Friday, August 29, 2008

Is Your Copy of Windows XP Pro Legal?

The Windows Genuine Advantage (WGA) Team announced that deployment of the latest version of WGA Notifications for Windows XP will begin this week. This particular update will include a couple of significant updates, the most interesting of which is the targeting of Windows XP Pro as the most pirated version.
  • This version of the WGA tool will be via the the Windows Update install prompt.

  • This release will be offered to Windows XP Pro as well as those using editions based on Pro code such as Tablet and Windows Media Center. The plan is to narrow the offering to Pro in future releases.
  • If Windows XP fails the validation, at the next logon, the desktop will be changed to a plain black and will include a "persistent desktop notification."
Read the complete story and see examples of the "persistent desktop notification" at Update to WGA Notifications for Windows XP Professional.







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Wednesday, August 27, 2008

IE8 Beta 2 Available!

The IE Team has released IE8 Beta 2 for download. Remember, however, that this is beta software and should not be run in a production environment. As defined by my friend SpyDie:
Beta. Software undergoes beta testing shortly before it's released. Beta is Latin for 'still doesn't work.'
IE8 Beta 2 is available from the IE8 Home Page linked below.

Update 28Aug08 -- IE8 Beta 2 Reviews Added:

References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, August 26, 2008

A Scam In Action

Yesterday I referenced Web of Trust (WOT) as a way to help recognize rogues when surfing the web by warning you before you interact with a risky website. In a comment to that article, Deborah from WOT posted a link to a video illustrating another scam designed to part you with your money. As Deborah explained, WOT tested it on a clean virtual machine and it reported finding over 500 errors, 31 of them classified as severe!

Because the video is a clear example of what people are faced with every day, I decided to share it here. The information presented in the fake scan in the video appears credible so is it no wonder why people panic and fall for these scams? Don't you be fooled!






The extra layer of security provided by WOT will help keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. Definitely worth considering!




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, August 25, 2008

Ethics Over Dollars

Once again Bill Pytlovany chooses ethics over dollars. There will not be an Ask Toolbar included with WinPatrol.

The comment posted by "The Dean" to Bill's post, What's Wrong with Toolbars? provides a clear reason why the security community is so against pre-checked (opt-out) options when installing software. The vendors are relying on users blindly clicking Next -> Next -> Next -> Finish and wallah! Coins in their pocket for the installation.

The trend to include toolbars (or other, usually unrelated, software) when downloading any software is appalling. It is particularly offensive when the download in question is from a security company.

I had just finished Donna's entry, when I saw your update here. Did you notice the insanely long EULA for the Ask Toolbar? Who would download that, if they actually read the EULA? This is my favorite Term:

"5. Security
The Software is exposed to various security issues, and should be regarded as insecure. By accepting this Agreement, you indicate that you understand and acknowledge that by using the Software you may be subject to various security risks from third parties, including the exposure of data you have downloaded or have offered to share and unauthorized access to or acquisition or corruption of search results or other data organized or maintained on your computer by the software, and that you accept all such risk as solely your risk and responsibility."

Nice!

-The Dean
If you skimmed the quoted section from the EULA, go back and read it again. Now you decide. Do you really want software that includes such extras? Like Bill, I suggest tracking the Installers Hall of Shame or at least checking it before installing software. If you have trouble with those long agreements when installing software, use Javacool Software's EULAlyzer™ 1.2 to help analyze the EULAs for interesting words and phrases.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

More on XP Antivirus and Rogue Antispyware

Over the weekend I wrote about Jesper M. Johansson's article, Anatomy of a malware scam. His analysis provides an eye-opener for people who have been fortunate enough to have avoided having their computer infected with a rogue anti-spyware program.

Frequently, people ask how they know if the site they landed on is serving up a safe program or if it is dangerous. One consideration is Web of Trust, a free Internet security addon for your browser. In fact, based on the results illustrated by Certified Bug in What is WOT, it appears that WOT is much more responsive than the formerly acclaimed McAfee Site Advisor.

