It's official and available from Windows Update.

Hey, question for computer gurus. The MS SP2 page gives tips and tricks to apply before installing SP2. One of those is to update BIOS to latest version. I've avoided doing that under the "if it ain't broke..." theory and am now two revisions behind. Do you think I should update BIOS first? If so, should I flash in sequence, or will the latest update contain prior changes? TIA...

 

The suggestion comes from a point of making sure everything is as current as possible before SP2 looks at the machine. SP2 will make decisions about install based on what features it sees from the BIOS - for example, USB 2.0 drivers or on-board video.

If your BIOS is giving you all the features that yoou know you can have, and things are running, then I wouldn't bother doing it. Many of my motherboards are behind on BIOS revs.

If you do decide to do it, then all the BIOS installs I've seen are cummulative. So, installing a "version 1.16", would get you all the features of 1.05, 1.07, 1.12, etc...

There _are_ exceptions to this, but they're very rare. For example, a BIOS manufacture may have to cripple support for 5 1/4" 1.2meg floppy drives in order to get in a fix for USB 2.0. Not a big deal these days.

 

Thanks, Mark, I'll leave the BIOS as is. I will update all other programs before the SP2 install, though.

 

One thing to pay close attention to is the "want" of SP2 to have MS Office apps (Word, Excel, _OUTLOOK_, etc) updated as well before install. I think there's a link on that page to the Office updater.

 

Whoa, thanks for the reminder. I read that on the Dell site over the weekend but then forgot. I just checked the update page and wound up installing Office XP SP3, all 54 Mb!

 

Yeah, that's a nasty one... The caution from MS's side is that if you don't do it, then SP2 may flagged the install as a security hazard and you'll have to re-install the whole suite from scratch, and _still_ install the update.

 

I did the SP2 install today and so far no apparent problems.

First, I deleted unused programs and IE toolbars and Zone Alarm. Then I updated the rest, cleaned up and went to Windows Update. That took over an hour.

I selected Express Install (recommended by MS). It downloaded the 98MB SP2 in a few minutes, OK'd the EULA and something else, and then went outside to deliver a car I sold yesterday. I checked progress every 15 minutes. SP2 automatically backed up everything, created a restore point, and installed all the needed files. When finished, I OK'd a dialog box asking to reboot. As the box shutdown, I caught a quick glimpse of a timer that I think said the whole process took 1 hour 37 minutes start to almost finished.

Here's the tricky part. Upon reboot the Security Center asked for config confirmation and then switched to my wallpaper. No taskbar or shortcuts, though, and no activity LED blinking indicating anything else was happening. I thought there was a problem for a few minutes, but eventually the LED showed activity and finished the install.

I surfed to my favorite sites including a few with known popups and SP2 caught them all. Surfing is also now noticeably faster, even on a cable connection.

**Question of the day: Which firewall should I use, the updated firewall in SP2 or reinstall Zone Alarm? I disabled the SP2 firewall because of user comments on some other boards, but guess I should be running one of them even though I have a hardware router.**

 

any of you guys with sp2 have counterstrike? that'd really suck if I couldn't play it after updating.. also I've got this coolwebsearch startpage virus that I can't get deleted... would downloading sp2 fix this or would this virus cause a problem with the install?

 

First off... cool on the install. Congrats.

And yeah, that dead-wallpaper screen can be a great source of a freak-out.


Firewalls... I'm pretty well documented here in not agreeing with software firewalls. Sure, it can run easily updateable tables of source IP addresses looking for known entities to keep away, but... with a software firewall, those bad entities are already in your machine! If there's a vulnerability with the TCP stack, then it's already exposed; plus it's eating horsepower from your local CPU for _EACH_ TCP packet.

I've never had an issue with a trojan horse or a virus or anything naughty on my machines. I also don't click on email attachments from someone I don't know or that I didn't expect to get from someone I do know.

All that said, I disabled the default firewall in SP2, and _completely_ disabled DEP (not just set up an exception table).

Maybe the place to start is to ask what you expect the firewall to keep away? It's not a virus/TH checker; it's basically stopping local programs from getting out to the net and remote programs from getting in. The remote getting in is dealt with from the hardware firewall. The local getting out can generally be managed by watching what you install.

If you have other folks (kids?) installing stuff on the machine, then that can ("should") be handled with separate user accounts, and no one other than yourself has admin rights. That way, if an offspring installs the latest spamware, it won't have rights to install for "all users" and you can isolate it when it shows up.

