Windows XP SP3, The Good, the Bad and the Ugly

It’s been a week now since Windows XP Service Pack 3 has been deployed and the results are good, bad and little ugly.

The Good
I’ve been one of the 99% of those who downloaded and installed Service Pack 3 with no trouble at all.  I already wrote last month about what changed in SP3 but now we have the results of performance benchmarks.  While some folks have reported increased performance, the benchmarks don’t show any major improvements. In my own tests, I have found a slight increase in internet speed but it depended on my configuration. The results will vary depending on your firewall and the use of network monitor device protocol.

The Bad
Some folks (not all) using AMD processors quickly reported problems rebooting after installing SP3.  If you haven’t upgrade yet or have problems you’ll want to review the information available in Jesper’s Blog.  Jesper experienced the problem personally and with some helped worked through the issues and provides a detailed solution for others who might have problems.

The Ugly
Depending on who you ask you’ll get a different answer about how SP3 affects different versions of Internet Explorer.  If you’re using the beta version of IE8 most recommend you downgrade from IE8 before installing SP3.  I didn’t experience any problems but I also skipped IE7 when I installed the IE8 beta. My friend Corrine has some good details on the relationship between IE and SP3.

This upgrade is good example of why I recommend waiting 7–10 days before installing any new updates. It’s nearly impossible for Microsoft or anyone to test such critical software when it’s used by millions with millions of different configurations. Thanks to Jesper and others, information is now available to resolve potential problems from Service Pack 3.

 

 

Not All Video Games are Evil

One of the big news topics last week was the release of Grand Theft Auto IV. Immediately came the condemnation of the video game industry from parent groups and others with their own conservative agenda. While games like Grand Theft Auto get all the attention you may be surprised to know there are video games designed to change the world in a positive manner.

My friends at Breakaway Games know a thing or two about simulations and take the topic very serious. Best known for their battle simulations Breakaway entertains and provokes thought without gangsters and prostitutes. I’ve listed some titles you might take a look at.

Pulse!
Playing doctor will never be the same once you have a look at “Pulse!”. Developed jointly with Texas A & M the future of medical education is featured by this virtual simulation of clinical health care training.

A Force More Powerful
If you’d like to see yourself as Ghandi or Martin Luther King this simulation game might be for you. Your job is to oust a repressive dictator by creating a campaign of non-violent resistance.

Incident Commander
If you’d like a job with Homeland Security this simulation game is for you. You’ll face hostage situations, bomb scares, chemical spills and other potentially real life disasters. Incident Commander is distributed free to municipalities by the Dept. of Justice.

Code Orange
If the hospital environment suites you, Code Orange Emergency Medical Management Training for Mass Catastrophe might thrill you. Can you handle mass casualties from a weapon of mass destruction as they flood your ER?

Disclaimer: My friend Doug Whatley at Breakaway Games and my other real gamer friends will tell you I’m not a gamer. My attention span reaches its limit with simulations like the old Activision title “Little Computer People”.

Girls Softball Team are my Heros

Today I’m going way off topic. No tech news, no spyware tips, just a good news story. If you’re a regular Bits from Bill reader this might give you a good idea of what makes me tick.

On Saturday, in a college softball game in Ellensburg, WA spectators experienced a once in a lifetime display of sportsmanship. Senior Sara Tocholsky hit a three run homer for her Western Oregon team propelling them into the lead. Unfortunately while reaching for first base, her knee buckled and she fell to the ground in pain. Umpires were quick to point out that unless Sara continued around the bases her run would not count. In addition, she could not receive help from any of her teammates.

Enter Central Washington first baseman, Mallory Holtman. She asked officials if it would be ok if her and her teammates could carry Sara around the diamond allowing her to touch each base. That’s what they did. Holtman along with shortstop Liz Wallace carried Tocholsky around and lowered her to each base allowing her to complete her first home run and score the winning run.

Few people know that my all-time favorite sport is Little League Baseball. Every year in August I look forward to the Little League World Series from Williamsport which has been broadcast in HD for years. There’s nothing like the raw emotions of the kids who compete in these games.

I used to work for a joint venture of ABC Sports and games company MicroProse. Every year I’d propose we do a Little League World Series video game but it never happen. My old buddy Doug Whatley recently Emailed to tell me Activision was finally going to do it. So I guess I have a little tech news for you. Watch for Little League World Series 2008 to be released on Aug 5^th for the Nintendo Wii.

When I was growing up they didn’t have a rule that said all kids got to play. I still learned and appreciated what true sportsmanship is all about. My admiration goes out to the girls of Central Washington and their coach Gary Fredrick. No matter what the score, they’re big winners.

