October 5, 2008

Another XP SP3 approach: burn it to a CD

Dennis O'Reilly By Dennis O'Reilly

As XP users continue to struggle while downloading and installing Service Pack 3, one reader succeeds by creating an SP3 installation CD.

There's no guarantee this technique will work for you, but if you're determined to upgrade to SP3, this option may be worth a try.


More than one way to load a service pack

You have to wonder which Microsoft group is sweating more these days: the people in charge of helping XP users upgrade XP Service Pack 3, or the folks whose job it is to convince PC users to buy Vista. While the latter group has Bill Gates wiggling his tush on their behalf (at the request of Jerry Seinfeld), the SP3 champions in the company appear to be on their own — just like us poor XP users.

Slowly but surely, we're figuring out how to keep the last XP service pack from trashing our systems. This week's Top Story by Scott Dunn describes the biggest gotchas and offers tips for downloading and installing SP3, but reader Bob Bowen wrote in with a solution of his own.

  • "Following a disastrous download and install by Microsoft Auto Updates of SP3 on my XP Home SP2 OS (which rendered my OS inoperable, requiring a raw format and complete reinstall), I downloaded an ISO image of SP3 … and burned my own CD of SP3 from it.

    "After disconnecting from the Internet and closing down all programs in my notification area, notably my Zone Alarm Pro Firewall, NOD32 AV, and antispyware applications, I ran the install CD, which installed SP3 flawlessly on my PC. That was three months ago, and I have had no problems whatever. In fact, the increased stability of my OS after installing SP3 was immediately noticeable. I suggest this as an excellent way to install XP SP3."

You'll find instructions on saving .iso files to CDs on the official Microsoft Windows XP site.

One says install XP SP3, the other says to wait

It's never easy knowing whom to believe when tech pundits contradict themselves. It's even harder to figure out the best course of action when writers for the same publication appear to be at odds on an important issue.

That's why it's so easy to understand the confusion of reader Terry Theresa, who noted that Susan Bradley's July 24 Patch Watch column (in our paid content) stated, "The time is right for Windows XP SP3 … maybe." Yet in last week's the cost of propecia Known Issues column, I recommended that XP users wait before installing the service pack.

  • "[The column] written by Dennis O'Reilly recommending that the installation of SP3 be postponed is very untimely. It was only a few issues or so ago that we were told by Susan Bradley that SP3 is now safe for downloading. Whom to believe?

    "I think that one writer — and one writer only — [should] stay with the SP3 situation to avoid conflicting statements. I usually never, ever, write, so I will stand down now, had my say. Thanks again for Windows Secrets, as it has kept me out of a lot of trouble. I haven't had a reformat in quite awhile now."

Susan's lukewarm recommendation of SP3 advises that you have a full system backup handy before installing the service pack and that you have another Internet-connected PC at the ready so you can troubleshoot any problems you encounter during the update. For me, those are two indications that plenty of risk remains.

Since I err on the side of caution, I recommend that XP users wait to upgrade until they have to, or until they can be relatively certain that all (or at least most) of the glitches have been worked out, especially if your PC is running okay.

Now Scott Dunn has provided us with a third perspective on SP3 in this week's Top Story. I'm confident that if you follow Scott's advice on the service pack, you'll do just fine.

Beware of insecure webmail services

You would think that an e-mail provider would consider the addresses and passwords of its customers worth securing. Unfortunately, at least one webmail service doesn't feel the need to encrypt this information when people log in to its service, as reader F. Aydelotte points out.

  • "Don't assume that your ISP's webmail is secure. Frontier, a major Internet provider on the East Coast and elsewhere, uses a nonencrypted Web page for its webmail.

    "I exchanged several e-mails with various levels of tech support and marketing at Frontier, asking about this security hole, and it became obvious that they could care less about their customers' sending user names and passwords in clear text."

Whenever you log in to any Web site, make sure the URL in the address bar begins with https: and look for the lock icon in the bottom-right corner of the browser. If the company doesn't provide a secure login page, find yourself another provider. You'll be doing all of us a favor.

Filed under OS XP by al

Permalink • Print • Comment

Don’t let XP Service Pack 3 hose your system

Scott Dunn By Scott Dunn

From the moment Microsoft released it, Service Pack 3 for Windows XP has been the subject of almost daily reports of bugs, incompatibilities, and general headaches.

You can install SP3 with confidence — providing you take certain precautions — or, if you prefer, use Windows' Automatic Update settings to keep the service pack off your system.


Multiple problems plague SP3 adopters

Windows Secrets has been reporting problems with Windows XP's Service Pack 3 almost from the instant the patch collection was first distributed. In fact, so many readers have contacted us with questions or complaints about SP3 — the last major update to Windows XP — that we've synthesized everything you need to know about this update in a single column.

