Alert: You need to make sure your Windows/Office software is up to date. Targeted attacks against recently addressed Microsoft Office vulnerability is now out

Last November, Microsoft released security bulletin MS10-087 (http://www NULL.microsoft NULL.com/technet/security/Bulletin/MS10-087 NULL.mspx), which addresses a number of critical vulnerabilities in how Microsoft Office parses various office file formats. One of them is CVE-2010-3333 (http://cve NULL.mitre NULL.org/cgi-bin/cvename NULL.cgi?name=CVE-2010-3333), “RTF Stack Buffer Overflow Vulnerability,” which could lead to remote code execution via specially crafted RTF data. A few days before Christmas, we received a new sample (sha1: cc47a73118c51b0d32fd88d48863afb1af7b2578) that reliably exploits this vulnerability and is able to execute malicious shellcode which downloads other malware.

The notice that was posted on the Microsoft Protection Center blog ( http://blogs.technet.com/b/mmpc/archive/2010/12/29/targeted-attacks-against-recently-addressed-microsoft-office-vulnerability-cve-2010-3333-ms10-087.aspx (http://blogs NULL.technet NULL.com/b/mmpc/archive/2010/12/29/targeted-attacks-against-recently-addressed-microsoft-office-vulnerability-cve-2010-3333-ms10-087 NULL.aspx) ) concerns a flaw in the Microsoft Office program that was fixed in November. The bad guys have now found a way to exploit the flaw on computers that do NOT have the updated software. This affects you no matter which version of Office or Windows you are running.

Symantec underlined the seriousness of the flaw to CNET’s Elinor Mills in November:

“One of the most dangerous aspects of this vulnerability is that a user doesn’t have to open a malicious e-mail to be infected,” Joshua Talbot, security intelligence manager at Symantec Security Response, said at the time. “All that is required is for the content of the e-mail to appear in Outlook’s Reading Pane. If a user highlights a malicious e-mail to preview it in the Reading Pane, their machine is immediately infected. The same holds true if a user opens Outlook and a malicious e-mail is the most recently received in their in-box; that e-mail will appear in the Reading Pane by default and the computer will be infected.”

So what does this mean to you…….It means that if you receive an email, even if its obvious that the email is bad and you don’t click on it, just by it appearing in the reading pane section, will cause your computer to get infected with malware.

How do you make sure you are protected?

Windows Vista / Windows 7

If you are running Windows Vista or Windows 7 go to start –> Control Panel –> Windows Update

Once in Windows Update –> click on Check for updates –> Once the scan is complete –> system will tell you how many updates you need –> now click on Install updates.

Once you have successfully updated all Windows / Office software your Windows update should look like this.

Windows XP

In Windows XP –> Using Internet Explorer –> Visit the Microsoft Update website (LINK) http://www.update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us (http://www NULL.update NULL.microsoft NULL.com/microsoftupdate/v6/default NULL.aspx?ln=en-us)

(IMPORTANT NOTE: In XP – Microsoft has 2 websites for updates. One is called Windows Updates and one is called Microsoft Updates. You want to make sure that you are on the one that says Microsoft Updates as the Windows Updates site does NOT give you Office updates)

Once you are on the site –> Click on Custom and let it scan your pc. (Note you may be asked to run an ActiveX file if this is the 1st time you have been to the site. Just make sure you say you in this case specifically)

You may also get a message about a needed download –> if you do just click on “Download and Install Now”

Once Microsoft Update completes its scan it will show you what updates you are missing

Look under the “High Priority” updates and make sure that you have selected them all

Followed up clicking on “Review and install updates”

This will bring you to the confirmation page. Make sure you have all missing updates selected. You will see 1 final “Install Updates”. Click on it –>

Followed by “I Accept” under the agreements area –> and then watch your updates download and install.

After the updates install –> Reboot pc –> and visit site again to see if you have any remaining updates. Continue the steps until you get 0 (zero) remaining “High Priority” updates.

Once you are at 0 (Zero) now your Windows / Office software is up to date.

(FINAL NOTE: This does NOT mean you are free and clear, as always you need to take care of precautions when surfing the Internet. There are still many other ways you can have your computer compromised)

How to: Win 7–Fix for printer share error 0x000006d9

I ran across an interesting error this week that I hadn’t seen before, on a Windows 7 pc as I attempted to share a printer. I would go into the printer properties –> sharing tab and label the printer and as soon as I clicked on either apply or ok I would see “Printer settings could not be saved. Operation could not be completed (error 0x000006d9). The issue turned out to be caused by the Windows Firewall being turned off.