Fred Langa Announces Retirement

When Fred Langa got his first non-kit personal computer 30 years ago he was hooked. Like many of us, he used his PC knowledge to create programs he thought were needed. Fred had a natural ability to share this knowledge with others and spent most of his time teaching all of us more about our PC’s.

Fred was Editor-in-Chief of Byte Magazine which in the early days was a tech must read. He was also was instrumental in building the circulation of Windows magazine, NetGuide, and Home PC Magazine.

Freds influence became obvious to me when he told his readers know about a new version of WinPatrol some fives years ago. A few months after the release of WinPatrol PLUS Fred posted these comments in his newsletter.

“It's an interesting hybrid tool that combines a Startup/Active Tasks monitor and a way to sniff out Worms, Trojan horses, Cookies, Adware, Spyware and other malicious programs. Now, there's a new version…”

The resulting spike in PLUS membership was due this simple mention in the Fred Langa Newsletter. It also resulted in future mentions in other publications because of all the experts who read his column.

Fred announced his retirement today but instead of reflecting back and bragging about his accomplishments, he shared a summary of what he’s learned over the last three decades. Read Freds last column in the free version of the Windows Secrets newletter at https://windowssecrets.com/comp/080501#lplus0.

It’s hard for me to imagine Fred retiring completely. I tried it once and couldn’t do it but Fred has a lot of other great interests that will keep him busy doing good things.

Windows XP Service Pack 3 Update Delayed

I guess having SP3 available to a limited but large audience helped Microsoft flush out a few more bugs before its official release.

While Service Pack 3 was due to be deployed today, Microsoft decided to wait until they could block some systems they don’t want updated. They’re not making any changes to SP3, they’re just going to block those system which they’ve determined are incompatible.

Specifically, if you’re running “Microsoft Dynamics Retail Management System (RMS)” you shouldn’t upgrade to Service Pack 3. Microsoft also acknowledged problems with Vista Service Pack 1 and Dynamics Retail Management Systems.

If you’re one of those people who have already found and installed XP SP3 or Vista SP1, you don’t need to worry unless your system is using the Dynamics Retail Management System. If you plan on upgrading using Windows Update or the Microsoft Download Center no date has been given for public release.

Again, no fixes or changes are being made to Service Pack 3. The changes will be made to the Windows Update and Microsoft Download Center so that incompatible systems can be blocked.

Windows XP SP3, What You Can Expect

Microsoft has announced that on Tuesday April 29^th, Service Pack 3 for Windows XP will be available as part of Windows Update and Microsoft Download Center.  It’s already available if you know where to look but officially it launches on Tuesday.  While you won’t see any major changes to your system, thanks to WinPatol’s “First Detected” feature, I can give you an idea on what’s changed.

If you use any watchdog program like WinPatrol you’ll see some alerts of changes and obviously you should say Yes, and allow the changes during the install of install Service Pack 3. 

You’ll find a few “RunOnce” Startup files that Service Pack 3 will execute when you reboot.  These files clean up entries in the registry which are used during the update. I also noticed one toolbar extension and four new Services that came from Vista.

Startup RunOnce
[TSClientMSIUninstaller]
cmd.exe /C cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs
Script to run during a Longhorn Terminal Server client install.  First a down-level MSI database transform is applied for any MSI installed Terminal Server client
Second, Script to apply a down-level MSI database transform for a Remote Desktop client installs
[TSClientAXDisabler]
cmd.exe /C %systemroot%\Installer\TSClientMsiTrans\tscdsbl.bat

Personally I find it hysterical that the SP3 install depends on batch files and VB scripts which are executed at the command line level. Unfortunately, I have seen some security programs disable VB scripting as a way to protect users. I can’t say what impact this might have on the install.

Startup Notify
[DIMS Notification Handler]
DIMSNTFY.DLL
The Digital Identity Management Service Notification Handler runs via Winlogon Notify and will appear in your Windows\System32 folder. This file is used to verify digital certificates and is something you’ll want to leave in place.
Microsoft has more at http://support.microsoft.com/kb/907247

IE Helpers
[Messenger]
C:\PROGRAM FILES\MESSENGER\MSMSGS.EXE
Msmsgs.exe is the executable for MSN Messenger, Microsoft's instant messaging, Internet chat, file sharing and audio/video conferencing.  I’m not sure they need to add this back on my system but it’s there if you need it.

Services
[Wired AutoConfig Service]
DOT3SVC.DLL
Previously this was called Windows Vista Wired Networking. Related files on your system may include dot3api.dll, dot3cfg.dll, dot3dlg.dll, dot3gpclnt.dll, dot3gpui.dll, dot3msm.dll, and dot3ui.dll. These files are used by your 802.1x wired network.