Here are the most glaring SP3-related problems:

• Internet connectivity fails when using black hole routers, which drop packets (see Susan Bradley's May 1 column in our paid content and Microsoft's Knowledge Base article 314825).

• False positives are generated by Norton Internet Security and other security applications (see my May 2 Top Story).

• Device Manager settings go missing, especially in connection with using Norton Antivirus (see Susan Bradley's column in the May 29 newsletter as well as KB 953791).

• Repeated rebooting occurs on machines using an AMD processor (see Susan Bradley's May 22 column and KB 953356).

• You can't install any new updates (see KB 943144).

• Third-party visual styles encounter problems (see the Support Alert Newsletter of June 19).

Making an upgrade decision that works for you

In light of these and other problems, you may wonder whether you ever want SP3 at all, especially given that many of its enhancements focus on networking and IT-level administration. Here's the case for SP3:

Think security: In addition to new features, SP3 — like most service packs — includes numerous security updates that were available individually in the past.

Consider support: If you think you might require Microsoft's assistance to install SP3, you need to add the service pack before April 2009, when the company will end such support. And because overall support for SP2 expires in early 2010, you'll need to have SP3 installed by that date if you want general support for XP.

Be prepared: Before you install SP3, take a few precautions. First and foremost, perform a full system backup. Microsoft has digested all recommended pre-install steps in KB 950717, which also includes troubleshooting information if all does not go well.

How to remove SP3 from your Automatic Updates

If you decide you don't want SP3, Microsoft offers a tool for suppressing the automatic installation of the service pack. The Service Pack Blocker Tool Kit won't prevent you from downloading SP3 manually from the company's site, nor will it stop you from installing the patches from a CD or DVD. All it does is stop the service pack from being installed via Windows' Automatic Updates.

In addition, the Service Pack Blocker postpones the installation for only a year from SP3's release date last April.

Surf over to Microsoft's Service Pack Blocker download page and click the Download button for SPBlockerTools.exe. Click Yes to accept the license agreement and type in the path to the folder where the files will be stored (click the Browse button and navigate to the folder if you want to avoid typing).

Now open the folder containing the extracted files and double-click SPBlockingTool.exe. A command prompt window appears for a few moments and displays the statement "Action successfully completed." Unfortunately, that doesn't tell you very much. The action the message refers to is the addition of a Registry entry instructing Windows Update not to send you SP3. (The same setting on Vista blocks SP1.)

If you want to see the code that is added, do the following:

Step 1. Choose Start, Run. Type regedit and press Enter.

Step 2. In the Registry Editor, navigate in the left pane to this entry:

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate

Step 3. With the WindowsUpdate icon selected in the left pane, look in the right pane for a key named DoNotAllowSP.

If you later decide you want Automatic Updates to offer you Service Pack 3, simply select the DoNotAllowSP key and press Delete (or click Edit, Delete).

If you're concerned about editing the Registry (which involves risks of its own), the Service Pack Blocker can also undo the block:

Step 1. Choose Start, Run. Type cmd and press Enter.

Step 2. At the command prompt, either type the path to the SPBlockingTool.exe file, or drag the file into the command prompt window and let Windows do the typing for you.

Step 3. At the end of this command, type a space followed by /U and press Enter.

Once again, you'll see the "Action successfully completed" message and Windows Automatic Update will no longer be blocked from installing the service pack on your system.

The other tool included with the download, splitting propecia SPreg.cmd, is a batch file useful for administrators who want to block the service pack on remote computers; this utility requires that the machine name be specified in the command line.

Even though most of SP3's problems should now be in the past, these precautions can help ensure that you aren't one of the service pack's installation victims.

HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate

Step 3. With the WindowsUpdate icon selected in the left pane, look in the right pane for a key named DoNotAllowSP.

If you later decide you want Automatic Updates to offer you Service Pack 3, simply select the DoNotAllowSP key and press Delete (or click Edit, Delete).

If you're concerned about editing the Registry (which involves risks of its own), the Service Pack Blocker can also undo the block:

Step 1. Choose Start, Run. Type cmd and press Enter.

Step 2. At the command prompt, either type the path to the SPBlockingTool.exe file, or drag the file into the command prompt window and let Windows do the typing for you.

Step 3. At the end of this command, type a space followed by /U and press Enter.

Once again, you'll see the "Action successfully completed" message and Windows Automatic Update will no longer be blocked from installing the service pack on your system.

The other tool included with the download, SPreg.cmd, is a batch file useful for administrators who want to block the service pack on remote computers; this utility requires that the machine name be specified in the command line.

