Reducing the risk of contracting malware on Macs

A great article to help you Mac users out there, from TechRepublic:

 

As of late one of the most talked about topics regarding Macs on the web today is malware, in particular the Flashback trojan. For nearly 10 years, the Mac has managed to successfully maneuver safely through the turbulent waters of the Internet with a pretty solid track record. But, as more Macs are increasingly being adopted and as the Internet continues to become more complex, the risk for contracting malware will continue to grow for some time to come. Apple is working to reduce the impact of infections in several ways:

• using the Mac App Store to filter out harmful applications
• providing software updates and patches
• increasing security measures in each version of OS X.

It’s unlikely that Apple will ever completely protect Macs from the harsh realities of the web, but the Mac is indeed a very secure platform and with a little effort, you can reduce yours or your users’ risk of being infected.

Best practice tips for Mac users

 

 

First, remind Mac users of the basics of how one can be exploited by malware and viruses. Fully understanding a computer’s vulnerabilities helps to reduce the odds of contracting one in the first place. Users should understand that the most common ways to contract malware is by using applications that share files. Applications such as Mail, browsers such as Safari, Firefox, and Chrome, and iChat/Messages can be easily compromised by malware because they all have the ability to share files in one form or another.

 

In most cases, it is the naive or reckless user, and not the computer, that is easiest to convince into installing malware through social engineering. This is true for all systems, regardless of OS. Malware often times present itself as a harmless file or as a familiar application in which it will attempt to convince users to click and install.

 

More sophisticated malware attempts to take advantage of lesser known services or applications running on a computer. In the case of Flashback, two methods were used. Initially Flashback would present itself as an update to Adobe Flash, convincing the user that it was a necessary update. Eventually, Flashback evolved to take advantage of a flaw in the version of Java installed on the Mac. These are the most common ways in which a Mac or a PC can contract unwanted malware.

 

Since the most vulnerable application on any computer is the browser, I’m going to run through a few tips that should work with most browsers, but I’m using Safari, the default browser on the Mac, as the example.

 

Turn off open safe files

 

Safari, as well as other browsers and mail applications support a feature designed to make life a little easier that allows for known safe files to immediately launch after downloading. Disabling this feature reduces the possibility of initiating the installation of a file that could be passing itself off as something far less harmless. The setting can be found in Safari’s Preferences pane.

 

Disable Java

 

First and foremost I want to be clear, Java is not JavaScript, and where the Internet is concerned most of us experience a web where Java is rarely needed. JavaScript on the other hand is frequently employed on the web and though disabling JavaScript will indeed make your Mac more secure, it’s a technology that we on the web have become heavily dependent on. When Java is needed on the web, you will often be presented with a request to install Java when it is disabled. When you’re in a situation where you require Java, it is a simple as opening up your browser preferences and enabling it for use to accomplish your task. Disabling it once again when you’re finished will again assist in the prevention of contracting malware.

 

Disable plugins

 

Most of us will grapple with this request, however, the web is moving more and more away from the use of plugins such as Flash and more toward HTML 5. If you’re willing to compromise some of your web experiences, you will both be protecting yourself while helping the web to move in a positive direction. Many websites rely on Flash, however, if users are visiting these sites with plugins disabled, webmasters are able to see how many people are visiting the site and what technologies they are using to access it. If a significant number of users do so without plugins, webmasters will be more likely to consider making the jump from Flash, an application that is often unstable and vulnerable to attack, to using HTML 5 — and do it more rapidly. In the end, disabling plugins benefits us all.

 

Each of these steps will help to reduce the odds of infection, though it’s important to remember that there is no such thing as an impenetrable computer connected to the Internet.

The malware numbers game: how many viruses are out there?

From ZDNet:

 

How many strains of malware are in circulation right now, for Windows PCs, Android devices, and Macs?

That seems like a straightforward question, but the answer is far from simple. And the number might be a lot lower than you think.

If you check with the leading security companies, you might be tempted to pick an answer in the millions. After all, that’s how many listings you’ll find in the definition files for common antivirus programs. At day’s end on April 12, for example, Symantec published the summary shown below, noting that its latest Virus Definitions file contained 17,702,868 separate signatures.

Oh my. 17.7 million? That certainly sounds like a very big number. But before you get swept away, it’s worth taking a closer look at what it really represents.