The solution was actually very easy -

1 – Go to Control Panel –> Administrative Tools –> Services

Once you are in services – go to the bottom and make sure the Windows Firewall is turned on

If the Firewall isn’t turned on – Double click directly where it says Windows Firewall. You will get a pop up window where you can click on start.

Once you have started the Firewall service – > Click on OK. (You can close the Firewall –> Services –> and Control Panel Windows.

2 – Now try and SHARE the printer, it should share without any errors
3 – If you have a need or reason for running with the Firewall off, you can at this point go back in and stop the firewall in Control Panel – > Administrative Tools –> Services.

You can now attach to your shared printer from other pc’s…….

Alert: Be careful shopping this coming Cyber Monday (11/29) as the bad guys are looking for easy victims

As always the bad guys are online, out to try and steal from unknowing victims this holiday season. With the popularity of Online Shopping, it has never been easier for a bad guy to steal from you without ever having to leave his home. The following post below comes from Panda Labs (LINK: http://pandalabs.pandasecurity.com/blackhat-friday-and-cybercrime-monday/ (http://pandalabs NULL.pandasecurity NULL.com/blackhat-friday-and-cybercrime-monday/) ), showing how crooks are manipulating search engines to trick users. As always, just because you are shopping online that doesn’t mean that you don’t have top pay attention. Always make sure to keep your Cyber Guard up.

*******************************************************************************************************************************************

Black(hat) Friday and Cyber(crime) Monday

by Sean-Paul Correll (http://pandalabs NULL.pandasecurity NULL.com/author/sean-paul-correll/)

You may be in for more than you bargained for if you plan on looking for the latest Black Friday or Cyber Monday deals online. Cyber criminals are quick to capitalize on new opportunities and have already done so by optimizing their Blackhat SEO campaigns to infect those looking for those hot ticket item deals.

The following image is a malicious search result aimed at innocent users looking for Black Friday deals at a popular U.S. based retail chain:

Best Buy/Black Friday Malicious Search Result (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/bestbuy_malicious_search NULL.png)

Best Buy/Black Friday Malicious Search Result

Clicking on the link in the Firefox browser will redirect you to a fake Firefox “update” website, which will then infect your computer with fake antivirus software:

Fake Firefox Update Website (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/fakefirefoxupdate NULL.png)

Fake Firefox Update Website

Clicking the link in Internet Explorer (or any other browser) will lead you directly to the fake antivirus scan page:

Rogueware "Fake Antivirus" Page (http://pandalabs NULL.pandasecurity NULL.com/wp-content/uploads/2010/11/Roguewarepage NULL.png)

Rogueware “Fake Antivirus” Page

Software: Error "The operation failed. An object could not be found" when you click Send and Receive in Outlook

This one was just brought to my attention today by one of my customers. They recently went thru an upgrade from Office 2003 to Office 2007. Now when they attempt to send/receive an email they get the error “The operation failed. An object could not be found” (Shown Below).

It appears that the issue involves your profile in Outlook. The follow steps should correct the issue.

Steps are from Microsoft Support Article #312354 (LINK) http://support.microsoft.com/kb/312354 (http://support NULL.microsoft NULL.com/kb/312354)

- To resolve this behavior, create a new profile. To do this, follow these steps:

Click Start, point to Settings, and then click Control Panel.
Double-click the Mail icon.
In the Mail Setup dialog box, click Show Profiles.
If you want to be able to select a specific profile each time you start Outlook, click the General tab, click Prompt for a profile to be used, and then click Add.
In the New Profile dialog box, under Profile Name, type a descriptive name for the new profile, and then click OK.
In the E-mail Accounts dialog box, select Add a new e-mail account in the e-mail options, and then click Next.
Click the type of server that your e-mail account works with, and then click Next.
Complete all of the required fields, including those that are on the tabs that appear after you click More Settings.
When you finish providing the required information, click Finish

ALERT: Windows Live Messenger 2009 Users–“Active links in Messenger 2009 temporarily turned off to prevent a malicious worm”

Microsoft has announced via the Windows Team Blog (LINK) http://windowsteamblog.com/windows_live/b/windowslive/archive/2010/11/12/security-alert-active-links-in-messenger-2009-temporarily-turned-off-to-prevent-a-malicious-worm.aspx (http://windowsteamblog NULL.com/windows_live/b/windowslive/archive/2010/11/12/security-alert-active-links-in-messenger-2009-temporarily-turned-off-to-prevent-a-malicious-worm NULL.aspx) that they are now blocking Active links in Windows Live Messenger 2009. What that means is that when you are in a chat with someone, if a link appears that you will NOT be able to directly click on it to open the link. If you wish to see the link you will need to copy it from the chat window and then past it into your browser.

