - be prepared
4. Book review (learning Vista)

1. Microsoft has an updated Daylight Savings Time Help & Support Center:


Apparently the XP SP2 patch will be included in automatic Windows Updates (and this past Tuesday 2/13 was February's Patch Tuesday). If you don't have Windows Update at the automatic setting, go to the Windows Update site. See the DST Help & Support Center for instructions for older Microsoft operating systems and for XP installations that are still pre-SP2.

For Outlook, use Office Update or download the patch directly from the Microsoft Download Center. Since Daylight Savings Time is starting three
weeks earlier (and ending one week later), Microsoft suggests that you double-check with all participants of scheduled meetings during that time to make sure you are all on the same time. This is just good common sense. There are bound to be people who haven't patched Outlook and will think the meeting starts at 2:00 when it really starts at 3:00.

Here's Microsoft's Outlook page about DST:


2. As you probably know, Vista officially came out on January 30th. Many MVPs ("Microsoft Most Valuable Professionals"*) were present at the
various "Grand Openings" at places like BestBuy and CompUSA. I was not one of them, but several MVPs reported some disturbing behavior by store employees at these openings. For example, one BestBuy had turned off the User Account Control ("UAC") feature on all their demonstration models which severely reduces Vista's security, were pushing Norton Antivirus which does not yet work well with Vista, and were trying to sell a
"3-hour setup service" which frankly is excessive to get Vista up and running.

If you do purchase a computer from one of these "big box stores", please be aware of how the store has set up the computer. Be an informed
consumer. Ask questions. We (the MVPs) speculated that UAC was turned off in order to make Vista look more like XP. Vista is not XP. Take the time to learn about UAC and how it protects you from viruses, spyware, and other damage to the operating system.

"What is User Account Control?" - MS Windows Help and How-to


Norton antivirus and security products are not recommended. Ever. Neither are McAfee's offerings. Here is a list of antivirus programs that are certified to be compatible with Vista now (the recommendations and comments are mine of course):

Avast! - Recommended and works (am using this one on my Vista box)

CA Antivirus - Not recommended. Although I liked CA's antivirus offerings a few years ago, they now seem slow to produce virus definitions and their website, customer service, and tech support is awful.

Kaspersky Anti-Virus - Recommended

McAfee (various products) - Not recommended and that's why I'm not giving you the url. If you want it that badly, look it up yourself. ;-)

Norton (various products) - Not recommended; see McAfee comments.

Panda Antivirus - Not recommended; I've never been impressed with this software and it has caused issues on some of my clients' machines.

TrendMicro - Maybe - I've never been a fan of their products on consumer machines although their corporate software is reported to be excellent. Might be worth trying.

Recommended antivirus programs that currently do not work with Vista:

Avira AntiVir (Vista support scheduled for April 2007)

F-Prot (unknown when support for Vista will be available)

Microsoft does have its own combination antivirus/antispyware program - Windows Live OneCare. I cannot recommend OneCare since its antivirus has one of the lowest catch rates in the industry. It may improve, but I don't suggest gambling with your antivirus protection. Use a program that is effective and has a proven track record. Microsoft's Windows Defender antispyware program is part of Vista. It is way too early to know if Vista will fulfill Microsoft's promises about its security or whether it will still be vulnerable to malware. At this point, most security and tech professionals are suggesting that Windows Defender will be adequate for a resident antispyware program. You do not need to buy a separate antispyware program. I do not recommend those "all-in-one" security suites in any case since they are usually too heavy on the system and not all components work equally well.

As for the setup service, you may want a tech to set up your new computer. This is your choice. But you should not think it is*necessary* with Vista, any more than it was *necessary* with Windows XP. Yes, if you want the tech to physically set up the computer, transfer data/settings from an old computer to a new one, install printers, join Vista to an existing home network, get you on the Internet, etc. - that could definitely take 3 hours, or even longer. But if you handled these chores yourself just fine with XP there is no reason to think you can't handle them with Vista.

*Microsoft Most Valuable Professional

3. You can no longer can buy consumer-level machines with XP. While computer manufacturers like Dell are still offering XP on their business
machines, you should be making an effort to determine if any crucial niche software your company uses will run on Vista. There's no rush or need to panic; I'm just reminding you to be prepared.

4. O'Reilly is a very well-known and highly-respected publisher of computer-related technical books. O'Reilly offered review copies of various Vista and Office 2007 books to the MVPs. I read "Vista - The Missing Manual - For Starters" and "Vista - The Missing Manual", both by the marvelous David Pogue. Both books are great. The "For Starters" series have less in-depth technical information than the regular "Missing Manuals" but are still rich and meaty. Mr. Pogue writes clearly, with great humor, and covers all the aspects of learning Vista you will need and he does so in an extremely accessible way. Strongly recommended.