Other steps to take are to stay up to date with security updates for all your software, not just Microsoft updates, install and maintain anti-virus software and a firewall. Additional solid advice is available in Bill Pytlovany's recent article, Where did my Spyware come from?.

What do you do if your computer does become infected with one of the rogues like XP Antivirus? First and foremost, do not fall for the scam and send any money. Do not click any of the links they provide. Next, I would recommend installing, updating and runing a scan with Malwarebytes' Anti-Malware (MBAM), allowing it to remove what is found. In providing help on the forums, I have seen how effective MBAM is in removing not only rogues like XP Antivirus but other malware as well.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, August 24, 2008

Bad Vibes from "Windows Vista The Pocket Guide"

Long-time followers of Security Garden have frequently seen me mention Vista4Beginners, an excellent site with Tutorials, Tips & Tricks, Windows Vista Tools, and more. I have a lot of respect for the Vista4Beginners site owner and author, . He has devoted an incredible amount of time preparing the wonderful tutorials and other material for his website. Aside from the references from Security Garden and Windows Vista Bookmarks, I frequently provide friends with a new Windows Vista computer links to Ciprian's articles.

In all the time I have followed Ciprian, I have never known him to be negative about another person's work. As a result, you can understand why I was surprised to read Ciprian's most recent article, Windows Vista The Pocket Guide & why you should stay away from this e-book . After I finished Ciprian's article, I decided to investigate on my own.

The first thing that caught my attention was the search results for Rich Robinson's e-book. It appears that Windows Live Search stripped out [Free eBook - Microsoft] from the title in the search results. Using [Free eBook - Microsoft] as part of the title provides the false implication that this is a Microsoft-sponsored book. That is certainly not true. Thus, seeing that set off the alarm bells.

Next, I decided to follow some of the links that were not to the author's website. They appear to be spam -- with the majority to torrent downloads. After my recent tirade about P2P programs, you can imagine my reaction!

Conclusion: It appears that the author is attempting to build up membership at his forum through spam and providing the false impression that his ebook is sponsored by Microsoft. Coupled with my respect for Ciprian, I will continue directing friends and Security Garden readers to sites that I know provide good tutorials, tips and help.

In addition to Vista4Beginners, a few of my other favorites include (in no particular order): Windows Vista Magazine, ITsVISTA, The Elder Geek on Windows Vista, The Road to Know Where, Paul Turrott's SuperSite for Vista. You can count on good information at any of those sites.

Read Ciprian's review here: Windows Vista The Pocket Guide & why you should stay away from this e-book






Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Saturday, August 23, 2008

Fake AntiMalware

Thousands upon thousands of people have been infected with fake (rogue) anti-malware. As Alex Eckelberry illustrates here and here, one source of confusion is the results in Google searches. Others are fooled by phishing emails and others when visiting an infected site.

What, you ask, is wrong with XP Antivirus or Antivirus XP or any of the over 400 applications listed in the RogueNET™ Detection List? Find out in Microsoft MVP Jesper M. Johansson's illustrated article, Anatomy of a malware scam. The particular intallation Jesper illustrates is a scam that too many people have fallen for over the years. Other rogues have an even greater payload, including stealing data, installing additional malware, or remote control to make the infected machine a part of a botnet.

At the end of Jesper's article are key points to keep in mind when surfing the web or looking for antivirus or anti-malware software. Some examples:
  • be extremely careful what you trust
  • question everything that looks even remotely suspicious
  • no website can run an anti-malware scan on your computer simply by your visiting the site
  • no software that pushes the purchase decision so heavily in your face is likely to be legitimate
Enough of my words. It is time for you to read Jesper's article --> Anatomy of a malware scam.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, August 18, 2008

The Windows 7 Team

If you have ever wondered what it takes to create a Windows operating system, you will want to read the latest entry in the "E7Blog" (Engineering Windows 7) by Steve Sinofsky. Steve describes the Windows 7 engineering team as being made up of about 25 different feature teams, where each feature team encompasses ownership of a combination of architectural components and scenarios across Windows.

