Areas of Interest, as counted by my cat
All I’m trying to do is uninstall 600 MB of un-runable stuff. There are not enough swear-words in the English language to cover this possibility:
…What error log, exactly? Any hints? There are many, many error logs.
Thank you, RegSeeker, CCleaner, and Process Explorer. My friends. Where would I be without you? Oh, that’s right. Screwed.
Lesson learned is worth repeating up top: Do not browse the web with IE under a user context with Administrator privileges.
I normally use FireFox 1.5 as my Internet browser, with JavaScript turned off and no flash plug-in. However if I find an amusing or intriguing link on Slashdot, Digg, or Reddit that is highly recommended but requires those features, I’ll use Internet Explorer to peruse the link, because the flash plugin and Javascript works there. Last time I did this (Yesterday) I got “hijacked”. I don’t know when it happened. All I know is that sometime later, I got a piece of yellow “toast” popping up in the system tray with a red “X” icon saying, “Windows Firewall has detected that your computer may be under attack”. Now, I don’t use Windows Firewall – it’s turned off. (Call me stupid, but that’s how it is.)
When I clicked on the “system” popup, it took me to a website for “Tesla Plus – top-rated spyware removers”. Ooookay. Doesn’t feel very “Microsoft” to me. When I launch IE again, I notice that my default home page – normally “about:blank” is now set to a fake microsofty-looking search page, with a bunch of additional links at the bottom for Viagra, home shopping, internet music – the usual spam garbage. Oh, and an official-looking link at the top for www.pcadprotector.cc which – surprise, surprise – goes to that Tesla Plus page.
The interesting thing is that it didn’t just change my browser home page preference. This thing changed where “about:blank” actually goes to!
Aiiee. Deep nasty. My browser had been “hijacked”.
After some exploring looking for traces of “pcadprotector” on the web and on my harddrive, I found many articles recommending Hijack This as a detector for browser problems of this nature. It certainly shows up all the possible ways evil programs can get into your system.
Hijack This showed that in addition to the Adobe Acrobat Reader and Java web plugins, there was another one that didn’t look familiar: c:\windows\system32\sdkec.exe. The file was dated a few days ago, which seemed odd for a resident of the windows\system32 directory. Upon viewing the contents of the application (via NOTEPAD.EXE – a rough but illuminating method) I found reference to “pcadprotector”. Busted!
I terminated the process using Task Manager, used HiJack_This to remove the extra plugin reference, and rebooted with a sigh.
Except… it didn’t fix the problem. IE’s home page was still hijacked. I ran HiJack_This again, and found that there was another extra plugin that had taken the place of the first one. This one had a different application file: c:\windows\system32\d3ds32.exe. I repeated the fix process one more time to see if the pattern would repeat itself, and it did. This time: c:\windows\appuw32.exe. Clearly there was another rogue process running on my machine that was creating copies of the hijack with different file names, ensuring that it would always be launched and installed. Ergh.
After a clean reboot, I checked Task Manager again for unfamiliar processes. One was c:\windows\atlue.exe. (At least, that is what it was called on my system, at this time.) I did a google search for “atlue.exe” and the only hits that came back were from people complaining of spyware problems so I was pretty sure I’d found the “mother” trojan. I couldn’t terminate this process – I didn’t have permission! (I hate it when that happens.) So I used Process Explorer to examine what DLLs it relied on, and then changed the Windows ACL entry for one of the DLL files so that it couldn’t be executed. After a reboot, It wasn’t running and I was able to delete the atlue.exe file and clean up the plugin entries one final time using Hijack_This.
Moral: Do not browse the web with Internet Explorer under a user context with Administrator privileges. It’s just not safe anymore.
Editor’s Note, August 2020: We’re a long way from 2006 and although web browsing still has various associated risks, we can be thankful that OS and Application security improvements over the years has made incidents like this one largely a thing of the past. Also, I use Windows Firewall enabled like any sensible netizen, and have done so since, oh, Windows 7, when it became less intrusive.
Ugly.
And the networking doesn’t work. Yet it wants to go out to the Internet for everything.
Oh, and did I say it was butt-ugly? Apparently all the talented UI designers have left Microsoft. I curse the day some idiot decided that dialog boxes and web pages with hyperlinks deserved to merge into some kind of mutant hybrid UI. Consistency, people! Standards! Have you forgotten all that you learned? Why do you think the Win95 interface is cloned and duplicated so fervently by the Linux shell people?
[Update: We got the Vista connected to the network, finally, by selecting a different Ethernet card driver. Vista’s preference was for one that didn’t work.]
Have I recommended this blog before?
It’s really very good. It makes Marketing seem interesting.
If you are trying to size objects on a VFP form to match a specific font, you have to take into account the current screen DPI setting as well. Consider sizing a Rectangle object to surround a given piece of text. You know the fontname, fontsize, and the actual text string, but you don’t know the dimensions. No problem, you say, I’ll just use FONTMETRIC() and TXTWIDTH() to figure out the size of the text in pixels:
iAvgCharWidth = FONTMETRIC(6, cFontName, cFontSize, "" ) iTextWidth = TXTWIDTH( cString, cFontName, cFontSize, "" ) * iAvgCharWidth
…and now I can size my Rectangle appropriately, you say.
