AOL TV Dinner Software

Here’s a little fun AOL history trivia for the weekend. One day, about 20 years ago, I was reading the directions on a TV dinner box and thought they were funny.
The first instruction was “Take the dinner out of the box”.

The next day at work I used this example at a meeting for the AOL software team.  The TV Dinner instructions were written for a particular type of person. My instructions to the team;  I expected our software to be easy enough so even those people could use AOL.

Here are some other fun instructions that someone Emailed me. Since I refuse to forward the Email to ten of my friends I thought I’d share my favorites here.

On a Sears hairdryer -- “Do not use while sleeping.”

On a bag of Fritos -- “You could be a winner! No purchase necessary. Details inside.”

On a bar of Dial soap -- "Directions: Use like regular soap."

On Nytol Sleep Aid -- "Warning: May cause drowsiness."

On most brands of Christmas lights -- "For indoor or outdoor use only."

On an American Airlines packet of nuts -- "Instructions: Open packet, eat nuts."

On a child's Superman costume -- "Wearing of this garment does not enable you to fly."

 

Direct Revenue invented pot?

Last week there was a hearing for the ongoing case of New York v. Direct Revenue. Last April, I wrote about customer threats toward Direct Revenue in my entry, “Death Threats for A Better Internet”.

If you want to see how frustrating it can be taking spyware vendors to court give the transcript below a read. The judge in this case really doesn’t seem to have a clue and he’s equally rude to both parties. 
Click here for transcript

While the transcript refers to the NY representative as Mr (Scott) Christie, it’s actually Justin Brookman from the NY Attorney General’s office.  There may be other errors in the transcript like the following on page 19.  Regarding Direct Revenue’s former Uninstaller…

“They found that too many people were removing their software removed it and got rid of it. They invented pot.”

Justin assures me he doesn’t recall saying that Direct Revenue invented pot.  
 

 

Video: You Don't Always Die

I think we all needed a break from the Internet Explorer 7 topic so I thought it would be a good time for a BillP Public Service Ad.

I am a huge media junkie so I really can appreciate a commercial that I think will make a difference. Yes, I even TiVo the ads during the Superbowl.  I’ve never been a smoker so I don’t know what makes people quit but this video seems like it would make an impact.  It was created by the folks behind “TheTruth” campaign which has created some impressive ads. It has a great hook so give it a view.

Click image to view video

Cuz you don’t always die from tobacco

 

IE7 Usage at 11.7%

Yesterday I posted a recommendation that you don’t upgrade to Internet Explorer 7. It wasn’t in time for most of the early adopters who visit here. Chances are most of you are curious and will upgrade anyway.

As of yesterday, 11.7% of the folks who came to Bits for Bill had upgraded to Internet Explorer 7. That’s a pretty significant number considering the product was just released and hasn’t been part of an automatic upgrade yet.

Browser Usage

Obviously, these numbers aren’t a scientific indication of the whole market but I’ll keep an eye on the numbers over the weeks ahead and let you know what I see.

Update 11/11: The initial rush to upgrade seems to be settling down.

10–24   IE 7   11.69%
10–25   IE 7   12.40%
10–28   IE 7   14.87%       Firefox 2    5.52%
10–30   IE 7   15.92%       Firefox 2    6.85%
11–01   IE 7   17.08%       Firefox 2    7.93%
11–03   IE 7   18.86%       Firefox 2    9.81%
11–05   IE 7   19.04%       Firefox 2   10.92%
11-07   IE 7    19.48%      Firefox 2    12.85%
11-09   IE 7    20.16%      Firefox 2    13.19%
11-11   IE 7    20.66%      Firefox 2    13.40%
11–13  IE 7     21.61%     Firefox 2     13.75%
11–15  IE 7     21.63%     Firefox 2     13.72%

IE 7, click "Don't Install"

I recently wrote how Microsoft was going to install IE7 as part of an automatic update. I provided information on the “Internet Explorer 7 Update Blocker” After a week of using IE 7 I have decided it’s highly overrated. If Internet Explorer 7 is an example of new advanced technology from Microsoft, they will surely have a hard time selling folks on Windows Vista.

This is by no means a full review of new features or problems with IE 7 but I wanted to share a few issues I’ve found very annoying. I won’t even mention how stupid it is that I can no longer drag the command bar around to customize my menu and controls.