Breaking it down as he has provides a clearer picture of the pieces involved and the interaction between them, but is much too complex to capsulize. Read about The Windows 7 Team yourself.

Of interest to the international community -- note that Russian has been added to the list of available languages, making the blog now available in French, Chinese, Japanese and Russian.

If you missed my update last Friday, the RSS feeds have been added. You can sign up for subsequent postings using either RSS or Atom 1.0.

Update 19AUG08:

After reading Steve's breakdown of the feature teams, you may enjoy Ed Bott's arrangement of the feature teams into groups and his comments. See My Windows 7 wish list.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

The Lists Have Moved!

The CLSID and other lists used heavily by the security community have moved to a new home, courtesy of Javacool, the developer of the the wonderful software, SpywareBlaster, SpywareGuard, EULAlyzer, and more available from Javacool Software.

Quote from Javacool:
I'm happy to announce a new, dedicated home for the CLSID + other helper lists: http://www.systemlookup.com

The list maintainers, contributors and I have been working on this site non-stop, and enough features are up and running to get it in the hands of the people that need it. smile.gif

Although global search of all lists isn't yet up, you can browse and search by list: http://www.systemlookup.com/lists.php
The following lists are currently available, with more (the O4s and others) coming soon:

* CLSID List - BHOs, Toolbars, SHs, Explorer Bars
* O9 List - Internet Explorer Buttons
* O10 List - Layered Service Providers
* O18 List - Extra protocols
* O20 List - AppInit_DLLs & Winlogon Notify
* O21 List - ShellServiceObjectDelayLoad
* O22 List - Shared Task Scheduler
* O23 List - Services


We look forward to continuing to improve the site and building some great new features to make things even easier.

But for now - Enjoy! smile.gif

Best regards,

Javacool & the List Maintainers and Contributors:

TonyKlein
miekiemoes
Metallica
random/random
nasdaq
teacup61
Marckie
Zupe
Sincere appreciation to Javacool and the many long-time contributors who help maintain this important information for the community.




Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Sunday, August 17, 2008

What's Hot at MMPC?

Tareq Saade reported in the MMPC Blog that three of the five most viewed malware encyclopedia entries last month were Vundo (Virtumundo). Those of us who provide help in the forums removing infections certainly see enough Vundo. Readers should consider why Vundo is dreaded when we see it on a user's computer. As Tareq explains:

"Once running, it typically calls home to acquire advertising material and software updates. As part of this communication, we have observed that it sends information including e-mail accounts details, internet account details, OS version details (including the name of the person that registered the computer), network adapter information (including the MAC address), keyboard layout, crash logs, and a variety of other details about the user on the machine which it has installed itself on.

It also has the ability to auto-update itself, which is another way of saying the people behind it are able to push out any bits they like and have them silently installed on all machines that have Win32/Vundo installed. Further still, it may terminate other legitimate security software in order to protect itself from detection or removal."

Vundo is a nasty infection and one to be avoided. Practice safe surfing; download software only from reputable sites, preferably the software vendor; delete spam emails and don't open unexpected attachments. Keep your system updated with the latest security updates, not only for the operating system but your antivirus and anti-malware software as well.

Reference:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Designing Windows 7

A collective voice has more impact than squeaks. At Vista 4 Beginners, Ciprian is collecting ideas and suggestions to help the Microsoft engineering team deliver an even better operating system in Windows 7, based on your personal experiences with Windows Vista.
  • Do you think Microsoft made mistakes with Windows Vista?
  • Are there missing features you want to see in the next Windows operating system?
  • What features do you think need to be changed in Windows 7 and why?
Share your ideas, suggestions, experiences and improvements at Windows 7 and Windows Vista features that need to be fixed.







Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, August 15, 2008

Beijing Olympics

I don't know about everyone else, but every four years my husband and I always get drawn in to the Olympic Games. It does not matter whether it is the winter or summer games, we enjoy watching athletes from around the world compete.