Back to top

3-22-07 - The computer allows you to make mistakes faster than any other invention, with the possible exception of handguns and tequila. -- Mitch Ratcliffe

1. Various program updates
2. Some more Vista links

1. If you have these programs, you should update them if you haven't already:

a. Apple iTunes - http://www.apple.com/itunes/download/

iTunes has been updated to be more compatible with Vista. There are still a few problems; Microsoft and Apple are reported to be working on ironing out the last compatibility wrinkles.


b. Apple Quicktime (if you don't have or want iTunes) - http://www.apple.com/quicktime/download/win.html

This update is particularly important if you or your children use MySpace since malicious pages on MySpace have appeared which will take advantage of the vulnerability in older versions of QuickTime to install malware on your computer.

c. Firefox - http://www.mozilla.com/en-US/firefox/all.html

Please note that this update brings Firefox up to version and If you are still running a pre-Firefox 2 version, you need to update. There will be no more updates to Firefox 1.5 after April 24th. There is no reason to remain with Firefox 1.5; Firefox 2 is much better. You don't need to uninstall the old one first; just download the latest Firefox and run the installer.

d. OpenOffice - http://download.openoffice.org/2.1.0/index.html

e. Microsoft Office - Go here - http://office.microsoft.com/en-us/downloads/FX101321101033.aspx

Click on the link for Office Update at the top right corner of the page and follow the instructions that will appear.

Only click on the yellow button "Check for Microsoft Updates" if you are using Microsoft Update instead of Windows Update. There are still reports of problems with using Microsoft Update instead of Windows Update so I continue to use the latter on my Windows machines. If you have Vista, you can only use Microsoft Update.

Remember, keeping your applications patched is as important as patching your operating system.

2. I haven't gotten around to updating the portion of my website concerned with Vista, but here are some useful links about the new operating system:

Homepage - http://www.microsoft.com/windowsvista/default.aspx

Upgrade planning - http://www.microsoft.com/windowsvista/getready/upgradeinfo.mspx

MVP John Barnett - http://vistasupport.mvps.org/upgrading_to_windows_vista.htm

Comparison chart by MVP Tom Porterfield - http://support.teloep.org/vistaver.htm

Windows Vista Solution Center - http://support.microsoft.com/default.aspx/windowsvista

Other helpful general sites -

MVP Kerry Brown's site - http://www.vistahelp.ca
Robert Firth - http://winvistainfo.org/default.aspx
MVP Jimmy Brush - http://www.jimmah.com/vista/
MVP Ramesh - http://www.winhelponline.com
Vista Tips & Tricks - http://www.windowsvistatnt.com/

And for those of you using Windows Mail (Vista's successor to Outlook Express) MVP Steve Cochran - http://www.oehelp.com/

Back to top

4-3-07 - If you drink much from a bottle marked 'poison' it is almost certain to disagree with you, sooner or later. ~ Lewis Carroll

1. Patch for Windows Animated Cursor Handling vulnerability

1. Microsoft is expected to issue a patch today for the Windows Animated Cursor Handling vulnerability. The patch is expected to be on Windows Update today instead of in the normal patch release cycle next Tuesday in order to cope with the widespread exploits that have surfaced. Those of you who have Microsoft operating systems for which there are no security patches (Windows 9x/ME/XP-without SP2) should be particularly careful and follow the suggestions in the Microsoft Security Advisory below.

Microsoft Security Advisory #935423 here has detailed information about the vulnerability and workarounds:

Here is another description of the vulnerability and some workarounds from US-CERT (Unisted States Computer Emergency Readiness Team):

Microsoft Security Central - a site that is of interest to anyone concerned with their computer's security:

Microsoft Support Lifecycle:

4-24-07 - I was reading the dictionary. I thought it was a poem about everything. -- Steven Wright

1. Staying safe online
2. Scammers exploit tragedy
3. Spring cleaning
4. Thunderbird 2.0
5. Dell continues to offer XP as an option

1. Cnet.com has a great guide for keeping your kids safe online - http://www.cnet.com/2001-13384_1-0.html

Remember, it's important to teach your children how to be safe on the Internet as well as in meatspace (the Real World). You don't do them any favors by just saying "don't go there". They will "go there", wherever "there" may be - MySpace, chat rooms, etc. So prepare them instead; it will be good for you to know these things, too.

2. Whenever a tragedy occurs - Katrina, earthquakes, school shootings - the Scum of the Earth are not far behind trying to separate you from your money. Make sure your donations go where they belong and don't make your computer vulnerable. Here's an article from The Register about scammers exploiting the Virginia Tech tragedy:


3. It's Spring! Don't forget to including your computers in your Spring Cleaning:


4. Thunderbird 2.0 is now available. Upgrading is easy; just download the latest version from http://www.mozilla.com and install it. No need to uninstall the older version first.