Eight days earlier, on April 4, that same Norton/Symantec definition file contained 17,595,922 separate detections. With 106,946 additional definitions in a mere eight days, you’d probably conclude that malware is out of control.

Because the Norton brand name is primarily associated with Windows PCs, you’d probably also assume that all of that activity was aimed at the Windows platform.

And you’d be wrong in both cases.

Definition files are a great way of assessing the degree of activity at a computer security company. They vaguely measure the current intensity level of the cat-and-mouse game between malware authors and security companies. But counting signatures says nothing about what’s new.

I took a closer look at the Symantec definitions for that week and found a very interesting story.

Symantec, to its credit, publishes detailed information about what’s in each new definition file, including what’s new. On any given day, it displays the total number of new and revised detections, followed by their details, like this:

In the eight days between April 5 and April 12, only 12 new detections were added to Symantec’s certified definition file, with six of them added on a single day, April 10. Here’s a breakdown:

• Three were generic detections for malicious packages (Packed.Generic.360 through .362). These aren’t really new strains of malware, only new forms of packaging. The accompanying writeup calls each one a “heuristic detection for files that may have been obfuscated or encrypted in order to conceal themselves from antivirus software.”
• Four are generic detections for existing fake antivirus packages (Trojan.FakeAV!gen90 and gen91, SmartAVFraud!gen2, and SecShieldFraud!gen5). These are also heuristic detections, designed to identify rogue anti-malware programs by their behavior rather than by their ever-shifting content.
• Two were aimed at Android-powered devices: Android.Tigerbot and Android.Gonfu.D are both backdoors found in malicious Android apps.
• One new entry is simply called Adware.SafeTerra, with no associated description.
• One new entry is for something called Trojan.Darkshell, which has only a vague description (“may perform distributed denial of service attacks”).
• One is the infamous Flashback, for Macs, formally known as OSX.Flashback.K.

The total number of named entries listed in the summary of those definition files during that period was 303—12 new and 291 revised. So where does the 100,000+ number come from? It appears to be a count of individual pieces of identifying data—signatures—associated with those named entries. Counting every signature is an easy way to get to an impressively large number, but it isn’t an accurate way to asses the current threat landscape.

That list includes a lot more than malicious software, too. Categories include Adware, Hack Tool (many of which are legitimate), Joke, Misleading Application, Potentially Unwanted App, and Security Assessment Tool. When I excluded those categories, I ended up with only 213 named entries in the Trojan, Worm, and Virus categories.

I was surprised to find that many of the definitions on this list are for very old pieces of code. During this one-week period in April 2012, Symantec updated its definitions for the following pieces of ancient malware and bumped up the counter in its definition files accordingly:

• The SubSeven Trojan, which was a big deal in the late 1990s but was officially shut down in 2003
• W32.Chir.B@mm, a mass-mailing worm from 2002 that targets Internet Explorer versions 4 through 5.5
• Spybot, a family of worms that spread using the Kazaa file-sharing network and a variety of Windows 2000/XP flaws that were patched in 2003
• Netsky, a 2004-vintage mass-mailing worm
• Mydoom, another mass-mailing worm that spawned one of the first botnets; it was programmed to do most of its damage in February 2004 and fizzled out within a few years

In addition, these April 2012 definition files include multiple revised detections for Waledac and Rustock, the Trojans responsible for two prolific spam botnets that were decisively shut down inFebruary 2010 and March 2011, respectively.

For each named entry, Symantec includes the date when that entry was first added to its definitions list. Out of the total of 213 new named entries on the list, more than 85% were from 2010 or earlier. Only 31 entries were discovered in 2011 or 2012. And one-third of those were from non-Windows platforms.

Two of the recent samples were for OS X—the original OSX.Flashback, from last fall, and the newer OSX.Flashback.K, which wreaked havoc on Mac owners over the past month.

Most interestingly, eight entries on the list—more than 25%—were for Android-related malware. Given the size of the Android installed base and the lack of any central control over Android app markets, that shouldn’t be surprising. On its Latest Threats and Risks list, Symantec includes writeups for more than 80 Android-related programs, most classified as Trojans or Spyware. That’s 11% of the total of 720 items on the list.