Not so fast. What if your Windows display is set to 120 DPI? The text will be sized differently. You have to take this into account:
*--------------------------------- * Determine the screen DPI: *--------------------------------- #define LOGPIXELSX 88 declare integer GetDeviceCaps in WIN32API integer HDC, integer item declare integer GetDC in WIN32API integer hWnd *declare integer DeleteDC in WIN32API integer HDC declare integer ReleaseDC in WIN32API integer hWnd, integer HDC local hdc, screenDPI hdc = GetDC(0) THIS.screenDPI = GetDeviceCaps( m.hdc, LOGPIXELSX ) ReleaseDC( 0, m.hdc ) IF iScreenDPI <> 96 iTextWidth = INT( (iTextWidth * iScreenDPI)/96 ) ENDIF
I was grappling with issue recently, dealing with a bug reported by someone who said that Pageframe text captions were getting truncated when they set their environment to 120DPI + “Large Fonts”.
Well, this morning I have read a post by the remarkable Charles Petzold about Device Independent Units (DIU) that goes some way (and more) to explaining why we have to do it, because I believe that Visual FoxPro uses actual pixels rather than DIU. His post his worth a read.
Office 12: Now with Bumps TM, thanks to superior Dalek technology.
Before you all go crazy adding new funky Ribbon UI technology to your contact manager application, please think about this: Do you really need it? Do your users really need it? Is your application’s command tree really that complicated and deep?
I doubt it very much.
Still, if this gets developers excited about smart/thick/local/non-web clients again, I’m all for it.
[Update] Well, that didn’t take long.
Marcus wrote a very good article about the TRY-CATCH structured error handling in VFP8 and later versions. One section in particular caught my eye because it directly relates to an issue I’ve hit recently:
[..] the result is opposite from the previous example. The Error()event takes precedence over the Try/Catch and handles the error inside the called object.
So what would happen if we added some structured error handling to the TestClass object?
DEFINE CLASS TestClass AS Custom
FUNCTION Execute
TRY
xxxxxx
CATCH
MESSAGEBOX(“Exception 2!”)
ENDTRY
ENDFUNC
FUNCTION Error(nError, cMethod, nLine)
MESSAGEBOX(MESSAGE())
ENDFUNC
ENDDEFINE
In this example, the new Try/Catch will handle the error since it has been defined at a higher level of granularity.
Alas, this is not strictly true for every case. Consider the following code:
q = newobject("myTest")
q.Execute()
define class myTest as custom
procedure execute
try
*-----------------------------------------
* This is handled nicely by the
* surrounding TRY_CATCH:
*-----------------------------------------
y = newobject("invalidClass")
*-----------------------------------------
* This one ignores the TRY-CATCH and
* triggers the .Error() event:
*-----------------------------------------
THIS.NewObject( sys(2015), "invalidClass", "invalidLib.vcx" )
catch
=messagebox( "We successfully caught the error in the catch.",64 )
endtry
endproc
procedure error( p1, p2, p3 )
=messagebox("The object's error() event was triggered instead!",16)
endproc
enddefine
The structured error handling works as expected for the NEWOBJECT() function call, successfully trapping the “class not found” error. However, the method call THIS.NewObject() will force the objects .Error() event to fire, requiring a completely different set of handling code to suppress the error. This is not a bug, it’s the way objects work. Objects always defer to their own .Error() events to handle errors. Annoying, isn’t it?
David Stevenson has just informed me that my article in the September issue of FoxTalk is available online: In this article, Colin Nicholls shows you how to extend the VFP 9 Report Builder’s Multiple Selection dialog with additional functionality you design. In doing so, he also reveals the secrets of the Report Builder’s lookup table, or registry, and demonstrates how you can substitute your own version to customize the Report Builder’s native behavior.
Link: Extending the Report Builder’s Multiple Selection dialog
[Update: This article no longer appears to be available online. Sorry about that! For what it is worth, this feature has been revised for VFP 9.0 SP2 and although the technique is still valid for earlier versions of the product, you will probably want to pay attention to the changes when SP2 is released.]
This is the first installment of a series of articles discussing the development of a console utility written in .NET C#. In this first article, I look at creating a multi-project solution in Visual C# 2005, and sketch out the application requirements. I also take a look at application configuration files and custom configuration section handlers.
A common question about running reports created in Visual FoxPro 8.0 (and earlier) in VFP9 is “Why do I have to make my field/expression controls slightly bigger to avoid having my data truncated in the report output?”.
The glib answer is that, when SET REPORTBEHAVIOR 90, vfp9 uses GDI+ to render text instead of regular GDI. GDI+ requires a little more space to render the same text string than GDI.
If you’re happy with that answer (which is essentially “Just because!”) then great. No need to read further.
If you’re interested in exactly why GDI+ needs to allow more space when rendering text, then check out this: http://support.microsoft.com/?id=307208. It’s pretty interesting.
Update 16-June-2006: This related blog post Text Mess in .NET by Wesner Moise is also interesting.
© 2025 More Than Four
Theme by Anders Noren — Up ↑
Recent Comments