5. Dell has announced that because of customer demand they will continue to offer XP as a choice (instead of only Vista) on certain consumer systems (business systems were still available with XP). According to the Dell IdeaStorm website, consumers can buy these models of Inspiron laptops and Dimension desktops with either XP Home or XP Pro:

Dell Inspiron: 1405, 1705, 1505, 1501
Dell Dimension: E520, E521


This is a Good Thing because Vista isn't really ready for Prime Time yet. To be fair, this is not completely Microsoft's fault. Many hardware companies - who must write drivers for their devices - apparently were waiting until the commercial version of Vista was released at the end of January. There is still a lot of hardware that is not supported in Vista or the drivers are still in beta, buggy, etc. Also, some major software companies have not been on the ball or have definitely announced (like Intuit for Quickbooks and Adobe for Photoshop) that older versions of their flagship software will simply not be supported on Vista.

Before you upgrade to Vista, make very sure that all your hardware - including peripherals like printers, webcams, cameras, etc. - is supported in Vista. Make sure that all the important programs you use will work under Vista. You do this by going to the websites for the various hardware and software manufacturers and seeing what they say about Vista compatibility.

Business owners who rely on niche software (industry-specific programs) should contact tech support for those programs and find out what is planned for Vista compatibility. Naturally, when Microsoft stops selling XP entirely (probably by January, 2008) your current installations of XP will not magically disappear. But you need to be prepared for when you have to buy new computers and Vista will be your only choice for a preinstalled Microsoft operating system (and possibly no drivers available for XP).

Be an informed consumer and you will not have an unpleasant surprise and Tears Before Bedtime.

Back to top

5-8-07 - Hofstadter's Law - It [a task] always takes longer than you expect, even when you take into account Hofstadter's Law. Named after Douglas Hofstadter.

1. Changes in Microsoft email
2. Old-style worm spreading through usb thumbdrives
3. Save your MS Office settings and other great tips from Lifehacker
4. Live Earth News

1. Microsoft's Hotmail is officially dead. The company has announced that Windows Live Mail will replace Hotmail, Outlook Express, Windows Mail (Vista), and Windows Live Mail Desktop (which was in beta). Apparently you can use the revamped Hotmail (now called Windows Live Hotmail) with the downloadable Windows Live Mail client to be available sometime in the near future.

Here are some articles about it:


And if all the "Windows Live" names are too confusing, there's always:



2. With usb thumbdrives (also called "memory sticks", "flash drives", etc.) so commonly in use now, it was only a matter of time before virus writers would see this as a new opportunity to infect computers. This takes me back to The Old Days when viruses were passed on floppy disks. So be cautious about plugging in a usb thumbdrive from someone else and keep your antivirus updated.


3. There's an article on the always-excellent Lifehacker site about how to save your MS Office settings for transfer to a new computer. Lifehacker has lots of great tips to make your life easier, more efficient, and fun.


4. And in other news, Spinal Tap will reunite to save the earth from devastation as part of the Live Earth concerts scheduled for July 7th. Read about it and see a short film here:


Back to top

5-29-07 - "I invented the piano key necktie! I invented it! What have you done, Derek? You've done nothing! NOTHIIIING!!!!" -- Mugatu

1. Warning about false Microsoft email
2. Apple OS X security udpates
3. Another Apple-related security issue - Photoshop CS3 installation disables the firewall
4. Parental Control software (Windows)

1. As I'm sure you all know, Microsoft does not send emails with patches attached. However, a reminder never hurts. F-Secure has received reports of a new malicious email purporting to be from Microsoft. The "patch" is really a trojan.


Per F-Secure, "The sample contained in the link is now detected as Backdoor:W32/VanBot.CA since 2007-05-28_05.  Updates are always good, but in this case, keep your virus definitions updated instead."

2. All operating systems have vulnerabilities, not just Microsoft ones. If you or a loved one has a Mac, make sure you check for security updates occasionally. Go to System Preferences>Software Update. You can set the checking options there also.

3. During the installation of the newest version of Adobe CS3 on OS X, the Version Cue component will disable the Mac OS X Firewall. Most unfortunately, it doesn't enable it again after the installation is finished. This is a rather nasty security vulnerability, particularly if your Apple isn't behind a router. The fix is very simple - enable the Firewall yourself from System Preferences. Shame, shame Adobe!