The biggest problem for me is how IE7 reacts after I click on any link.
It freezes.
If I click the wrong link or if it can’t find a page I have to click on the Stop X icon before I can do anything else. As far as I’m concerned, this is a dramatic change in how the browser works and is unacceptable on systems designed for multitasking.

The next annoying problem apparently has to do with how cookies are handled. I’ve already had two cases where I was told to enable cookies before I could continue. First, it happen when trying to follow the refund procedure with Norton Internet Security. That may be another whole Blog story but as of now I don’t know if my $69 refund was processed and can’t get the same screen back. Today it happen again with Quicken as I was trying to use my autobill paying service.

Lastly, I’d like to know why Internet Explorer has re-activated the Alternate User Input service that shows up as CTFMon.exe in my Startup list. This is a component of Microsoft Office and I had this option turned off!

WinPatrol users can select CTFMon.exe and then click the “Disable” button. This will tell Scotty to remove CTFMon.exe from the startup list anytime in the future. Microsoft does provide a better solution on the web page Frequently asked questions about Ctfmon.exe .

Ultimately, if you’ve disabled the feature in Office you can unregister the components so it doesn’t continue to run in the background.

1.	Click Start Button and then select Run.
2.	In the Run… dialog box, enter the following command: Regsvr32.exe /u msimtf.dll
3.	Click OK.
4.	In the Run… dialog box, enter the following command: Regsvr32.exe /u msctf.dll
5.	Click OK.
6.	Reboot

If you find you need ctfmon you can repeat the procedure above without the /u.

IE7 Vulnerability? Not So Much

In the same week that Internet Explorer 7 is released to the public there have been claims of a report of its first vulnerability. While some folks have reported web page incompatibilities Microsoft has denied any security flaw.

According to Secunia “A vulnerability has been discovered in Internet Explorer, which can be exploited by malicious people to disclose potentially sensitive information.”
They even provide a test you can run to check if your browser is vulnerable.  ( Click Here )

My new IE7 browser failed the test

Secunia admits this threat is “Less Critical” but they advocate users disable Active Scripting. Unfortunately, this will also kill the functionality of most web pages including most of mine.

Christopher Budd from Microsoft has been quick to respond saying…

These reports are technically inaccurate: the issue concerned in these reports is not in Internet Explorer 7 (or any other version) at all. Rather, it is in a different Windows component, specifically a component in Outlook Express. While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express.

While we are aware that the issue has been publicly disclosed, we’re not aware of it being used in any attacks against customers.

We do have this under investigation and are monitoring the situation closely and we’ll take appropriate action to protect our customers once we’ve completed the investigation

 

 

IE7 changes include IEFrame.dll

As you have probably heard, Microsoft has posted their first official release of Internet Explorer 7. I haven’t upgraded my personal machines yet, but I have upgraded my Studio test machines. That way I can share my experiences here and with anyone who uses WinPatrol.

As far as WinPatrol goes our users will only see 2–3 possible alerts. The first one for me came when Microsoft tried to add the program ctfmon.exe back into my Startup List. CTFMON.EXE activates the Alternative User Input Text Input Processor (TIP) and the Microsoft Office Language Bar.If you don’t have Office installed, you may not see this alert.
Click here for more information on CTFMON.exe.

The 2nd alert came when IE7 changed the program associated with the file type .URL.

It may not have the prettiest dialogs but WinPatrol is very effective at detecting these changes.
Click for more information on IEFrame.dll.

Lastly, WinPatrol detected that IE7 adds a new Service file to the System32 directory named convert.exe. The title of this Service is listed as “File System Conversion Utility”. The Startup Type is set to “Manual” so it won’t automatically run by itself.

Apple Distributes Virus, Blames Windows

Apple acknowledged today that a number of Video iPods were shipped containing the RavMonE virus. All the iPods left manufacturing after September 12th of this year.


Found on iPod Support and Service Page

What I find hysterical is how on their iPod support page  Apple puts the blame on Windows.

“As you might imagine, we are upset at Windows for not being more hardy against such viruses,..”

They admit Windows computers with up to date anti-virus software should detect and remove the virus but apparently didn’t have updated Windows systems themselves.