This year we are getting even more information and access to the programming than ever before. In addition to television programming, there is a wealth of information and video clips at NBC Olympics. We are also taking advantage of the expanded coverage by NBC with what is described as
"an Internet-delivered catch-up TV service powered by TVTonic on Windows Media Center on PCs running Windows Vista Home Premium or Windows Vista Ultimate!"
See Brandon LeBlanc's instructions in Watch NBC’s coverage of the Beijing Olympics in Windows Media Center.

I have now added Donovan West's latest creation, the Beijing 2008 Olympics Medal Count Gadget to the Windows Vista sidebar. The gadget updates every 15 minutes and lists the top five countries. Click on the country name or flag for detailed information provided at Beijing2008.com.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, August 14, 2008

Engineering Windows 7

If you are a "Windows enthusiast" or just interested in technology development, Microsoft has begun to open communications on the next Windows operating system, Windows 7, frequently referred to in blogs and the press as "Se7en".

The opening post is co-authored by Steven Sinofsky, Senior Vice President, Windows and Windows Live Engineering Group, and Jon DeVaan, Senior Vice President, Windows Core Operating System Division. Members of the engineering team are also expected to post, comment, and participate in the Engineering Windows 7 blog.

Surprisingly, comments are turned on for the blog., although there is not an RSS feed at this time. I hope that is added soon.* A pleasant surprise for international audiences is that the blog is also translated into several languages (Currently French, Chinese and Japanese). Hopefully additional translations will be available in the future.
*Update 15Aug08: The RSS feeds have been added. You can sign up for subsequent postings using either RSS or Atom 1.0. (Thanks Joe.)
In the meantime, enjoy the first posting in Engineering Windows 7 and the impressions of Ed Bott and Mary Jo Foley, linked below. After all, the blog is dedicated to all of us:
"The audience of enthusiasts, bloggers, and those that are the most passionate about Windows represent the folks we are dedicating this blog to."
References:


Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Tuesday, August 12, 2008

Security Advisories 953839 and 954960

New Security Advisory 953839

Microsoft is releasing a new set of ActiveX kill bits with Security Advisory 953839 (http://www.microsoft.com/technet/security/advisory/953839.mspx). The update includes kill bits for the following third-party software:

  • Aurigma Image Uploader. Aurigma has issued an advisory and an update that addresses vulnerabilities. Please see the advisory from Aurigma for more information. These kill bits are being set at the request of the owner of the ActiveX control. Customers who require support should contact Aurigma. The class identifiers (CLSIDs) for this ActiveX control are as listed in the Frequently Asked Questions section of this advisory.
  • HP Instant Support. HP has issued an advisory and an update that addresses vulnerabilities. Please see the advisory from HP for more information and download locations. This kill bits are being set at the request of the owner of the ActiveX control. Customers who require support should contact HP. The class identifiers (CLSIDs) for this ActiveX control are as listed in the Frequently Asked Questions section of this advisory.
For more information about installing this update, see Microsoft Knowledge Base Article 953839 which includes answers to questions regarding the KB update.


Revised Security Advisory 954960

Microsoft updated Security Advisory 954960, "Microsoft Windows Server Update Services (WSUS) Blocked from Deploying Security Updates", on August 12, 2008 to communicate that the updated packages released via the Microsoft Download Center on August 1, 2008 are now also available via Microsoft Update. Customers who have already successfully installed the update do not need to reinstall.





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

August 2008 Microsoft Security Bulletin Relase

Microsoft is releasing the eleven (11) new security bulletins described below for newly discovered vulnerabilities. In addition, Microsoft also revised the following bulletins to update detection changes:

MS08-022 – major revision, added XP SP3 detection

MS08-033 – major revision, added XP SP3 detection

MS07-047 – major revision, update detection

MS08-040 – minor revision, update detection


Advisories:

Release Advisory 955179

Revised Advisory 954960



Security Update Bulletins
:

Bulletin Number: MS08-041
Maximum Severity: Critical
Affected Products: Snapshot Viewer for Access, Office Access 2000, Office Access 2002, and Office Access 2003
Impact: Remote Code Execution


Bulletin Number: MS08-042
Maximum Severity: Important
Affected Products: Office Word 2002 and Office Word 2003
Impact: Remote Code Execution