4. There is an interesting article about parental control software in this month's issue of "Maximum PC". The article isn't on line yet (http://www.maximumpc.com) but the upshot is that parental control software can be gotten around by a reasonably bright and computer-savvy person. This is nothing new but the interesting thing about the article was how the parental control programs were circumvented. The magazine had three geeks of varying ages try and bypass Net Nanny, PC Tattletale and Safe Eyes. All were successful using different methods.

I'm not a fan of parental control software; I think the best parental control is provided by parents who are watching and who take the time to learn about their computers and teach their kids how to stay safe. Keep the computer in a public room like the family room where you can see what your little darlings are looking at. If the computer must be in the child's room, make unannounced spot checks. When you catch them looking at the naughty bits, use that as an teaching opportunity. Just my two cents and yes, I do have children - two boys, 18 and 14 so been there, done that.

However, if you really want to install parental control software I can suggest two things:

A. Naomi is a free Internet-filtering program recommended by my Brilliant Techie friend Don Olson.

B. The Parental Controls in Windows Vista are quite good and might be effective for younger children. Of course, the disadvantage is that you have to be running Vista. ;-)

Back to top

7-11-07 - "I'm delighted you have survived another night. May I add my own congratulations to the roar of the world's approval? Thank you, sir." -- Stephen Fry as Jeeves

1. Microsoft Patch Tuesday yesterday - 11 bugs fixed, 8 critical
2. Useful new Microsoft webpages
3. Laptops for the kids - school laptop programs

1. Yesterday was Patch Tuesday. You all know what to do. Two of the patches are for Windows Server 2000 and Server 2003 so if you are a small business owner, don't forget to update your server since these are critical.


2. In searching for the link to the Update Bulletin for you, I came across these Microsoft webpages that might be of interest.

http://www.microsoft.com/athome/default.mspx - Microsoft At Home

Aimed at home users with a lot of useful information links. In a welcome departure from the usual Microsoft website design, this page looks very well organized and clear.

http://www.microsoft.com/atwork/default.mspx - Microsoft At Work

This page focuses on work issues - MS Office tips, how to use your laptop in meetings, that sort of thing.

http://www.microsoft.com/protect/default.mspx - Security At Home

Security information and tips for the end user (you!). Again, the page is very well done. There are tips about spyware, how to limit your kids' time online, how to protect yourself.

Good job, Microsoft.

3. It's that time of year when parents are thinking about buying laptops for their kids, either for a middle school laptop program or for your older child to take to college. Before you buy a laptop, check with the school and buy what the school suggests! Here's why:

a. Ease of repair - The reason the school IT Dept. wants you to buy a laptop model on "the list" is because it can be imaged for quick restoration. When setting up large numbers of computers, big companies don't hand-install/configure hundreds or thousands of machines. One computer is set up perfectly just the way the IT Dept. wants it. For a school, this means installing all the school software programs and printers, too. Then special software is used to create an image of the hard drive. This image is applied to all the other computers with the same hardware as the "master". This means that when your kid downloads stuff s/he shouldn't and the laptop is completely messed up, the school IT Dept. can reapply the image and have that laptop back to pristine condition in just a few minutes instead of hours.

Note: You can do this with your own home or small business computers to restore them to good condition quickly. Two examples of imaging software are Acronis TrueImage and Norton Ghost. I prefer TrueImage. Buy the imaging program and a usb external hard drive. The images will be saved onto the external hard drive for quick restoration. TrueImage can also do incremental backups. Backups are A Good Thing.

b. The laptop will need to connect to the school's network. The school will have requirements regarding the operating system and method of connecting. You need to meet these requirements.

c. Expense - See Item a. above. Restoring a laptop to clean condition usually costs nothing if the IT Dept. can image it. If you need to take it to a third-party repair shop (like mine), it will cost anywhere from $120-$160 each time. Most kids, at least the ones in middle school, need to have their laptop restored at least twice during the year. Even if your little angel would never download something dodgy, other kids in his/her class will and persuade other kids to "try this really cool program".

Some other things to consider when buying a laptop for a young person:

a. Sturdiness vs. weight - You want a nice solid laptop because these machines will get a lot more wear than those carried by an adult. They will be put in backpacks and thrown on the floor. So a delicate ultra-light isn't a good choice. However, remember that the kids are going to be carrying the laptops back and forth from school and to classes so a huge 8 lb. machine will also not be a good idea.

b. Don't buy a very expensive laptop for a kid - I work with the Brilliant Don Olson at St. Anthony's School and at the end of every year we need to remove all the School's software from the outgoing 8th grade students' machines. The first time I did this, I was horrified at the condition of most of those laptops. People, they were thrashed. In fact, I came home and hugged my own kid and praised him for taking such great care of what, after all, is really my laptop.