What is Zwinky?

“It’s a world of fun. All in one toolbar.”
I recently wrote about Zwinky and how it installs the MyWebSearch Tool bar from a company called IAC Interactive.  While I recommended folks remove the MyWebSearch Toolbar it didn’t seem to bother Ask.com which is also owned by IAC.

I found this week that going to Ask.com and entering “What is Zwinky” the top listing isn’t the Zwinky website.  Instead the top listing is a link to my Bits from Bill Blog.  Now that’s what I call a FunWebProduct!  

Update 10/30: Ask.com has since removed this Blog from their search but I did create a screen shot you can see if you click here.

My discovery that IAC Interactive is connected to StopBadWare.org got a fair amount of attention. It certainly sparked the interest of AntiSpyware crusader Ben Edelman. Ben has spent a lot of time and research looking into “Current Practices of IAC/Ask Toolbars”. He makes a good case.

Ben’s doesn’t approve of the following practices and I agree with him. There are better ways to promote your business than the following.

Promoting its toolbars on sites targeted to kids. Details. Promoting its toolbars through ads that appear to be part of other companies' sites. Details. Promoting its toolbars through other companies' spyware. Details. Installing without any disclosure whatsoever and without any consent whatsoever. Details. Soliciting installations via "deceptive door openers" that do not accurately describe the offer; failing to affirmatively show a license agreement; linking to a EULA via an off-screen link. Details. Making confusing changes to users' browsers -- increasing Ask's revenues while taking users to pages they didn't intend to visit. Details.

Yesterday Spyware Warrior Suzi Turner published her interview with Ben Edelman on her ZDNet Blog.  (Click Here)

If you actually came here looking for specific information on Zwinky and it’s cute little avatars, I would direct you to what our WinPatrol knowledge base recommends.  (Click Here )

 

Update causes OLMAPI32.dll error

There’s a great internal security force in Redmond dedicated to turning out patches quickly after new vulnerabilities are reported in Windows or Office applications. The Microsoft Security Response Center does its best to make the world a safer place.

Unfortunately, anytime new software is released to such a huge world wide audience there’s a good chance some errors will be found that didn’t show up in testing.  Steve Bass reports Tuesday’s update has caused some folks beta testing Office 2007 to lose their Outlook access.

If you’ve been testing Office 2007 and haven’t installed this weeks update, don’t. If you have check out the posts at Microsoft TechNet.

An post yesterday from fbfNlaf says…  

“I have encountered the same error, I get the little popup window with the OLMAPI32.DLL error and neither version of Outlook will work.  This is the second time that the Microsoft updates have shut down Microsoft Products for me.  Last time, I re installed the Office 2007 Beta and it resumed full functionallity, this time the critical updates killed Outlook in 2003 and 2007.  I have reinstalled both and neither works”

It might be time for me to design some “AutoUpdates are Evil” T-Shirts from BillP Studios.

 

Internet Explorer 7 Update Blocker

If you’re a regular Bits from Bill reader you probably know I’m not a big fan of automatic updates. Many security experts don’t agree with my recommendation to wait 7–10 days before downloading and installing Windows updates.

Under some circumstances I will download and install one of Microsoft’s security updates but depending on the threat level I usually wait and let others beta test these patches. 

Next month Microsoft will take a HUGE step and offer Internet Explorer 7 as part of a scheduled Windows Update for Windows XP(SP2) and Windows Server 2003.

There are some folks who don’t want IE7 to be “offered” as part of an automatic update.  Microsoft has created a toolkit designed for Administrators to disable automatic delivery of Internet Explorer 7 as a high-priority update.
To download IE7BlockerTookit.exe click: “Toolkit to Disable Automatic Delivery of Internet Explorer 7”

Run will not block the update. It will only install the tookit in the folder of your choice. You’ll still need to go into a command line and run “IE70Blocker.cmd /B”

But WAIT!
Before you go through the trouble of downloading this tool you could read Internet Explorer 7 Blocker Toolkit: Frequently Asked Questions.  You’ll find out that…

Internet Explorer 7 will not install automatically – the Automatic Updates delivery process will include a welcome screen that offers users choices of Install, Don’t Install, and Ask Me Later prior to installation.

You’ll also learn that for individual users the toolkit adds a single registry key.