[Health Key and Certificate Management Service]
KMSVC.DLL
This is also found in Windows Vista. This file is the Microsoft Windows Key Management Service, a new Windows service used in volume-licensed environments to activate machines running Windows Vista or later versions. You'll find more information at http://www.microsoft.com/downloads/details.aspx?FamilyId=F500D97B-8648-49B8-AF7C-C65A47E83256&displaylang=en.

[Extensible Authentication Protocol Service]
EAPSVC.DLL
You may see it described as "Microsoft EAPHost Service". EAPHost is a Microsoft Windows Networking component that provides an Extensible Authentication Protocol infrastructure for the authentication of "supplicant" protocol implementations such as 802.1X and Point-to-Point (PPP). The EAPHost APIs enable applications to authenticate using the EAPHost service, and provide a template for the development of conformant authentication methods for use with EAPHost.

[Network Access Protection Agent]
QAGENTRT.DLL
Also called the “Quarantine Agent Service Run-Time”.  This file is required for Windows 'system health' functionality to provide security and data protection.
See more at http://technet.microsoft.com/en-us/windowsvista/aa905073.aspx

[Windows Service Pack Installer Update Service]
spupdsvc.exe
This service just runs once and removes itself. Spupdsvc.exe will appear in your Windows\System or System32 folder. It's the Windows Service Pack Installer update service also described as the Update RunOnce Service. As the name implies, this file should not need to be running all the time. If you've just installed or updated something and the file is in your Active Tasks list, try rebooting.

The descriptions above were found in the WinPatrol PLUS database because they were introduced with Windows Vista. In general, Service Pack 3 looks like it fixes some bugs and includes many of benefits of Vista without the extra baggage.

 

WinPatrol 2008 introduced in its 10th year

According to eWeek.com WinPatrol is one of the 10 Free Must-Have Security Tools. “This ultimate watchdog program monitors Windows computers for signs of malicious hacker activity”. The new WinPatrol 2008 continues to be the Swiss Army Knife of Window utilities with the addition of its ActiveX manager.

It seems like every week more problems are reported in Quicktime, RealPlayer, Adobe Flash, Sun’s Java or other 3rd party controls. Once the vulnerability is known the risk increases exponentially until a patch is available. WinPatrol 2008 takes the worry out of waiting for a patch to become available. When a vulnerability is found Scotty will let you disable or set the “kill-bit” on the appropriate control until a new one is made available.

WinPatrol 2008 will also monitor your system and let you know when new ActiveX components try to make their home on your system. If it’s not something you wanted WinPatrol will kill the new component before it can do any damage.

Thanks to feedback from everyone who helped test WinPatrol 2008 including our volunteers who localize WinPatrol for our friends around the world. Thank you as well to staff at ars technica for including WinPatrol in their article "Five important security apps for Linux, Mac OS X and Windows" While this article implies WinPatrol is the equivalent of (User Account Control(UAC) for Windows XP it’s still a nice mention.

Vista AutoUpdate Kills USB

If you’re a new reader to Bits from Bill you may not know how I feel about auto updates. I’ve written about it before and documented some problems.

• Detect Changes to Windows Automatic Updates (10/07)
• Not All Computers are Updated Equal (04/07)
• More AutoUpdate Problems (04/06)
• Microsoft Security Update Problems (04/06)
• AutoUpdates Are Evil (03/06)
• Windows Blackout caused by AutoUpdates (01/06)

Last week Microsoft deployed a new update and again, some problems were reported. PC Magazine reports a number of reports of USB failures that occured following the update.

“Users who installed the update, however, soon found their USB devices unresponsive, particularly mice and flash drives. Removing and re-installing the programs reportedly did not immediately solve the problem”

I often write about new security updates which are generally deployed on Tuesdays. I tell folks to set Windows Updates in the control panel to “Download updates for me, but let me choose whether to install them”. In most cases, I recommend waiting at least a week to 10 days before installing updates. That way you’ll benefit from everyone else in the world testing the changes. The only exception is when there are serious security vulnerabilities with many threats already known to be out on the net.

If you do experience a problem with a Microsoft update support is available for free at 1-866-PC-Safety.

WinPatrol 2008 ActiveX Beta

Later this week I plan to release the first beta of the next version of WinPatrol, called WinPatrol 2008. This test phase will be limited but you can request access by Emailing support@winpatrol.com. Include basic information about your system and any special talents you might have. PLUS members will naturally be given priority but it’s not a requirement.