Keep in mind that not only in WLM chat but in all chat programs there is always a possibility of receiving “Rogue” links that were not actually sent by the person who you are talking to. If you ever receive a link via chat, you want to make sure and check with the person you are talking to, so that you can confirm if its legit or not.

Those who click on the malicious link, will download a Worm (a form of virus), which will install on your pc, and then use your pc to send itself to all your friends links. As always you should make sure you have an up to date Antivirus.

A particularly malicious worm (a self-replicating computer virus) is currently trying to spread itself through many of the world’s largest instant messaging and social networks, including Windows Live Messenger 2009. We’re very serious about protecting our customers, and are pursuing multiple avenues to help stop its progress. The worm spreads by inserting a link into an IM conversation with a person whose computer is already infected. When someone clicks the link, it opens in a browser, downloads the worm on the recipient’s computer, and then repeats this process.

Normally, when Messenger sees a web address in a conversation it is turned into a hyperlink which, when clicked, automatically opens in a web browser. This feature makes it very easy for the malicious worm to be unknowingly installed on your computer by clicking on the link and being sent to a web site containing the malicious software. We’re pursuing a number of activities to help protect you, working actively with industry experts and law enforcement to help stop this criminal activity.

Most notably, we’ve temporarily turned off active hyperlinks for web addresses sent in IM conversations using Windows Live Messenger 2009. You will still be able to copy a web address and paste it into a browser window if you know it to be safe, but by removing active hyperlinks from Messenger 2009, we’re taking a significant step towards stopping the unintentional spreading of this worm.

Because we’ve now blocked active links in Messenger 2009, starting today, some customers may also see a notification in the main Messenger window warning them that some features might not be available.

Messenger warning message (http://windowsteamblog NULL.com/cfs-file NULL.ashx/__key/CommunityServer-Blogs-Components-WeblogFiles/00-00-00-53-82-metablogapi/6116 NULL.messenger_2D00_warning_5F00_3E135389 NULL.png)

Messenger 2011 is not impacted in the same way, thanks to its Link Safety feature. However, we are actively monitoring the situation and investigating different approaches to help protect customers using the latest version of Messenger, should the situation change.

As always, we encourage customers to exercise caution with links to web pages that you receive in IMs, especially if the links are to a web page that you are not familiar with, unsure of the destination of, or suspicious of. Malicious software may be installed in your computer simply by visiting a web page with harmful content.

If you think your computer may have already been infected by a malicious worm, check the , please visit the Security TechCenter on Microsoft TechNet (http://technet NULL.microsoft NULL.com/en-us/security/default NULL.aspx), and then download and use the malicious software removal tool (http://www NULL.microsoft NULL.com/security/malwareremove/default NULL.aspx). For additional help with Messenger, check out the Messenger Solution Center (http://windowslivehelp NULL.com/product NULL.aspx?productid=2).

ALERT: New Rogueware–This one can detect which browser your using and customize the fake alert to the browser you are using

In a never ending effort to inform the visitors to TGM, here is another ALERT concerning a new version of Rogueware (Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven)) that can actually figure out what web browser you are using and then customize the fake message to look like a standard message for the browser you are using. As always the reason these types of attacks work is because of the social engineering aspect, most people don’t know any better, they assume that if the message pops up on their pc the “it must be true”. Unfortunately the messages that you will see as a result of the Rogueware are nothing more than a trick to get control of your pc.

The following article (Written by Daniel Radu of the Microsoft Malware Protection Center) comes from the Microsoft TechNet Blog (LINK) http://blogs.technet.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie.aspx (http://blogs NULL.technet NULL.com/b/mmpc/archive/2010/09/01/rogue-msil-zeven-wants-a-piece-of-the-microsoft-security-essentials-pie NULL.aspx) . You should pay close attention to what the fake alert can look at in each of the browsers (At the bottom of the message you get “Upgrade to a reliable solution”).

**************************************************************************************************************************************

Rogue:MSIL/Zeven wants a piece of the Microsoft Security Essentials pie

A new rogue has started making its appearance from compromised websites: Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven). We received a sample (70be8ca73142922fd78acf2aafa9f141a977f15a) and a URL and began our investigation.