HKLM\SOFTWARE\Microsoft\Internet Explorer\Setup\7.0
      DoNotAllowIE70 = 1  (DWORD)

When you’re ready for IE7 you can remove this key
or run “IE70Blocker.cmd /U”. 
At anytime you can also go to http://www.microsoft.com/windows/ie/default.mspx and manually download IE7.

NAV 2007 Application Detection Error

I never thought that Symantec knew who or what WinPatrol was but apparently they think we’re some kind of threat.  New users to Norton’s NAV 2007 are reporting a setup warning that says WinPatrol is incompatible and are recommending users to remove Scotty the Windows WatchDog.  I can understand their fear of competition from Microsoft but they’re big enough to purchase and just kill WinPatrol if they wanted.

There is No Compatibility issues between WinPatrol and NAV 2007

I haven’t found any incompatibility and I can’t image why Norton would feel threatened by WinPatrol.  I also installed Norton Internet Security 2007 which appears to include NAV and it had no complaints about WinPatrol. 

The only issue they might have is that WinPatrol will alert users that Norton is installing numerous auto-run components and  new Services.  That’s what WinPatrol is suppose to do. It shouldn’t be a problem since users already know they’re installing Norton and will likely approve these additions. Perhaps Symantec doesn’t want users to know how many separate programs are installed. WinPatrol PLUS users can also look up information on each of the 10+ autorun components which are registered during setup.

BillP Studios isn’t the only little guy being maligned by Symantec. On the Blog Security Garden, Corrine recently published an article titled “Why is Norton Telling Customers to Uninstall Spybot.”

My real surprise was, except for the bogus warning about WinPatrol, I found Norton doesn’t really suck.  Their 2007 programs appear to be a big improvement over previous suites.

Update 10/10/2006: Ed Foster’s GripeLog at InfoWorld has reported on addition incompatibility alerts. “Norton 2007 Incompatibility Warning Breeds Insecurity”

Microsoft Vista Limits Security Vendors

While I was in Germany this past week life continued on. I can confirm the autobahn is fun to drive on. It’s not just because you can go fast, but people actually stay in the right lane unless they’re going to pass.

I can also confirm that I’ll be writing more about Microsoft’s battle with European regulators over new security features which will give Microsoft Vista a significant advantage over 3rd party security vendors.   Microsoft hints at holding Vista hostage from EU countries if they try to enforce AntiTrust actions. So much for Microsoft’s Twelve Tenets to Promote Competition.   What role BillP Studios will play in this drama was not determined on this past trip but I’ll have more to say.

Here’s some of the news I missed while I was away.
Many of my Blog friends reported on the shameful habits of a new Microsoft MVP.

Malware Advisor: “Adware Vendor Now MS MVP!!!???”
Vitalsecurity.org: "Microsoft give MVP Award to Adware Pusher "
Sunbelt BLOG: "Is this freshly minted Microsoft MVP actually an adware pusher? "

It’s update time again for Microsoft on Tuesday, October 10th.

Washington Post: "Microsoft to Issue 11 Patches Next Week"
Security Garden: "Advance Notice Microsoft Security Bulletin"
Microsoft Security Response Center: "October 2006 Advance Notification"

 

WinPatrol 10.0.5 Beta Test

It’s been quiet here at BillP Studios as we get ready for a new maintenance release of WinPatrol 10. There’s nothing special with this new release but I am looking for some friends of Scotty to give it a whirl.

One of the main changes has to do with how data is read and stored in the Window registry. I’ve never been a fan of registry cleaners and I’ve seen a few cases where over-zealous cleaners wiped out important data saved by WinPatrol.  The new version has some tricks to get around any possible problems.

The other major change is a simple upgrade on my part to Microsoft Visual Studio 2005. The main reason for the change is to prepare WinPatrol to take advantage of some new functions which will be available in Windows Vista. In theory, using Microsoft’s newest compiler shouldn’t break anything but it is still a major change.

I’m heading to Schweinfurt, Germany tomorrow and hope to make this WinPatrol 10.0.5 available to the public soon after I return.  Thank you for your help.

Hotel Ross, Schweinfurt, Germany

Update:  The beta period is now over.  Thanks to all who participated. The newest version is now available at http://www.winpatrol.com/upgrade.html