To make sure those numbers were representative, I looked at the Symantec definitions database for the entire month of March. In all, 66 new named entries were added to the list, or about two per day. Of that total, 36 represented new, named Trojans, viruses, and worms. Five of them were aimed at Android devices, one targeted OS X (no, it wasn’t a Flashback variant), and there was one new entry each for Symbian OS, Linux, and an Adobe Flash Player exploit.

In its 2011 Security Intelligence report, released earlier this year, Microsoft security researchers noted the problem with trying to measure the threat landscape by counting unique malware samples:

Ever since criminal malware developers began using client and server polymorphism (the ability for malware to dynamically create different forms of itself to thwart antimalware programs), it has become increasingly difficult to answer the question “How many threat variants are there?” Polymorphism means that there can be as many threat variants as infected computers can produce; that is, the number is only limited by malware’s ability to generate new variations of itself.

If you look carefully at the Windows malware landscape over the last 10 years, it’s apparent that a relatively small number of families are responsible for almost all the damage we’ve seen. I’ll look more closely at those families, and the evolution of Windows malware, in a follow-up to this post.

How do I create and configure a network with Windows 7 HomeGroup?

A great article from TechRepublic, for all you Windows 7 users out there…..

 

The HomeGroup feature in Windows 7 is essentially a peer-to-peer workgroup/network that has been redesigned to make it simpler for home users to set up a home network. While this is essentially true, there is more to a Windows 7’s HomeGroup feature than meets the eye.

Even though a HomeGroup works like a standard peer-to-peer workgroup, behind the scenes it does in fact share some of the networking functionality of a domain. For example, the computers in a HomeGroup have an inherent machine trust and there are consistent user identities throughout the network. As such, the Windows 7 HomeGroup feature is ideal for a small- to medium-sized business network — despite the name.

In this edition of the Windows Vista and Windows 7 Report, I’ll investigate Windows 7’s HomeGroup feature. As I do, I’ll show you how to create, configure, and take advantage of a HomeGroup.

This blog post is also available in PDF format in a free TechRepublic download.

What is a HomeGroup?

As an enhanced version of a peer-to-peer workgroup designed for the new operating system, only computers running Windows 7 can actually participate in a HomeGroup. However, Windows 7, XP, and Vista systems can all participate in a standard workgroup network configuration, sharing folders and accessing shared folders just like normal.

You can also use workgroups and HomeGroups side by side. More specifically, you can have several Windows 7 systems participating in HomeGroup on the same physical network as several Windows XP and Vista systems participating in a workgroup.

You can join a HomeGroup in any edition of Windows 7, but you can create one only in Home Premium, Professional, Ultimate, or in the Enterprise edition. The fact that HomeGroup feature is even available in the Enterprise edition of Windows 7 further strengthens the notion that HomeGroup is more than just a home networking toy.

In fact, a Windows 7 HomeGroup can exist and be used side by side with a Windows domain — with a few caveats. First, if your Windows 7 system is connected to a domain, you can join a HomeGroup, but you can’t create one. Second, while you can access files and resources on other HomeGroup computers, you can’t share your own files and resources with the HomeGroup.

One more point to take note of before we move on is that in order to create and join a HomeGroup, your network adapter must have IPv6 enabled. If you have disabled IPv6 because you didn’t think it was needed, then you’ll have to re-enable it.

Creating a HomeGroup

As you may know, during the Windows 7 installation procedure, you are given the option to create a HomeGroup. However, if you chose not to create a HomeGroup at that time, you can create one at any time. Keep in mind that in order for the HomeGroup to function, there must be more than one Windows 7 system on the network and your Network Location must be configured as a Home network. If it’s currently configured as a Work or Public network, you will not be able to create a HomeGroup.

Creating a HomeGroup is a very straightforward operation. Access the Control Panel, type Home in the search box, and when HomeGroup appears, as shown in Figure A, select it.

Figure A

If you type Home in the Control Panel search box, you can locate and select the HomeGroup tool quickly and easily.

When the initial HomeGroup window appears, you’ll be informed that there is currently no HomeGroup on the network, as shown in Figure B. You’ll also find a brief introduction to HomeGroup feature and several links.

Figure B

To get started, just click the Create a Homegroup button.