Even though most of SP3's problems should now be in the past, these precautions can help ensure that you aren't one of the service pack's installation victims.

Filed under OS XP by al

Permalink • Print • Comment

Problems with Windows XP SP3 persist

Dennis O'Reilly By Dennis O'Reilly

If you're still on the fence about XP's Service Pack 3, best to stay there for a while.

We continue to hear from readers whose PCs choke on the update, and for very different reasons.


XP SP3 should ship with two aspirins

I'm sure Microsoft made every effort to ensure that the distribution of Windows XP Service Pack 3 would go smoothly. Unfortunately, the company's efforts didn't keep some Windows Secrets readers out of the update muck.

One of the many people who shared receding hairline propecia their SP3 pain with us was Almer Procyshyn, who was seeing the Internet Explorer customization screen every time he started IE 7:

  • "Recently, like many others I have noticed, I experienced problems with my laptop after SP3 was installed, one being the RunOnce setting for IE 7. Many forums suggest modifying the Registry, but the simple most effective solution is:

    Tools, Internet Options, Advanced, Reset (under Reset Internet Explorer settings), OK.

    "This allows you to [reset your] RunOnce settings. Simple, and it works."

If only all SP3 glitches were so easy to resolve. Note that this workaround changes all IE 7 settings back to their default values, which may not be what you want. To fix the problem with a specific change to the Registry or using local security policy, see an explanation at Online Tech Tips.

While most XP users who have installed SP3 experience no problems, the risk/reward balance suggests that there's no hurry to apply the patch, at least until Microsoft stops supporting SP2 — many months from now.

Renewal pop-ups tick off antispyware user

Reader Ted Cohen is mad as hell at SpySweeper, his antispyware vendor, and he's going to take his business elsewhere.

  • "I have used SpySweeper for years and agree it is among the best. However, 30 days prior to my subscription expiration, the software begins automatic renewal-notice pop-ups every time the machine reboots — for me, several times a day.

    "SpySweeper support says the pop-ups cannot be removed. It is intrusive and annoying, as the pop-ups override my applications. I pay SpySweeper to stop hackers from installing trash on my machine, but it seems they are as guilty as the bad guys where their own revenue is involved.

    "All it would take is the usual 'do not show this message again' checkbox to make me happy, but these guys are shameless. I like their software, but I am going elsewhere."

The computer industry may not own the patent on alienating customers (see Automobiles, American), but software vendors in particular have made an art form out of it.

How good does a program have to be for you to put up with such annoying renewal reminders, not to mention update pop-ups and other intrusions? How loathsome do a company's marketing practices have to be for you to toss a product you're otherwise happy with?

Filed under OS XP by al

Permalink • Print • Comment

Don’t fall for bogus antivirus downloads

Scott Dunn By Scott Dunn

A new virus strain pretends to remove malware but actually does just the opposite: it infects your system.

Fortunately, you can use a few simple steps to tell the difference between these rogue antivirus programs and legitimate security software.

Antivirus apps may be malware in disguise

A dangerous new virus is making the rounds in the guise of a legitimate antivirus program. Going by such names as "Antivirus XP 2008" and "XP Antivirus 2009," this malware, as described in a recent Computer Associates advisory, succeeds by looking like a legitimate Windows program.

The Internet security blog Donna's SecurityFlash reports that rogue antivirus programs such as these are being promoted through spam messages that link to an automatic download of a virus installer.

With such aggressive methods afoot to fool security-minded users, how do you know when an antivirus product is legitimate? Use the following guidelines to ensure that the security products you download are legitimate.

Choose your security vendor deliberately

Be careful how you select a security vendor. Just because you see an ad for a vendor or product on a highly reputable site doesn't mean the advertiser is reliable.

Conversely, an ad for a reputable product or service on an unfamiliar site doesn't mean that you can trust the site. Advertisements are often distributed by third parties beyond the editorial control of the hosting site. That's why real propecia you may find ads for untrustworthy products on legitimate sites, and ads for legit products on bogus sites.

Services such as the free McAfee Site Advisor and the Web of Trust add-on for the Firefox browser evaluate beforehand the safety of the site you're about to visit. (Windows Secrets contributing editor Becky Waring reviewed Web of Trust in her July 17 column.)

Because the ratings generated by these tools may be based on out-of-date reports, they aren't perfect. But they serve as a useful line of defense.

Another way to evaluate sites before you visit them is with the free LinkScanner Lite application. Rather than rely on second-hand reports, LinkScanner analyzes the code of a given site to check for stealth downloads and other malicious behavior.