As you install stuff, if you're not sure what payload may have come with that new app, keep your Spyware tools handy. Boot the machine after an install, run the tools, clean anything that's there, boot again, and run the tools again.

That should keep the machine perty dern clean.

That's my nickle and a half on the topic.

(dang... I've got another penny's worth!)
Do you still have your Zone Alarm logs? How much stuff did it catch? That might be the way to get some real-world data for your case.


side note for SP2.. Depending on how you feel about Automatic Updates, the default in SP2 is to automatically download _AND_ install any updates. If you want to change this (maybe to download and let you decide what get's installed) then head to: Control Panel, System, Automatic Updates.

 

I've been fine using the Steam installs of CS and Half Life under SP2. Depending on your system, you might get a promot saying "xxxx is trying to access the Internet. Allow/Deny/Allow Always". One click ("Allow always" ) and you won't see the prompt again.


SP2 will _NOT_ get rid of this. You really need to clean this out first. There's a lot of info on the 'Net about it, have you tried all the various "how to"'s?

http://www.google.com/search?hl=en&l...7C&btnG=Search

Also, ask yourself if you really need to install SP2. Many people _don't_. Don't let MS scare you into thinking that you NEED it. You need to decide if it will "fix" any problems that you have right now. So, if you don't have problems, then... you don't really need it.

 

Thanks again, Mark.

I was thinking of your prior posts about software firewalls and in part deleted Zone Alarm because of your advice. I'm the sole user of this home office computer, so no worries about any unwanted d/l's. Maybe that's why the computer seems faster now with no software firewall running.

The Zone Alarm logs are gone, but I had it set to alert if any server activity occurred. Honestly, I never saw anything unusual except for the "Generic Host...something or other" trying to access the Internet, which I always denied with no ill effects. That was in addition to the other stuff like auto email check and NAV auto update for real time scanning (I still use Housecall for system scans).

I disabled Auto Update like SP1. Now I get a small nag logo and popup in the taskbar reminding me that I'm in great danger!

Hmm, I don't know what DEP means. It doesn't sound good. Where do I find the disable feature?

Oh yeah, here's one for ya'. After the SP2 install I cleaned up and ran Ad-Aware SE and Spybot. Spybot picked up three new tracking cookies in the registry for Media Player 9! I wasn't too happy to see that. I thought the whole point was to increase security.

 

I've tried everything I could find on the internet about it, nothing's worked to get rid of it.. I had my fingers crossed that sp2 would take care of the problem after installing it

 

No probs man!


Could be... You'll see the biggest speed increase in things like long net downloads. Big mail pulls, file dowloads in the megabyte range, etc.


'k. In all honesty, I think that should be your guide. Not having problems in the past doesn't mean that you won't have problems in the future, but I think it's good input on making a decision.


You can get rid of that too. Control Panel, Security Center, "Change the way Security Center alters me". The UI is pretty weird, but you can shut up the nagging there.


Oh, this is another fun thing that's in SP2 that's bound to eat horsepower from here to the end of time.

The short concept of DEP ("Data Execution Prevention") is that it's another way of noticing that something's not right with an app on your system. It looks for apps that are "cheating" to get code to execute on the machine.

I don't want to swamp you with techno-babble, but I can go into it more if you want. MS's page on it is here:

http://www.microsoft.com/technet/pro.../sp2mempr.mspx

The related settings page is at: Control Panel, System, Advanced, Performance (click settings), Data Execution Prevention.

The screen that you get may be different from mine based on the capabilities of your processor. What DEP does and how it does it is a bit hardware dependent. If the processor can help it do it's thing, then it will. If not, then DEP will move to a limited "software only" mode and do more on it's own.

I know that's really vague, but again, I don't want to snow you with babble.

_My_ bottom line (i.e, "imo") is that it's a marketing checkpoint for resalers. I think that if you have the hardware to support it, then cool. Otherwise it's more CPU cycles burned.

To really really kill it, you have to edit a hidden/system file in the root of your boot drive. The MS page above covers it, or I can shorthand it for you as well. The screen dialog from Control Panel will only let you tone it down, and it'll still eat CPU.


heh. Depending on what cookies it saw, it may be a "feature". SP2 includes some stuff for the backend of Media Player 10 which will be out incredibly soon. MP10 doesn't have trojans in it, but it does have some new features that could cause Ad-Aware and friends to think that something's up.

 

Mark, I am bookmarking this post.
Please explain how to disable DEP via editing it.
I will be upgrading one day to SP2, but not yet.

 

uh-oh, you caught me in babble mode.