The first link is to a more detailed explanation of HomeGroups in the Help and Support. The second is to Advanced sharing settings page where you can adjust network-sharing features and even disable the HomeGroup-sharing feature and enable the type of sharing permissions used in Windows XP and Vista, based on user accounts and passwords. You can also start the HomeGroup Troubleshooter, a part of Windows 7’s new Troubleshooting Platform, which is powered by a special type of PowerShell 2.0 script that has the ability to diagnose and fix problems.

To launch the Create a HomeGroup wizard, click the Create a HomeGroup button. When the first screen in the Create a HomeGroup wizard appears, you’ll be prompted to choose what libraries, or types of files, you want to share to the HomeGroup, as shown in Figure C. You can also choose to share printers.

Figure C

As you begin the process of creating the HomeGroup, you’ll be prompted to choose what you want to share with other computers.

Once you choose what it is you want to share, Windows 7 will create the HomeGroup and you’ll then see the HomeGroup password, as shown in Figure D. This is the password that other Windows 7 systems will need in order to join and access the HomeGroup. You can either write down this password or click the link to print the password along with a set of instructions that you can give to other Windows 7 users to allow them to join the HomeGroup on their own.

Figure D

The second screen will provide the password that other Windows 7 systems will need to join the HomeGroup.

When you click Finish, you’ll see the HomeGroup settings window, as shown in Figure E, where you can perform a host of additional operations related to the HomeGroup.

Figure E

You can use the settings in this window to perform a host of operations related to the HomeGroup.

For example, you can limit or expand the shared libraries as well as enable and customize the media streaming feature of Windows Media Player. While the media streaming capabilities are more in tune with a home network than they are with a business network, this feature could very well be used to deliver video training material.

Of more universal interest here is the ability to view or change the HomeGroup password, leave (or quit using) the HomeGroup, change Advanced sharing settings, and start the HomeGroup troubleshooter.

Joining a HomeGroup

Once a HomeGroup is established on your network, other Windows 7 systems can join the HomeGroup using the password generated during the creation procedure. When you access the HomeGroup feature in the Control Panel on another Windows 7 system, you’ll be immediately alerted to the fact that HomeGroup has been created on the network, as shown in Figure F. To continue, just click the Join Now button.

Figure F

When you launch the HomeGroup tool on other Windows 7 systems, you’ll be prompted to join the HomeGroup.

When the first screen in the Join a HomeGroup wizard appears, you’ll be prompted to choose what types of files and devices you want to share to the HomeGroup, as shown in Figure G.

Figure G

When you join a HomeGroup, you will be prompted to choose items to share on the network.

The second screen in the Join a HomeGroup wizard, prompts you to enter the HomeGroup password, as shown in Figure H. You’ll enter the password that was generated by the system that created the HomeGroup. Keep in mind that the password is case sensitive.

Figure H

The second screen will prompt you to enter the HomeGroup password generated by the system that created the HomeGroup.

After you enter the password, you’ll see the third screen in the Join a HomeGroup wizard, which indicates that you have successfully joined the HomeGroup, as shown in Figure I.

Figure I

You have joined the HomeGroup.

Accessing the HomeGroup

Once you have created and joined a HomeGroup, you can easily access the folders on other computers in the HomeGroup. Launch Computer and expand the HomeGroup section in the Navigation pane. When you do, you’ll be able to see other systems in the HomeGroup and access the shared libraries, as shown in Figure J.

Figure J

Once the HomeGroups is created, you can see and access all the shared libraries on all the systems joined to the HomeGroup.

Take note of the expanded Network tree in the Navigation pane. This is a functioning peer-to-peer workgroup that consists of Windows XP and Vista systems as well as the Windows 7 systems that are participating in both the peer-to-peer workgroup and the HomeGroup.

Over 600,000 Macs infected with Flashback Trojan

A great article for you Mac users out there, from ZDNet:

 

Two months ago, a new variant of the Flashback Trojan started exploiting a security hole in Java to silently infect Mac OS X machines. Apple has since patched Java, but this was only yesterday. As of today, more than 600,000 Macs are currently infected with the Flashback Trojan, which steals your user names and passwords to popular websites by monitoring your network traffic.