c. Warranty - Definitely buy a warranty *and* the additional accidental insurance. You should always do this for any laptop you buy, but trust me that you will use that warranty on a kid's laptop more than once. You should get at least 2-year coverage; 3-year coverage is best.

d. The gaming question - Boys want to play graphically-intense games (there are heavy-duty girl gamers but they are rare) and they will push you to buy them a fancy gaming laptop instead of the model the school want you to get. Just say "no". Acceptable gaming laptops start at around $4,000. Excellent gaming laptops start at around $6,000. Gaming laptops are heavy, too. These are not suitable for your middle-school child to take to school or for your college-bound young person to take to classes. Go back to the very beginning of this article and read what I wrote: "Buy what the school suggests". Repeat this like a mantra and all will be well.

Back to top

7-21-07 - Clarke's Second Law - The only way of discovering the limits of the possible is to venture a little way past them into the impossible. -- Arthur C. Clarke

1. Various security warnings - people who want iPhones targets; eGreeting cards again; ransomware
2. Windows Home Server

1-A. Botnet targets people who want iPhones.


According to this ArsTechnica article, there is a trojan going around (Aifone.A) that redirects people trying to buy an iPhone from Apple's website to a fake site. Needless to say, if the victims enter their credit card information on the fake site it will go right to the scammers. The trojan is run by end user action such as opening an email attachment. You all are too smart to open attachments, right?

1-B. I previously warned you all about the flood of malware pretending to be eGreeting cards. I just wanted to let you know that the flood has apparently not abated. I see at least a dozen of these a day caught in my spamtraps so Stay Vigilant!

1-C. The return of ransomware - Recently there were a few posts about this in the MS newsgroups so I thought it might be widespread enough (or getting there) to give you a warning. "Ransomware" is malware that, when your computer gets infected with it, encrypts all your files so your data is inaccessible. The malware comes with an extortion note saying that the only way you can get your data files decrypted is to send $300 to the criminals. There's an interesting article about the newest ransomware in The Register, here:


One way the malware is being distributed is via a Monster.com phish. Monster.com is a website for job-seekers (and actually not a good place to find jobs, either). The file is sometimes called Jobseeker_tool.exe. The major antivirus companies such as Kaspersky should have virus definitions for this, so as always keep your antivirus updated and your subscription current.

If you get infected, we might be able to get your data back but the best thing to do is not get infected in the first place. Be careful, stay safe, and always have good and current backups of your data.

http://www.viruslist.com/en/weblog (Blog maintained by Kaspersky analysts)

2. Windows Home Server goes RTM (Release to Manufacturing) - Windows Home Server is an interesting new product from Microsoft. It will come on a device that you'll buy and hook up to your home network. I didn't participate in the beta test, but other MVPs I know did and they thought it was promising. Basically, Windows Home Server will be a device that will be a central place to back up all your data. There are ways of doing this now, but Windows Home Server is aimed at end users - home users - and therefore won't require a high degree of technical expertise to set up and use. According to its homepage, we should start seeing Windows Home Server devices in retail stores by the end of this year.


Back to top

9-13-07 - "If you say something stupid and no one is there to hear it, are you still an idiot?" -- Tycho Brahe, Penny Arcade

1. Firefox Add-ons
2. Picasa Web Albums
3. Best Buy continues being Evil
4. Talk Like A Pirate Day coming up

1. Most of you know that I recommend using Mozilla's Firefox as a browser. Not only is it faster and generally safer than Internet Explorer, it is also far more versatile because of the many extensions that people have written for it. Extensions (also known as "add-ons") provide additional functions for your browser. There are hundreds of extensions for both the Firefox browser and the Thunderbird email client. Some extensions are purely practical and some are just for fun. Here are the main Add-ons pages for Firefox and Thunderbird:


Here are the add-ons I have installed in my Firefox:

Flashblock - https://addons.mozilla.org/en-US/firefox/addon/433
Forecast Fox - https://addons.mozilla.org/en-US/firefox/addon/398
FoxClocks - https://addons.mozilla.org/en-US/firefox/addon/1117
TinyURL Creator - https://addons.mozilla.org/en-US/firefox/addon/126
AdBlock - https://addons.mozilla.org/en-US/firefox/addon/10
Clear Fields - https://addons.mozilla.org/en-US/firefox/addon/2408
Auto Copy - https://addons.mozilla.org/en-US/firefox/addon/383

In Thunderbird, I have several add-ons to add functionality such as:

Delete Junk Context Menu - https://addons.mozilla.org/en-US/thunderbird/addon/149
Signature Switch - https://addons.mozilla.org/en-US/thunderbird/addon/611

Don't be afraid to explore the world of extensions!