Bulletin Number: MS08-043
Maximum Severity: Critical
Affected Products: Office Excel 2000, Office Excel 2002, Office Excel 2003, Office Excel 2007, Excel Viewer, Excel Viewer 2003, SharePoint Server 2007, Office 2004 for Mac, Office 2008 for Mac
Impact: Remote Code Execution


Bulletin Number: MS08-044
Maximum Severity: Critical
Affected Products: Office 2000, Office XP, Office 2003, Office Project 2002, Office Converter Pack, Works 8.0
Impact: Remote Code Execution


Bulletin Number: MS08-045
Maximum Severity: Critical
Affected Products: Internet Explorer on Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008
Impact: Remote Code Execution


Bulletin Number: MS08-046
Maximum Severity: Critical
Affected Products: Windows 2000, Windows XP, Windows Server 2003
Impact: Remote Code Execution


Bulletin Number: MS08-047
Maximum Severity: Important
Affected Products: Windows Vista and Windows Server 2008
Impact: Information Disclosure


Bulletin Number: MS08-048
Maximum Severity: Important
Affected Products: Outlook Express on Windows 2000, Windows XP, Windows Server 2003. Windows Mail on Windows Vista and Windows Server 2008
Impact: Information Disclosure


Bulletin Number: MS08-049
Maximum Severity: Important
Affected Products: Windows 2000, Windows XP, Windows Server 2003, Windows Vista and Windows Server 2008
Impact: Remote Code Execution


Bulletin Number: MS08-050
Maximum Severity: Important
Affected Products: Windows Messenger on Windows 2000, Windows XP and Windows Server 2003
Impact: Information Disclosure


Bulletin Number: MS08-051
Maximum Severity: Critical
Affected Products: Office PowerPoint 2000, Office PowerPoint 2002, Office PowerPoint 2003, Office PowerPoint 2007, Office PowerPoint Viewer 2003, Office Compatibility Pack for 2007 File Formats, and Office 2004 for Mac.
Impact: Remote Code Execution


References:

MSRT: Microsoft Windows Malicious Software Removal Tool
MSRC BLog: August 2008 Bulletin Monthly Release
TechNet: Microsoft Security Bulleting Summary for August 2008



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Friday, August 08, 2008

Security is Everyone's Domain

The story began in February when security expert, Dan Kaminsky discovered a serious DNS ("Domain Name Services") vulnerability. What followed was a high level meeting in Redmond, Washington, an incredible coordination and behind-doors work resulting in the largest simultaneous software patch in history on July 8, 2008. You can read the amazing process in Seattle security expert helped uncover major design flaw on Internet by Daniel Lathrop and Paul Shukovsky.

Another contributory event, described in the newly born MSRC Ecosystems Strategy Team Blog, Threats in a Blender, and Other Raisons d'ĂȘtre, as the Blended Threat, resulted in Microsoft Security Advisory (953818), "Blended Threat from Combined Attack Using Apple’s Safari on the Windows Platform" and About the security content of Safari 3.1.2 for Windows

These and other events have culminated in the beginnings of a "community-based defense" system. As described by Microsoft’s George Stathakopoulos on ZDNet in Security is everyone’s domain:

"It is time we come together and use the combined strength of the industry, partners, customers and public organizations, and act in unison to build a more secure environment for everyone.

It is time for industry to adopt a community-based defense approach."
The process described by Stathakopoulos includes
Collaboration
Sharing Development Best Practices
Investments in Security and Defense Knowledge
In a coordination effort, referred to as Microsoft Vulnerability Research (MSVR), the Microsoft security team will work with third-party vendors, providing specific vulnerability information and assisting in the creation of updates.

In conjunction with MSVR, Microsoft also announced MAPP (Microsoft Active Protections Program). Through MAPP, Microsoft will provide other security vendors advance information about vulnerabilities addressed by Microsoft security updates, thus allowing those vendors to provide similar protection to their customers on a much faster timeline.