Russian antivirus company Dr. Web first reported today that 550,000 Macs were being controlled by the growing Mac botnet. Later in the day though, Dr. Web malware analyst Sorokin Ivan announced on Twitter (via Ars Technica) that the number of Macs infected with Flashback had increased to over 600,000:

@mikko, at this moment botnet Flashback over 600k, include 274 bots from Cupertino and special for you Mikko – 285 from Finland

As you can see in the screenshot above, Dr. Web says 56.6 percent of the infected Macs are located in the U.S., 19.8 percent are in Canada, and 12.8 percent are in the U.K.

Flashback was initially discovered in September 2011 masquerading as a fake Adobe Flash Player installer. A month later, a variant that disables Mac OS X antivirus signatures updates was spotted in the wild.

In the past few months, Flashback has evolved to exploiting Java vulnerabilities. This means it doesn’t require any user intervention if Java has not been patched on your Mac: all you have to do is visit a malicious website, and the malware will be automatically downloaded and installed.

Another variant spotted last month asks for administrative privileges, but it does not require them. If you give it permission, it will install itself into the Applications folder where it will silently hook itself into Firefox and Safari, and launch whenever you open one of the two browsers. If you don’t give it permission, it will install itself to the user accounts folder, where it can run in a more global manner, launching itself whenever any application is launched, but where it can also more easily detected.

You can grab the new version of Java that patches the security hole in question from Apple here: Java for Mac OS X 10.6 Update 7 and Java for OS X Lion 2012-001. Additionally, F-Secure has instructions on how to remove this malware if you think your Mac may already be infected.

For all you Gmail users out there…..

From TechRepublic:

 

Prepare yourself: The new Gmail look is about to become the permanent Gmail look

 

The new look for Gmail has been available for several months now and for those of us who adopted it early on, the old look is a distant memory. However, if you have been clinging to the old Gmail display format for some reason, your time in the sun has come to an end.

Automatically sign up for our Google in the Enterprise newsletter!

The old look

This is the old Gmail look that is soon to be a part of history

On March 27, 2012, Google will make the new Gmail look the only Gmail look.

The new look

This is the new Gmail look – not that much different really

As you can see in the screenshot comparisons, the new look is a little cleaner and generally easier to navigate. I don’t think many users will object to it, but you may want to give everyone in your organization the heads up that there are changes coming – that is if you haven’t already.

For all you Windows 7 users out there….

Quick Tip: Get more Send To choices in Windows Explorer with one keystroke

From TechRepublic….

 

With a simple keystroke you can expand the number of Send To applications available and all without editing the Windows Registry or copying shortcuts into deep, dark areas of the operating system.

Figure A shows what the typical Send To right-click context menu item looks like in Windows Explorer. You get this screen when you right-click a file in Windows Explorer and navigate to the Send To menu item.

Figure A

Typical Windows Explorer Send To selections

Now, this time hold the Shift key down while you right-click a file in Windows Explorer, then navigate to the Send To menu. You should see an expanded list of applications listed as potential Send To locations, as shown in Figure B.

Figure B

An expanded Windows Explorer Send To

FBI warns of new banking scam

Be warned!  An article from BankRate.com:

 

Some crafty criminals are aiming to steal one of the most valuable pieces of your personal property: your banking information.

In a new warning, the Federal Bureau of Investigation warns account holders of a new spam email scheme that involves a type of malware called “Gameover.” The scheme involves fake emails from the National Automated Clearing House Association, the Federal Reserve or the FDIC. These messages attempt to trick recipients into clicking on a link to resolve some type of issue with their accounts or a recent ACH transaction. Once you click on the link, Gameover takes over your computer, and thieves can steal usernames, passwords and your money.

The FBI also warns the thieves’ hacking capabilities can navigate around common user authentication methods banks use to verify your identity, which is certainly a cause for concern. Those additional authentication steps — often personal questions, birth dates or other pieces of private information — are meant to provide some extra security padding.

While phishing scams are nothing new to the world of online banking, this type of warning serves as a reminder of just how susceptible account holders can be to malicious attacks. As more account holders begin to jump on the mobile banking bandwagon, it’s important to remember that a smartphone essentially acts as another computer. While this additional connection to the Internet is convenient, it also serves as another outlet where your information can be compromised.

Here are a few crucial steps to take to avoid falling victim to this type of Internet crime.