The free version of the program requires that you right-click a link manually to get a risk analysis before you surf to the site. If you want your Google and Yahoo search results to be scanned automatically (in addition to other added features), buy LinkScanner Pro for $20.

Published reviews praise LinkScanner for detecting hacked sites, although the program fares less well when rated for detecting phishing sites. CNET's review gave LinkScanner an overall rating of 7.5 out of 10. PC Magazine's evaluation was similar, awarding the program 3.5 out of 5 stars.

Finally, never visit a shopping site by clicking a link in a spam message. Even if the message claims to be pitching a reputable product, such as one from Symantec or ZoneAlarm, the link may actually take you to a counterfeit site.

Color-coding the good guys and bad guys

One site that has been tracking rogue anti-malware products since 2004 is Spyware Warrior. If you're considering a product whose validity is not certain, your first screening step should be to search Spyware Warrior's blacklist. Although Spyware Warrior focuses on identifying fake antispyware apps, the service's blacklist of suspicious sites and products also includes a lot of rogue antivirus applications.

Additionally, consult a whitelist of products that have been certified by a reliable independent organization. One such organization is ICSA Labs (formerly the International Computer Security Association), an independent research and certification division of Verizon Business. On its site, ICSA maintains a list of antivirus products it has certified according to its criteria.

Once you've validated a product to your satisfaction via these resources, you're probably safe downloading it directly from the vendor. But to be extra cautious, consider going to a reputable download source that scans every item before placing it in its library. Such sites include CNET's Download.com, the Downloads page of PCWorld.com, ZDNet's Downloads page, and Tucows.com's security section.

These days, every PC user needs security software to protect against online threats. But when the security software itself becomes a threat, the solution becomes a problem.

Fortunately, with a little care, you can dramatically reduce your risk when shopping for safe and effective security products.

Filed under security by al

Permalink • Print • Comment

Google Chrome – Future or Fad?

Google Chrome - Future or Fad?

Google Chrome – Future or Fad?

By Scott Nesbitt – Sunday, October 5, 2008

PullQuote 188Do you need another browser on your desktop computer or laptop computer? Google thinks so. A few weeks ago, the Company released the first version of purchase propecia online target=”_blank” title=”http://www.google.com/chrome”>Chrome , what it describes as “a browser that combines a minimal design with sophisticated technology to make the web faster, safer, and easier.”

I'm not sure about the faster, safer, and easier part but Chrome is a very interesting piece of software. And although it's a beta (as most Google applications are), it's quite usable. It won't replace Firefox, Safari, Opera, or Internet Explorer – at least not yet – but Chrome does show more than just a little promise.

 

Why Another Browser?

According to Google, Chrome was created to reimagine the Web browser – to build a Web browser from the ground up that realized the software that you use to access the Web isn't just for viewing static text and graphics but to actually work with today's dynamic Web. As the folks at Google said, Chrome is “not just a browser, but also a modern platform for web pages and applications, and that's what we set out to build.”

Of course, there could be far more to it than this. Some commentators believe that this is the next step in a plan by Google to make the operating system obsolete, and to actually turn the Web into the operating system. This has been a dream for a while, but many people (including at least one blogger at Linux.com think that if anyone can make this a reality, Google can.

Regardless of Google's motives, Chrome has disrupted the Web browser ecosystem. And, in my opinion, in a good and very interesting way.

 

The Technology

Chrome is based on a technology called WebKit. WebKit is a light, very fast, Open Source framework for implementing the functions of a Web browser. WebKit is widely used – most notably in Apple's Safari Web browser, and offers excellent support for Web standards .

What WebKit brings to the table is fast and efficient interpretation of Javascript (a commonly-used scripting language on the Web), as well fast rendering of Web pages. On top of that, WebKit offers excellent support for Cascading Style Sheets (a way of applying formatting to Web pages), as well as Scalable Vector Graphics (a file format for static and animated diagrams).

Chrome's technology enables it to render both simple and complex Web pages faster than Safari, Firefox, or Internet Explorer.

 

Features

Chrome is a seeming contradiction in terms. It uses advanced technology, but its interface and feature set is (in many ways) somewhat minimalist. Regardless, the feature set packed into Chrome is interesting.

Chrome basically does what any other browser does – rendering Web pages, running Javascripts, supporting multimedia, enabling multiple tabs in a window, and the like. But some of that, it does in a much better way.

 

The Interface

As mentioned earlier, Chrome's interface is very minimalist. There's no menu bar or icon bar. You right-click in the browser to get a menu, or use the two icons in the top right of the browser's window to access the basic functions of Chrome. Like what? Like work with the browser's options, copy/cut/paste content, view the source of a page, or create new tabs and windows. You can also get a list of sites simply by typing a term – for example, laptop bags – in the browser's address bar.