2. One of the nicest free image managers is Google's Picasa. Recently the Picasa people have added the ability to set up a web account to share your pictures, right from within Picasa itself. This is very easy to do and free. So stop emailing those pictures to Aunt Sally and post them to a Family Picture Album on the web instead! Note that doing this will not be feasible if you are still using a dialup Internet connection.

http://picasa.google.com/ (Picasa program)
http://tinyurl.com/2egaso (Picasa Web Albums)

3. Best Buy continues being Evil. "PCWorld" reports that Best Buy and Circuit City salespersons push customers to buy unnecessary recovery disks. I've also seen some posts about this disgusting practice in the Microsoft newsgroups recently and one of my own clients nearly got clipped. Luckily for her, she called me first.

There are a lot of you who purchase new computers from these stores and you should be aware that all the extra "services" that they urge you to buy are unnecessary, turning what may be a good deal on a computer to one that is more expensive than if you purchased it elsewhere. So be an educated consumer. If you have questions about buying a new computer, you can always call Elephant Boy Computers for advice. Here's a link to the article:


4. I can't believe another year has gone by already and Talk Like A Pirate Day is almost upon us. Celebrate your piratey goodness (or badness) with the rest of us believers on next Wednesday, September 19th. You don't need anything more than attitude and the ability to say "Arrrgghh, Matey" but if you want to get some pirate accessories, ThinkGeek is a great place to go. Unfortunately you can't loot, but they do take credit cards. ;-)


Avast me hearties - yo ho!

Back to top

10-12-07 - "Just remember what old Jack Burton does when the earth quakes, the poison arrows fall from the sky, and the pillars of Heaven shake. Yeah, Jack Burton just looks that big old storm right in the eye and says, Give me your best shot. I can take it.' " -- "Big Trouble in Little China"

1. eBay Desktop program
2. More on the Storm Worm(s)
3. Zlob trojans related to downloading codecs (long, but serious so please read)

1. eBay Desktop is a new application that interacts with the auction website. Here's an article about it on Lifehacker.com:


I don't use eBay but for those of you who do, this might be a good program. I don't recommend installing the eBay toolbar* but the eBay Desktop might work for you. Oddly enough, I couldn't find a link to it on the main eBay site, but here's a direct link which I got from Lifehacker:


Note that this program is still in beta and you should always be careful when installing beta software.  On XP and Vista, I'd suggest making a System Restore point first.

*In general, stay away from installing third-party toolbars. They often cause issues with Internet Explorer 7 and/or the Windows graphical user interface (Explorer.exe).

2. The Storm Worm is still with us, in many variants. Infection can be extremely difficult to remove so you should be aware of this threat. Websense Security Labs has reported on a new version of the Storm infection. You will get a spam email with a link to a website posting as a free ecard site. No exploit is on the site itself. However, when users click any of the URLs, they are prompted to download and run a file called "SuperLaugh.exe." This file contains the Storm payload code.

Sample email subject line: View your Kitty Card now! (URL REMOVED)

There are many variants of the Storm attacks. A common characteristic seems to be that the malicious email will have a subject line that seems logical and is often tied to current events. For instance, now that it is football season there are subjects referring to teams, games, etc. As always, be extremely cautious about opening email attachments and keep your antivirus program subscription current and its definitions updated.

http://www.websense.com/securitylabs/blog/blog.php?BlogID=147 - Storm Worm Chronology
http://www.cyber-ta.org/pubs/StormWorm/ - fairly technical information but with more links

3. We've seen a lot of serious infections that are caused by users downloading codecs in order to play multimedia files, usually videos. Here is a very good explanation of "codec" from About.com. I quote the information rather than just give you the link because About.com has popups.

"'Codec' is a technical name for 'compression/decompression'. It also stands for 'compressor/decompressor' and 'code/decode'. All of these variations mean the same thing: a codec is a computer program that both shrinks large movie files, and makes them playable on your computer. Codec programs are required for your media player to play your downloaded music and movies.

"Because video and music files are large, they become difficult to transfer across the Internet quickly. To help speed up downloads, mathematical 'codecs' were built to encode ('shrink') a signal for transmission and then decode it for viewing or editing. Without codecs, downloads would take three to five times longer than they do now.

"...there are hundreds of codecs being used on the Internet, and you will need combinations that specifically play your files. There are codecs for audio and video compression, for streaming media over the Internet, videoconferencing, playing mp3's, speech, or screen capture. To make matters more confusing, some people who share their files on the Net choose to use very obscure codecs to shrink their files. This makes it very frustrating for users who download these files, but do not know which codecs to get to play these files. If you are a regular downloader, you will probably need ten to twelve codecs to play your music and movies."