• Keep      your computer and mobile device updated with the newest versions of      anti-virus software.
• If you      have any doubts about an email sender’s authenticity, do not click on any      embedded links.
• Remember,      banks never request any personal information via email.
• Be      vigilant about checking your account balances. The sooner you notice and      report any type of fraudulent activity, the more likely you’ll be able to      be reimbursed for any missing funds.

Quick Tip: Print a single envelope in Word

A great article about printing envelopes in Word, from TechRepublic:

 

You might think printing a single envelope is overkill-unless you’re like me and have illegible handwriting. It’s not that I’m lazy, but it’s difficult for me to grasp a pen tightly. I can type, I can knit, but I can’t hold a pen, so I usually go to the extra trouble of printing an envelope. In the business world, you’ll probably do so because that’s the professional expectation. Whatever your reason, printing a single envelope in Word is simple, but getting everything just right requires a bit of knowledge because there are so many options.

The first step is to check your printer for envelope placement. If you’re lucky, you have a special drawer for envelopes. Lacking a drawer, you’ll probably find placement instructions on the manual feed. Check carefully; you should find a small embossed indicator that specifies the feed position for envelopes. They’re all different, so be sure to check your printer. For example, this Lexmark Z32 feeds an envelope face up and the bottom flush with the right side of the feed tray.

Once you have an envelope correctly positioned, you’re ready to enter the return and delivery addresses as follows:

1. Click the Mailings tab and then click Envelopes in the Create group. In Word 2003, choose Letters and Mailings from the Tools menu. Then, choose Envelopes and Labels. Options are available in all versions, but the dialogs aren’t arranged exactly the same.
2. On the Envelopes tab, enter the delivery and return address. (The return address may already be present, but you can change it.)

At this point, you have a few options you can apply:

• If Outlook is your default mail client, you can click the book icon to grab an existing address from Outlook to fill-in your delivery and/or return address.
• Check the Omit option if you do not want to print the return address.
• The Add Electronic Postage and E-Postage Property options are available, but work only if you have installed the appropriate software beforehand. We won’t cover those options today.
• Be sure to check the preview regularly, to make sure your choices match your needs.

After entering your addresses, check the feed options. This option confuses some users and you can’t depend on Word to configure things correctly. To get started, click the Feed option, and set the following options, as required:

• First, choose Face Up or Face Down, accordingly. If the envelope goes through the manual feeder print side up, choose Face Up.
• If the Feed Method options aren’t showing the print facing the right direction, uncheck the Clockwise Rotation option.
• Use the Feed From dropdown if you have a special envelop drawer or feed.

Once you’ve set the feed options correctly, click OK to return to the first dialog box. Check the Feed option; the picture should update according to your choices.

You might want to change the font and address positions on the envelope. To do so, click the Preview option or the Options button. On the Envelope Options tab, you can change the envelope size by choosing an option from the Envelope Size dropdown. Changing the font is easy; click the appropriate Font button and change the options as you normally would. To reset the position of the return or delivery address use the From Left and From Top options and watch the preview envelope update accordingly.  When you’re done, click OK to return to the original dialog.

At this point, you’re ready to print-click Print and you’re done!

New Mac OS X trojan spotted in the wild

An article for you Mac users out there, from ZDNet….

 

 

Summary: Security researchers from Intego, have intercepted several new variants of the Flashback Mac OS X trojan.

Security researchers from Intego, have intercepted several new variants of the Flashback Mac OS X trojan.

According to the company, the new variants of the Flashback trojan use three different infection vectors in an attempt to trick end users into installing the malware.

More details on the infection vectors:

This new variant of the Flashback Trojan horse uses three methods to infect Macs. The malware first tries to install itself using one of two Java vulnerabilities. If this is successful, users will be infected with no intervention. If these vulnerabilities are not available – if the Macs have Java up to date – then it attempts a third method of installation, trying to fool users through a social engineering trick. The applet displays a self-signed certificate, claiming to be issued by Apple. Most users won’t understand what this means, and click on Continue to allow the installation to continue.

Once the end user gets tricked into installing the malware, the Flashback trojan will patch web browsers and network applications in order to search for user names and passwords. Targeted web sites include, Google, Yahoo! CNN, numerous banking web sites, PayPal and many others. What’s particularly interesting about the  Flashback trojan is the fact that it has an auto-update feature periodically phoning back to several web sites in order to check for updates.