Okay... to kill kill DEP and never have it do anything:

• Click START
• Select RUN
• Enter {bootdrive}:\ for example, if you boot from drive C, you'd enter "C:\" (no quotes. (This will open up an explorer window to drive C:\)
• Click on TOOLS
• Click FOLDER OPTIONS
• Click VIEW
• Under "Hidden files and folders", click SHOW HIDDEN FILES AND FOLDERS
• Scroll down and uncheck "Hide protected operating system files"
  (You'll get a popup telling you this isn't safe. click YES)
• Click OK
  (the screen will refresh)
• RIGHT click on BOOT.INI
• Click PROPERTIES
• Click on the "READ-ONLY" box to clear it
• Click OK
• RIGHT click on BOOT.INI
• Click OPEN
  (this will open the file in Notepad)
  
  
  WARNING: You are now in the Danger Zone. BE CAREFUL
  
  
• There's a line in the file that will look like this:
  multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windo ws XP" /fastdetect
  (the text in the quotes on your system may not match what you see here)
  
  You want to add the text "/noexecute=AlwaysOff" to the END of that line, so that it looks like this:
  
  multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Windo ws XP" /fastdetect /noexecute=AlwaysOff
• Make those changes to that line, and do not change anything else.
• In Notepad, click on FILE
• Click on SAVE
• Click on FILE
• Click on EXIT
  (Notepad should close and you should be back in Explorer looking at the file list)
• In Explorer, RIGHT click on BOOT.INI
• Click PROPERTIES
• Click on the "READ-ONLY" box to set it
• Click OK
• Click FOLDER OPTIONS
• Click VIEW
• Under "Hidden files and folders", click DO NOT SHOW HIDDEN FILES AND FOLDERS
• Scroll down and check "Hide protected operating system files"
• Click OK
  (the screen will refresh)
• Close the Explorer window
• Shutdown and restart Windows
• When Windows comes back up, you should be free of DEP.
  (you'll know worked and you didn't break anything in the process if a) your system boots , b) You find that the previously mentioned "DEP" page in Control Panel/System/Advanced/Performance is greyed out)

DISCLAIMER: No warranties are expressed or implied. You're doing this on your own. You can't sue me, be mad at me, or hit me with a wet noodle the next time you see me - no matter what happens. Yes I'm running all my systems like this. No I haven't had any problems. Yes I agree that doesn't mean you won't.

 

Thanks for the info Mark.
Yeah, I always set my PCs up after a format to show all hidden files and extensions.

I am always editing stuff.

 

Mark, your explanation of DEP was clearer than the MS site. However, your disable procedure triggers my "Murphy's Law" alarm. I checked CPU utilization in Taskbar Manager and it idles around 1% if that means anything. I noticed RAM usage went up from 160MB to 250MB after SP2 install, though. Day 2 of SP2 install and all of my programs and processes are hummin' along just fine so far. Surfing is definitely faster, boot up is quicker, and the popup blocker works about 90% of the time.

 

Ahh... well, then there's a step-by-step for someone else!



heh. yeah... it's a bit verbose and thus looks terrifying, but I kinda' did it that way on purpose. Ya' gotta' be honest about your comfort level.


Hmmm... It all sounds for the the better then. Too many folks (with MS being one of the worst) treat RAM as an expendable resource these days. It ticks me off to the core, but in 20+ years of fighting it, there's not a lot I can do about it 'cept to make sure that my own code doesn't add to the bloat.

Welcome to SP2... Hopefully after all this work, it'll do you well in the long-run!

 

i did my SP2 today....no problems so far....I plan on reformating and reinstalling everything in a couple days so I wanted to see how it worked to make sure I wanted to install it in the first place....

I've noticed that the Mircosoft Firewall is enhanced I guess the are planning on putting ZoneAlarm out of bussiness like Mircosoft likes to too....none the less I disabled it an am only planning on using my routers firewall....

 

Hmm, two glitches, one big. First, on boot up, the System32 folder opens on the desktop and stays open. I have to close it manually. Not like it requires any effort, but it's an irritant. Second, when I tried to reinstall Firefox, it first didn't allow the download. When I clicked through the three warning dialog boxes it d/l'd and installed, but won't run Firefox. Activity shows on the hard drive and the mouse cursor shows busy like it's trying, but nothing happens. I miss my Bug Me Not Firefox extension.

Edit: Got Firefox to reinstall (after the three warnings) when "Run" instead of "Save to Desktop" was selected. Any ideas on how to get the Sys32 folder to stay hidden at boot?