The need to download codecs most often arises when people are using peer-to-peer file sharing (P2P) such as Lime Wire, Shareaza, eDonkey/eMule, WinMX, etc. Another reason is when people want to view "adult" movies and you get a prompt from the website to install a missing codec.

Codecs are licensed by their creators and most are not free. When you have a legitimate music/video player - Windows Media Player, WinDVD, Nero Showtime for example - that program comes with included codecs paid for by the programs' creators so they are free for the end user. As explained in the About.com information above, the problem comes about when your player doesn't include the codecs necessary to view a particular multimedia file. So then the search is on for a free codec that will work and that's where the malware comes in. Most of the malware picked up this way belongs to the Zlob trojan family and some of it installs a rootkit* which makes the infected computer system almost impossible to clean. In most cases, a Zlob infection picked up by downloading dodgy codecs will require a clean install of Windows.

Here is a link from the excellent CounterSpy Research Center which shows you how very nasty one of these Zlob codec-related infections can be:


How do you deal with this issue?

a. You know that using P2P is risky so.... ;-)
b. You know that viewing pr0n is risky so... ;-)
c. If you are a parent, you discuss #a and #b above with your kids and are vigilant about their computer use.
d. Download some alternative video players that may be able to play your files. Here is a list of various players with ratings:


e. Use a different operating system such as Linux. I don't know if there are Zlob versions for Mac OS X so I'd be cautious in this operating system, too.

f. And if you choose to be risky and are running a Microsoft operating system, make sure your data is always backed up since you need to be prepared for a clean install of Windows.

*Rootkits are very serious pieces of malware that run hidden services on your computer, making them difficult and often impossible to remove.

Back to top

10-24-07 - The Dude abides. -- "The Big Lebowski"

1. Online Safety and Security
2. Adobe Reader/Acrobat exploit

1. Various bits of (hopefully) useful information about online safety and security:

A. From Carnegie Mellon University ("CMU"), we have MySecureCyberspace, "A free educational resource created by Carnegie Mellon University to empower you to secure your part of cyberspace". Sounds fancy, but they have some really solid information geared toward you - the end user - and not techies.


This is a large, informative site and well-worth spending some time on. The parents among you will be interested in the many topics in the Family Room such as "Keep Your Kids Safe from Online Predators" and "Feeling Confident About Allowing Kids Online".

Check out some of the articles about Privacy Tools; an Encyclopedia of risks, threats, and solutions; social engineering to trick victims into giving out personal information; and how to keep your small business/home office secure.

I give it 10 gold stars (and not just because my kid goes there!).

B. Linked from MySecureCyberspace, we have GetNetWise. "GetNetWise is a public service brought to you by Internet industry corporations and public interest organizations to help ensure that Internet users have safe, constructive, and educational or entertaining online experiences. The GetNetWise coalition wants Internet users to be just 'one click away' from the resources they need to make informed decisions about their and their family's use of the Internet. More information is available. GetNetWise is a project of the Internet Education Foundation."


GetNetWise has sections on "Keeping Children Safe Online", "Stopping Unwanted E-Mail and Spam", "Protecting Your Computer From Hackers and Viruses", and "Keeping Your Personal Info Private". It also has a database of Internet filtering tools.


C. Although some of us are pretty grumpy about the fact that stores are putting up Christmas decorations and it isn't even Halloween yet, it's never too early to talk about safety while doing online shopping. Here's an article about "Six Online Shopping Scams" from SmartMoney.com:


D. CMU has an online game to teach about how to identify phishing sites. Even though this is a cute game, I recommend it even for grownups.  And you'll be helping the CMU researchers field-test Anti-Phishing Phil. Researchers from the CMU Usable Privacy and Security (CUPS) lab found that "people who spent 15 minutes playing the Anti-Phishing Phil game were better able to identify fraudulent Web sites than people who spent the same amount of time reading anti-phishing tutorials or other online training materials. "

Information about the CUPS test and phishing:

Link to the Anti-Phishing Phil game:

2. New versions of Adobe Reader and Acrobat are now available for download/install to patch a serious vulnerability. Now it is reported that there is a nasty .pdf (the file format for which you need Adobe Reader) malware exploit which takes advantage of the vulnerability (like we're surprised!). Email boxes are being filled up with malware-ridden .pdf attachments. If you open the attachment, your computer will be infected with a trojan that will allow The Bad Guys to control your computer.

So update your Adobe Reader and Acrobat (if you have it - Acrobat is the rather expensive program by Adobe that allows you to create .pdf files; most people will only have the free Reader installed).