 

To be honest, the interface is confusing at first. It's not like any other browser you've used. However, after working with Chrome for a few minutes, you get the hang of it.

 

Staying Safe

Chrome's developers seem to have put security at the forefront of the browser. Not only does the browser warn you about potentially dangerous sites, it also isolates processes within the browser. Each time you open a new tab, that tab acts as if it's the only process running in your browser. It has minimal, if any, interaction with the operating system or with other tabs. So, if you run into a site that's ready to deposit some malware , adware , or anything else nasty on your computer, the tab rendering that site is isolated from other processes. The nasty payload from that site may run, but only in the isolated space of that tab. Once you close the tab, the nastiness no longer exists as far as Chrome is concerned.

One side effect of the isolated tabs is that Chrome mimics having multiple browsers running simultaneously, without the overhead. This is great if you use Web applications and have multiple accounts with them. For example, I have two Google Docs accounts – a personal one and one for my company. There are times when I need to share information between the two accounts. With Chrome, I can log into both accounts simultaneously and copy text between them. With any other browser, I'd need to copy whatever I needed to copy, log out of one account, and log into the other one.

You can also browse in incognito mode. This mode leaves no tracks – the browser doesn't track which sites you've visited; the site you visited might log your IP address, though. Why you'd want to use incognito mode is your concern … To do it, just click on the Control the current page icon on the upper-right corner of the Chrome window, and then select New incognito window.

 

On top of that, Google maintains blacklists of Web sites that have been flagged as potential sources of phishing and assorted Web-based evil. Chrome regularly downloads updates to this list, and warns you when you're about to hit one of those sites. You can choose to go there or avoid it.

 

Speed Dial

Another feature is speed dial . This is simply a visual list of the Web sites that you've recently visited or which you frequently visit. Just click on the rather-large icon and you're taken there immediately. This has been part of the Opera Web browser for a while now, and you can get a Firefox add-on to do the same thing. As with Opera, this is a default behavior for Chrome.

 

Bringing the Web to Your Desktop

A previous TechTip looked at how to turn Web applications into desktop apps using software called Prism. Chrome takes this one step further and integrates a technology called Gears. Using Gears, you not only turn the Web application into a desktop shortcut, but you can also use that application when you aren't connected to the Web. Gears stores all of your data offline and synchronizes it when you reconnect.

To use this feature, click on the Control the current page icon and the select Create application shortcuts. On the dialog box that appears, select where you want to put the shortcuts and then click OK.

Note that Gears doesn't work with all Web applications. It can be hit and miss to say the least.

 

Anything Else?

Beyond what's been mentioned, though, Chrome lacks a few important features that its competitors pack. Sure, it has great security and supports downloads, bookmarking, and multimedia. But unlike, say, Firefox you can't change the look and feel of Chrome or extend it using add-ons. Well, that isn't quite true. Some enterprising users have simple plugins for Chrome. They're not plugins in the truest sense of the word, they're more like bookmarklets. These plugins can do things like back up user profiles or Greasemonkey scripts. You can learn more about them here. Or, you can do a Google search.

 

Availability

Right now, only the Windows version of Chrome is officially available from Google. Linux and Mac versions are under development. However, the folks at CodeWeavers (who make CrossOver Office ) have released CrossOver Chromium for both Linux and Mac. It's essentially Chrome for Windows with a wrapper that enables you to run the software on the other operating systems. CodeWeavers put it together as a proof of concept. It works, but it’s definitely not perfect — the browser can be a bit slow and font rendering is often idiosyncratic. Still, it gives Linux and Mac users a taste of Chrome without having to get all techie and try to compile the browser's code.

 

What Does Chrome Mean for Users?

It could mean sweeping changes in the way that we view and use the Web. Or, it could mean nothing. My opinion falls somewhere in the middle. If nothing else, Chrome offers more choice in the Web browser world. If it retains its pep and zip Chrome could be a very viable competitor to Firefox, Internet Explorer, and Safari. Especially if the promised versions for Linux and Mac OS appear soon.

Some people fear that Google will play the features game and bloat Chrome. If that happens, then the browser will definitely lose some of its appeal.

If nothing else, Chrome is shaking up the Web browser ecosystem. It could force its competitors – Firefox, Internet Explorer, Safari, and Opera – to up their game. If that happens, then users will definitely be the winners.

Filed under browsers by al

Permalink • Print • Comment
« Previous PageNext Page »
Made with WordPress and an easy to use WordPress theme • Sky Gold skin by Denis de Bernardy