Let us say from the beginning that the guys behind this rogue like to copy big-time. They start by auto-detecting what browser the user is currently using, and then faking the malware warning page if the browser is Internet Explorer, Chrome, or Firefox. This is meant to be a social engineering scheme in order to trick the user into downloading and installing the rogue, relying on the user’s trust of his day-to-day browser.

The similarity between the fake warning pages is so accurate that it can trick even highly trained eyes.

In the Firefox page, for example, you can see it’s not the real warning page because they misspelled ‘out’ and wrote ‘Get me our of here’.

Chrome

Internet Explorer

But for all three browsers, a common indication that you are not looking at the actual browser warning is the offer of some sort of an “update” or “solution”. All the “updates” point to a copy of MSIL/Zeven that promises to provide “a new approach to windows detection”. Internet Explorer, Firefox, and Chrome do not offer such a solution when a website is blocked.

When installed, the product looks very genuine: it allows you to scan files, tells you when you’re behind on doing your updates, and enables you to tweak your security and privacy settings. These features are usually available in various legitimate antivirus solutions. However, the features don’t work; everything is there just to look nice, not to offer any kind of protection (just like in all other rogue antivirus programs).

Of course once it scans your computer it’s bound to claim it found something scary (malicious), as shown below:

As usual with rogue scanners, although it “found” malicious files, it claims it cannot delete them unless you update. That implies that you need to pay for the full version, which has the ability to download updates. However, these files are totally bogus; no such files exist in the user’s computer.

If you decide to buy the product, this rogue opens an HTML window enabled with ‘Safe Browsing Mode’ and high strength encryption to “help” and ”protect” you while completing your purchase. Of course these features are totally worthless and don’t actually do anything in the way of securing your credit card details.

The main page of the rogue antivirus program itself looks awfully close to the Microsoft Security Essentials webpage – more copying from the bad guys. The people behind it have even copied the awards received by Microsoft Security Essentials and link to the Microsoft Malware Protection Center - pretty sneaky of them.

This is a screenshot of the rogue’s main webpage:

And, by way of contrast, this is a screenshot of the genuine Microsoft Security Essentials (http://www NULL.microsoft NULL.com/security_essentials/) page:

It seems that these guys want to profit on the good reputation and success of Microsoft Security Essentials in order to make money – but we remind our customers that Microsoft Security Essentials can be downloaded at no cost. And it really does protect your computer from malware!

We detect both the downloader of the rogue and the rogue itself as Rogue:MSIL/Zeven (http://www NULL.microsoft NULL.com/security/portal/Threat/Encyclopedia/Entry NULL.aspx?Name=Rogue:MSIL/Zeven).

Until our next encounter: browse safely!

Daniel Radu
MMPC Dublin

TechNet Video: How Do I: Migration From Windows XP to Windows 7 (Level 200)

From Microsoft:

TechNet Video: How Do I: Migration From Windows XP to Windows 7 (Level 200) (http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Link/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE)

(LINK) http://www.microsoftbroadcaster.com/en-us/Content/Link/11813?WT.z_cType=VI&WT.z_cSource=WWE (http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Link/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE) (http://www NULL.microsoftbroadcaster NULL.com/en-us/Content/Media/11813?WT NULL.z_cType=VI&WT NULL.z_cSource=WWE)

Find out what you need to know about the process of migrating your computers from Windows XP to Windows 7.

This video discusses:

Backup considerations and options
Preparing hard drives and partitions
Capturing Windows XP data and settings with the Windows Easy Transfer Tool
Installing Windows 7
Restoring captured data and settings with the Windows Easy Transfer Tool
Confirming settings

Software: Getting your Creative Labs Sound Blaster soundcard working with Windows Vista / 7

Came across an interesting issue this week with one of my clients who has just upgraded to Windows 7 on his pc (x86/32 bit). His pc hardware included a Creative Labs SB200 sound card, which Windows 7 recognized but said was not compatible with the operating system. I know I could have easily gone out and bought a new sound card but I figured I would try a few things before going down that route. If you do a search for the driver on the Creative Labs site all you will find are drivers that list for Windows 2000 and XP. I tried downloading the XP file and then using Windows 7 compatibility mode to install it, but that didn’t work. So I kept looking and found a version of the Creative Labs Sound Driver on the Dell site – So I decided to try it and “boom”, there it was. Here are the steps I took

Downloaded the Creative Labs Sound Blaster Audigy 2 (LINK) http://ftp.us.dell.com/audio/R80459.EXE (http://ftp NULL.us NULL.dell NULL.com/audio/R80459 NULL.EXE)
Once Downloaded – Right click on the R80459.exe file –> Left Click on Properties. This will bring up the properties screen. On the properties screen put a check next to “Run this program in compatibility mode” (and select Windows XP SP3) and also select “Run this program as Administrator”.