Article by The Register explaining the exploit:

Link to the updated Adobe Reader:

Link to the patch for Acrobat:

Back to top

11-3-07 - Dreams are where messages start, not where they arrive. -- Randall Munroe

1. The Ultimate Consumerist Guide to Fighting Back
2. IRS warns of email scam, know if a charity is legitimate
3. More on malware from codecs
4. Off Topic - "Really Achieving Your Childhood Dreams"

1. As Faithful Readers of EBC Reports ;-) you know that The Consumerist is one of my favorite websites. It's a great online resource for a wide range of consumer-related issues. They've just posted "The Ultimate Consumerist Guide to Fighting Back" which gathers a ton of tips in one place.

Section 1: "I've been wronged! What do I do next?"
Section 2: The Consumerist Corporate Executive Directory
Section 3: Success Stories

Here's the link:


2. The IRS has issued a warning about a new email scam going around posing as the IRS and soliciting donations for the California wildfire victims.


"In an effort to appear legitimate, the bogus e-mails include text from an actual speech about the wildfires by a member of the California Assembly.

"The scam e-mail urges recipients to click on a link, which then opens what appears to be the IRS Web site but which is, in fact, a fake. An item on the phony Web site urges donations and includes a link that opens a donation form which requests the recipient’s personal and financial information.

"The IRS also believes that clicking on the link downloads malware, or malicious software, onto the recipient’s computer. The malware will steal passwords and other account information it finds on the victim's computer system and send them to the scamster."

As always, be extremely selective about contributing to charities. Here are a few links to help weed out the real ones from the fakes:

http://ag.ca.gov/charities/faq.php - from the Office of the CA Attorney General
http://www.scambusters.org/charities.html - great resource for scam-related information

3. In the 10/12/07 EBC Report I told you how malware gets into your computer if you install dodgy codecs. Alex Eckelberry of Sunbelt has an excellent illustration of this on his blog here:


Scroll down to the 11/1 entry, "Bundle of mayhem: mmcodecs" for an interesting read. Alex always has good security-related information in his blog and earlier posts such as "Beware targeted fake complaint emails" (10/29/07) are well worth reading also.

And if you want to know why these malware writers are so anxious to infect your computers, read the well-written (accessible to non-geeks!) three-part article "Who's Stealing Your Passwords? Global Hackers Create a New Online Crime Economy" by Scott Berinato here:


4. This is really off-topic for a computer-related report but I was so moved by Randy Pausch's Last Lecture (Words to Live By) and felt that what he said was so important that I wanted to share it with you. Dr. Pausch is a professor at Carnegie Mellon University with a long and impressive list of technological and academic achievements. What Dr. Pausch has to say is vitally important to parents, teachers, and human beings in general. You can watch the lecture online if you have broadband or read it. Although the Lecture lasts about 1-1/2 hours, Dr. Pausch is an engaging speaker and if you possibly can watch it, that's what I recommend. Here's the link:


Back to top

12-16-07 - Words to live by:  "Don't genetically engineer crabs to be as big as men." -- Garth Marenghi

Fun things for Christmas

As we come to the end of the year and are in the holiday season, I thought it would be nice to have a change from all the serious tech talk and just give you some pleasant Christmas-related things.

1. Old-time radio Christmas plays - free, public domain MP3s - http://www.oldradiofun.com/main/?page_id=18

2. The Web is wonderful - How to wrap a present - http://www.wikihow.com/Wrap-a-Present

3. Some fun Christmas (and non-Christmas) desktop wallpapers - http://www.vladstudio.com/home/

You have to be very careful with "free" wallpaper and screensaver sites. This one looks good and also has a lot of other nice Christmas-related stuff - http://simplyxmas.wordpress.com/2007/12/13/desktop-wallpaper-bw-retro-christmas/

This is a very good (and absolutely reputable) site that has tons of skins, themes, icons, and wallpapers to make your computer pretty for the holidays - http://www.wincustomize.com

Caedes is a nice wallpaper site. Here's a link to their Christmas gallery:

And of course, there's Flickr. Here's a link to pictures tagged with "Christmas". They have 1,840,614 photos in this category today!

I put up some Christmasy pictures on my website for you. Some of them are large enough for desktop wallpaper; others are more for clipart. Here's the link:  http://www.elephantboycomputers.com/xmas.html

4. And here is a variety of useful tips from my favorite How-to site, Lifehacker.com:

Do-It-Yourself Christmas Cards Roundup

Pick the Greenest Christmas Tree

Build the Perfect Holiday Playlist in iTunes

Photo Tips for Christmas

How to Photograph Christmas Lights

There are plenty more - just go to http://lifehacker.com and use the search term "Christmas".

5. And of course, don't forget to track Santa's progress around the world from the NORAD website:

I hope you have a very Happy Holiday Season and that the New Year brings you much joy.

Back to top

Current EBC Reports