Also announced is the Exploitability Index which will provide guidance on the likelihood of functional exploits being developed for vulnerabilities addressed by Microsoft security updates. Risk management and deployment of security updates involves a considerable amount of time in the corporate IT world. The Exploitability Index, to be included as part of Microsoft’s monthly security bulletin release, will assist in the evaluation.

MSRV, MAPP and the Exploitability Index were announced by Microsoft at Black Hat USA 2008. Another security enhancement of interest, announced by Jerry Bryant, Business, Operations & Communications Manager on the Security Response Communications team, is the publication of the monthly Security Bulletin Webcast Questions & Answers on the MSRC Blog. This will be helpful to IT Professionals who are unable to attend the webscast.

I applaud the collaboration efforts that will be involved in these programs and hope that the security vendors are both receptive and take an active part in the process.

Additional Reading and References:



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Thursday, August 07, 2008

August 2008 Advance Notification

Next Tuesday, August 12, 2008, Microsoft is planning on releasing twelve security updates. Of the planned updates, seven are expected to be listed as critical and the remaining five as important.

For complete details, please refer to the Microsoft Security Bulletin Advance Notification for August 2008.


References:





Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...

Monday, August 04, 2008

P2P (Peer to Peer) Nightmare

Regular Security Garden readers may have wondered why so many days have passed since my last blog post. Aside from real-life activities and forum administration duties, a considerable amount of my free time has been devoted to helping someone clean a Chinese language Windows XP computer.

As an English-only reading person, the Chinese characters did not make reading the logs any easier. But that was not the most difficult part. Apparently file-sharing with P2P (Peer to Peer) programs is particularly common in China. Through many hours of research attempting to identify some of the unusual files on the computer, I discovered that the person actually began getting help at a Chinese help site in May, with the impression that the computer was clean. When the symptoms recurred shortly thereafter, the person requested help at an English-language site in June and eventually cross-posted at a site where I provide help -- each time with a different user name.

When presented with a choice as to which place the person was going to continue receiving help, much to my chagrin, the person elected to have me continue and posted a closing at the other site. With the difference in time, I would spend a good part of the evening studying and researching the logs and providing instructions. The results would be posted the next morning while I was at work, so again I would spend more evening time analyzing the results.

I was not the only person studying the logs. We have a very interactive team and they were also spending time trying to get to the bottom of the problem. Each time a new scan was made, new files turned up infected.

The person being helped was resistant about removing programs identified as questionable, saying they had been used for years! Finally, it became necessary to issue an ultimatum of sorts. Either remove the dodgy programs and P2P software or the best advice I could give would be to reformat the computer.

Now we get to the reason for this long-winded post . . .

If you use P2P programs you will likely find your computer being in the same state as that person I and others spent so many hours helping clean. Some of the Security Forums are even beginning to refuse assistance if P2P programs are installed on the computer.

Use of P2P programs can result in identity theft or exposing confidential or sensitive employee information. The list below illustrates many reasons why P2P programs are dangerous and why members of the security community advise against their use.
  • P2P programs form a direct conduit on to your computer.
  • P2P security measures are easily circumvented.
  • Some P2P programs will share everything on the computer with anyone by default. If your P2P program is not configured correctly, you may be sharing more files than you realize.
  • There have been cases where people's passwords, address books and other personal, private, and financial details have been exposed to the file sharing network by a badly configured program.
  • P2P programs have always been a target of malware writers and increasingly so of late with Viruses, Worms and Trojans being distributed with the downloaded files.
  • P2P programs connected to a network can be used to spread malware, share private documents, or use the file server to both store and forward malware.
  • Many of the files in P2P networks are copyrighted and legal action could result.
  • Paedophiles can use P2P communities to distribute child porn materials or attempt to make contact with children.
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

By the way, the person did agree to uninstall the P2P programs and we proceeded with what appeared to be a final cleanup. Then, what did I spot that had been downloaded to the computer again? Yes, you are correct -- two of the programs previously removed. That was when I provided instructions for removing the tools used in the process and wished the person luck.



Remember - "A day without laughter is a day wasted."
May the wind sing to you and the sun rise in your heart...