The big new feature in WinPatrol 2008 will be monitoring and control of your ActiveX components. Even our friends at Symantec recently reported ActiveX account for an overwhelming majority of all browser plug-in vulnerabilities. Microsoft controls made up 79% of the 239 plug-in bugs discovered the last half of 2007. Those problems were followed by Apples’ Quicktime which had 19 vulnerabilities patched last year.

It seems like every week more problems are reported in Quicktime, RealPlayer, Adobe Flash, Sun’s Java or other 3^rd party controls. Once the vulnerability is known the risk increases exponentially until a patch is available.

WinPatrol 2008 Beta 1

WinPatrol 2008 takes the worry out of waiting for a patch to become available. When a vulnerability is found Scotty will let you disable or set the “kill-bit” on the appropriate control until a new one is made available.

One of the tasks for each tester will be to go through the list of ActiveX controls and just click on PLUS Info. That will provide us with a list of most commonly used controls so our research department can have data available for all PLUS members by release time. Our research director Robin doesn’t know it yet but we’ll all be working a little overtime.

Windows Episode VII, "A New Hope"

Yes, it’s seems early to be talking about the next version of Windows when many of us haven’t even made the jump to Windows Vista. As a developer it’s never too early to look towards the next version of Windows. When it launches I need to make sure everything continues to work.

For those of you who haven’t embraced Vista, Microsoft doesn’t want you switch to the Mac or Linux.  It’s pushing news about Windows 7 out like a carrot to keep us all interested and hopeful.

A super-enthused Bill Gates said "Sometime in the next year or so we will have a new version."  I would estimate the “or so” as 3 years. Most of the schedules I believe point to 2010 for the next big release.

Originally code named Vienna, the new official code name “Windows 7” has been confirmed for the next big release of Microsoft Windows. Personally, I think “7” is in honor of Star Treks Seven of Nine, Jeri Ryan (Resistance is futile).

My pick for a new name is “Windows ZP” or Windows Zippy.

The screen shots look a lot like Vista but you can expect that to change. Early rumors talked about a stripped down modular “minWin” version of Windows that could run on a variety of devices.  minWin is an internal term which refers to an effort to trim down what is classified as the Windows kernel.  Windows has always been modular and you can expect your applications to still require many modules to run.

What I see ahead is an OS designed to host virtual machines running via a thin hypervisor code level.  This would make Windows the key OS that every thing else can run on top of.  It also allows Microsoft developers to create exciting new functions but continue to keep backward/legacy capability. Bottom line, Microsoft still wants to be the gatekeeper to everything especially network based applications.

The new Windows Desktop will be separate from the core Windows kernel and include a new Explorer.  If you like the ribbon based interface found in Office 2007 you may like the new Explorer interface. Microsoft is still determined to resolve one of the oldest user problems, “Where did I put that file?”.  This change hasn’t been reflected in the current screen shots which show what I consider an awkward file finder.

So if you haven’t converted to Windows Vista, just hang in there. Our friends in Redmond haven’t given up on you yet.

 

Airline Troubles Getting Worse

I’ve had my share of frustration with airlines and a number of what I thought were disasters but our friend PaperGhost(Chris Boyd) just raised the bar. On the day when the “Airline Quality Rating” report was released I heard from our buddy Chris who was stranded in Ireland after an emergency landing.

BA 287 Dumping Fuel before emergency landing

Emergency Equipment at Shannon Field, Ireland

If you click on the photos you can read Chris’s full account. The near-death emergency landing was only a fraction of his travel fiasco.

According to MSNBC, “Travelers increasingly are unhappy with airlines, ranking lost luggage among their biggest complaints”. I think if they talk to Chris they could get some more colorful complaints.

Personally, I’ve been lucky with my luggage. I do always keep a change of underwear in my carry-on, just in case. One time at a meeting my undies flew on to the table when I removed my laptop from its bag. While embarrassing it’s still not as bad as Chris’s experience or when Delta Airlines lost our grand daughter Marisa at Kennedy Airport.

Time to Review your Backup Procedures

Every now and then I just like to shout as loudly as I can to all my readers, BACKUP!!!! I’m sure you know how important it is to backup your data but are you really satisfied with your current back up procedure?

It’s a sign
This past week two good friends have been spending their valuable time rebuilding systems that suffered from a hard drive failure. PC Worlds Steve Bass wrote “my mother’s PC was a goner” and security expert Temerc posted “I’ve suffered a drive corruption”. I take this as a sign that I should spend today reviewing my back up procedures. The last time I had a major disk failure my wife almost moved out.

You might think it won’t happen to you but it happens all the time. The most common Email I read daily is from PLUS customers who say “My hard drive crashed, can you send me my PLUS code?”.