3. Once you have done that select ok, then double click R80459.exe. During the install you will get prompted for the location you wish to save your file. I recommend just leaving the default location.

4. The install will now run and install your drivers. At the end of the install it will still appear that the install did NOT work. Reboot your pc. After the reboot you should have sound……..Enjoy

**The instructions list Windows 7 – However, should work exactly the same under Windows Vista.

Software: The new Windows Live Essentials Beta – Available 6/24/10

From a post earlier today on the Windows Team Blog (LINK: http://windowsteamblog.com/windows_live/b/windowslive/archive/2010/06/23/announcing-the-new-windows-live-essentials-beta.aspx (http://windowsteamblog NULL.com/windows_live/b/windowslive/archive/2010/06/23/announcing-the-new-windows-live-essentials-beta NULL.aspx) ), the latest version of Windows Live Essentials will be out tomorrow, June 24th.

The following Microsoft Video shows some of the latest features to Windows Live Essentials

Windows Live Essentials – the essential software for Windows

Windows Live Essentials includes Messenger, Mail, Photo Gallery, Movie Maker, Writer, Sync and Family Safety. Essentials is available for free and in many cases may already be installed on your PC with Windows.

Picture of Windows Live Essentials icons (http://windowsteamblog NULL.com/cfs-file NULL.ashx/__key/CommunityServer-Blogs-Components-WeblogFiles/00-00-00-53-82-metablogapi/1537 NULL.Essentials_5F00_5BD7465E NULL.png)

In the upcoming release, we focused on achieving two important goals with Essentials:

Making everyday tasks simpler and enabling new possibilities on your PC
Connecting Windows 7 to the cloud

Windows Live Essentials beta requires Windows Vista or Windows 7, and is available in English, French, Dutch, Japanese, Portuguese, Simplified Chinese, or Spanish.

As previously announced (http://windowsteamblog NULL.com/windows_live/b/windowslive/archive/2010/06/02/preview-of-the-new-windows-live-essentials NULL.aspx), this release of Essentials is focused on two things: connecting Windows 7 to the cloud services you already use, and making everyday tasks simpler, so that you can do more on your PC.

Connecting Windows 7 to the cloud

We’ve designed Essentials to connect your Windows experience to the web services you already use – not just the ones from Microsoft. The new betas of Windows Live Photo Gallery, Movie Maker, Mail, Writer, and Messenger (http://explore NULL.live NULL.com/windows-live-messenger-beta) connect to photo and video sharing (SkyDrive (http://skydrive NULL.com), Flickr (http://www NULL.flickr NULL.com/), YouTube (http://www NULL.youtube NULL.com/), Facebook (http://www NULL.facebook NULL.com/), SmugMug (http://www NULL.smugmug NULL.com)), social networking (Facebook (http://www NULL.facebook NULL.com/), MySpace (http://www NULL.myspace NULL.com), Linkedin (http://www NULL.linkedin NULL.com)), email (Hotmail (http://www NULL.hotmail NULL.com/), Gmail (http://www NULL.gmail NULL.com), Yahoo! Mail (http://mail NULL.yahoo NULL.com)), blogging (Spaces (http://spaces NULL.live NULL.com), WordPress (http://wordpress NULL.com), Blogger (http://www NULL.blogger NULL.com)), and document productivity (Office Web Apps (http://office NULL.live NULL.com)) services. And the new Windows Live Sync keeps your files synchronized across multiple PCs and in the cloud. You can even directly access your PC over the web with Sync’s new remote desktop feature.