Intego is advising users running OS X 10.6, to update Java immediately.

Put the Classic Start menu in Windows 7 with Classic Shell

From TechRepublic:

 

On more than one occasion, I’ve looked through the discussions for the Windows 7 blog posts that I have written here at TechRepublic and found messages from angry Windows users that go something along the lines of “Because Microsoft took away the Classic Start menu in Windows 7, I am not going to upgrade!”

When I see these types of messages, I imagine curmudgeonly folks sitting in front of an old Pentium II computer running Windows NT. Of course I know that is not a fair assessment, because many people I know who have either Windows XP or Windows Vista installed also use the Classic Start menu feature.

Still I have a hard time imagining anyone wanting to forego all the underlying advances in the Windows 7 operating system just because of a dislike of the Start menu and other user-interface features. However, everyone is entitled to his or her opinion.

In any case, those die-hard classic Start menu fans have a champion out there. At SourceForge.net, which claims to be the world’s largest open source software development Web site, a fellow by the name of Ivo Beltchev has created a wonderful program called Classic Shell. In addition to bringing the Classic Start menu to the Windows 7 user interface, Classic Shell brings a number of other classic features to Windows 7, such as the Windows Explorer toolbar, complete with the Up button.

In this edition of the Windows Vista and Windows 7 Report, I’ll investigate all the classic features that the Classic Shell application brings to Windows 7.

This blog post is also available in PDF format in a free TechRepublic download.

Keep in mind

At the time of this writing, Beltchev is publishing version 0.9.10 of Classic Shell, which he is calling the Release Candidate version. As such, you may encounter some glitches. However, I tested it for the better part of a week on my Windows 7 test system and didn’t experience any problems. Classic Shell works with both the 32- and 64-bit versions of Windows 7 and appears to work in all editions. I tested it in the Ultimate edition of Windows 7.

Installation

Once you download Classic Shell from the SourceForge.net site, just double-click the ClassicShellSetup.exe file and follow the onscreen instructions. When you are prompted to select the features that you want to install, as shown in Figure A, be sure that you leave both check boxes selected if you want to revive the classic version of Windows Explorer as well as the Classic Start menu.

Figure A

Make sure that you leave both check boxes selected if you want to revive the classic version of Windows Explorer.

Check it out

As soon as you complete the installation procedure, you’ll immediately find the Classic Start menu in place, as shown in Figure B.

Figure B

The Classic Start menu is immediately available.

Reviving the classic version of Windows Explorer requires some configuration. First you have to enable the menu bar. To do so, launch Windows Explorer, press the [Alt] key to display the menu bar, pull down the Tools menu, and select the Folder Options command. Then, in the View tab of the Folder Options dialog box, select the Always Show Menus check box, as shown in Figure C, and click OK.

Figure C

Before you can revive the classic version of Windows Explorer, you have to enable the menu bar.

With the menu bar in place, you can right-click on it and select the Classic Explorer Bar command, as shown in Figure D. If you disable the Lock the Toolbars setting, you can position the Classic Explorer Bar under the menu bar like in Windows XP.

Figure D

Just right-click on the menu bar and select the Classic Explorer Bar command.

In addition to the Up button, you have the Cut, Copy, Paste, and Delete buttons back, as shown in Figure E. You also have a Properties button, which displays the selected item’s properties dialog box, and an e-mail button, which allows you to attach selected items to an e-mail message. The last button is the Settings button, which displays the available configuration settings.

Figure E

With the Classic Explorer Bar command enabled, you now have the Up button back.

Tweaking

You can tweak the Classic Start menu by right-clicking on the Start orb and selecting the Settings command. You’ll then see the dialog box shown in Figure F and can change a host of options — you can even apply several different skins, including a classic Windows 9x/2K colored skin.

Figure F

From the Settings dialog box, you can configure a host of options, including different skins.

You can tweak the Classic Explorer Bar by clicking the Settings button. When you do, you’ll see the dialog box shown in Figure G and can change a host of options. You can even select the type of navigation pane that you want to use, such as Windows XP Classic or Windows Vista.

Figure G

You can tweak the way the Classic Explorer Bar looks and feels.