• Do you know where your application CD’s and registration keys are located if you need to rebuild your system?
  
• Are your recent photos safe?
  
• Have you verified that your backed up data is not corrupted?
  
• Does your backup program include everything you’ll want to save?
  
• Has the location of your folders changed since upgrading to Vista?
  
• Has your backup software been updated recently to fix bugs?

If you’d looking for a back up program and it’s not in your budget this month check out “Replicator” from Karen Kenworthy. Like my own WinPatrol, Replicator is a program that was written by a programmer for their own use but has been made available to the public.

I urge you to budget your time this weekend to BACKUP your important data and review your data procedures. While you’re at it, I know you didn’t change the smoke detecter battery when you turned your clocks ahead. Caught you didn’t I? So while your data is being backed up, go get batteries and make sure your smoke detectors are all updated too.

Your Laptop Could Predict Earth Quakes

The concept of distributed computing using personal computers has been around for a while. There have been fun applications but now we have one that could have mass appeal and actually save lives. A joint project between Stanford University and University of California at Riverside called the Quake-Catcher Network shows some real promise.

The most popular distributed computing project for personal computers has been SETI@home. The goal of this project was to process all the narrow-bandwidth radio signals collected by SETI radio telescopes looking for specific patterns.

“In 1995, David Gedye proposed doing radio SETI using a virtual supercomputer composed of large numbers of Internet-connected computers, and he organized the SETI@home project to explore this idea. SETI@home was originally launched in May 1999.”

SETI@home created a screen saver application so it was only active when your computer was idle so computation wouldn’t conflict with other activities. Like many, I participated for a while in hopes I might be the one to prove there was intelligent life in space.

Enter the Quake Catcher Network

The Quake Catcher Network would work in a similar distributed computing manner using an open-source platform called BOINC. QCN would take advantage of accelerometers which are commonly built into new laptops. The purpose of the laptop accelerometer is to detect if your laptop has been dropped so it can lock up any moving parts like your hard drive head. Accelerometers detect changes in the rate of motion. Last year I wrote how accelerometers are used in the Wii Remote.

The Quake Catcher Network is still being alpha tested but I predict we’ll be hearing more about this innovative project more this year. If you don’t have a laptop with an accelerometer QCN will make them available for purchase. We don’t get much seismic activity here in Scotia, NY but I can’t wait to participate.

Screen Shots:
http://qcn.stanford.edu/qcnalpha/img/qcn-earth-day-nz-quake.jpg
http://qcn.stanford.edu/qcnalpha/img/qcn-sensor-3d.jpg
http://qcn.stanford.edu/qcnalpha/img/qcn-earth-night.jpg

Apple Bad Habits Punish Windows Users

It seems like Apple just wants to punish Windows users while they make deals and slowly infiltrate our machines. I haven't used an Apple computer for years but I don't remember them treating their own customers so badly.

• One bad habit has been around for a while in the QuickTime video player. Anytime you view a Quicktime encoded video, Apple automatically adds the program, qttask.exe to the Windows registry so it will automatically run anytime you reboot. This was one of the reasons why I created the "Disable" button in WinPatrol so it could automatically be removed.

• A recent bad habit getting a lot of attention is their effort to sneak the Safari browser on to your machine when you update your iPod/QuickTime software. There have been many cries that Apple Safari is Malware. Just like your typical adware company Apple claims “it's an option” but when the option is pre-checked we all know most people won’t even notice it. That’s considered a user decision to accept it.

It’s especially disrespectful since Apple Human Interface Guidelines put the “action” button on the far right where Windows users are accustom to a Quit,Close or Cancel button. If you’re doing a Windows application then use Windows UI guidelines. (BillP Pet Peeve)

Fun Side Note: According to the Safari EULA, “Apple forbids Windows users from installing Safari for Windows”

• This morning I realized most people will receive QuickTime whether they want it or not. Much to my surprise I was told I should install QuickTime when all I wanted to do was look up my credit card balance.
  

It didn’t matter what I said.

One of the features I’m working on for WinPatrol 2008 is monitoring and control of ActiveX controls. It seems like once a week we’re hearing about vulnerabilities in ActiveX components so I want to give users immediate control instead of waiting for the next patch. The alert below appeared when I was just checking my credit card bill.

After digging a little it turns out the QuickTime component was part of a Google ad-sense box which was located on the main chase.com page. So not only is my credit card company charging me for my card, they’re trying to make money advertising to me. I’m getting off topic now but you get the idea.

I guess I really need to get WinPatrol 2008 released soon or it will be time to dig my Mac programming manuals out of the attic. How does “QuickPatrol” sound?