Making everyday tasks simpler and enabling new possibilities

People like to get creative on their PCs as much as they like seeing what everyone else has been up to. Whether it’s Retouch, Panoramic Stitch, or Photo Fuse in Photo Gallery, Auto Movie in Movie Maker, or Photo Mail in the new Windows Live Mail, we think you’ll be excited by the new additions to Essentials that make advanced tasks, well, easy. If you haven’t yet tried PhotoFuse to merge together the best of several photos, it’s a lot of fun. (http://techcrunch NULL.com/2010/06/02/microsoft-rolls-out-impressive-enhancements-to-windows-live-essentials-suite/)

As soon as the beta goes live tomorrow (we’ll update this blog post when it does), you’ll be able to get it from here (http://explore NULL.live NULL.com/windows-live-essentials-beta). (LINK: http://explore.live.com/windows-live-essentials-beta (http://explore NULL.live NULL.com/windows-live-essentials-beta))

Software: Hidden and Additional Themes for Windows 7

One of the nice cosmetic features in Windows 7 is the great variety of themes that you can select from to change the appearance of your computer system. I had not written this post earlier because somehow I seriously though that most people were aware of all their options. However, after a recent road trip (with the W7 laptop) where I kept getting asked “where did you get those backgrounds for your computer”, I suddenly understood that their are a lot of people who just don’t know about the additional cosmetic changes you can make to your Windows 7 pc. So with that being said, here is a simple way that you can add or change the look of your Windows 7 pc.

For those who still aren’t sure here is a short video from Microsoft explaining “What is a theme” – (LINK)http://windows.microsoft.com/en-us/windows7/what-is-a-theme (http://windows NULL.microsoft NULL.com/en-us/windows7/what-is-a-theme)

Microsoft has always offered what they refer to as themes for Windows, to all the user to change the appearance of their system. In Windows 7, Microsoft has a 3 different options for themes, 2 of which may not be well known. Everyone that has installed Windows 7 should be familiar with the personalization screen that you can find in Control Panel (Start Menu Button –> Control Panel)

When you click on Personalization, you get the following screen (This is the USA version, if you selected a different country during install of Windows 7 the pictures themselves may be a little different) where you can select the theme to use for your computer (Theme includes pictures –usually 5 or 6 in a group- plus color schemes and sounds). In addition, by selecting at the bottom you can select how often the background changes and if you want a specific color scheme or sound and what screen saver to go along with your theme.

Now this post could end right here but that wouldn’t cover the 2 other ways that you can add to your choices in the personalization screen.

Additional Themes Option #1 – The Hidden ones already on your pc

So lets start with the option that is already on your computer but is hidden because they are considered to be for other regions or locations. (NOTE: you will need to have hidden files and folders showing in Windows. You can change that setting in control panel –> folder options –> View tab –> put a bubble next to “Show hidden files, folders, and drives)

1) Click on Start and then in the search box type the following

- C:\Windows\Globalization\MCT and press the Enter key

- you will see the following window (below), just click on the folder called MCT

2) The window that opens will show you the additional themes for Windows 7 for other regions or locations (Depending on the version of Windows 7 your choices may be a little different than the ones shown below). In my copy of Windows I get themes additional themes from Australia, Canada, U.K, and South Africa (In addition to the US theme which is already showing).

- Once you are at the MCT folder open the theme for the country you like, and then you can either select the folder with the country name where you will see the pictures used in the theme or the theme folder itself to install the theme.

- If you select the folder with the pictures (below) you can right click on a picture you like and then select “Set as desktop background. (This will not make it into a changing theme, it will give you just that picture as your background. )

- If you choose to install the entire theme, once you have selected the Theme folder, double click on the file name.theme (in this example GB.theme). That will install the entire theme.

3) Once you have done that you can go back to your personalization folder in control panel and select the newly added themes. Once a theme is on your Personalization window, its just a matter of clicking on it to change between themes.

Additional Themes Option #2 –

Other than locating hidden Windows 7 themes in your computer, you can also download several windows 7 themes form the Microsoft Website.

Visit the Windows 7 Personalization page (LINK) http://windows.microsoft.com/en-us/windows/downloads/personalize (http://windows NULL.microsoft NULL.com/en-us/windows/downloads/personalize)

- Here you will find a large selection of themes you can add to your Windows 7 install. Its also very simple and best of all its FREE!!!!

All you need to do is scroll down the page until you find a theme that interests you, you will see a download button just under that them.

- Click on download, it will be followed by a screen that will ask you if you want to Open or Save. If you wish to save the themes for later just select save (and remember where you saved it to). If you just want to install select open and it will automatically install the theme on the computer for you. (NOTE: The theme will also become your default theme, so you will need to go back to the personalization folder to change it to something else.)

Themes take up a minimal space on a hard drive so don’t be afraid to download and try a few of these out.

And with that you have another simple way of changing the look of your Windows 7 pc. “I’m glad Windows 7 was my idea”. OK it wasn’t but I have always wanted to be in one of those commercials so that I could say that.

Tech Geek and More

Technology Explained for All

Category Archives: Microsoft