I support a product that detects unique key combinations when pressed to launch a notification alert.
This monitoring is done by a dll that is injected. Originally this was done specifically to winlogon.exe, but due to some changes in Vista we added the reference to our dll in AppInitDLLs to have it injected into every running process.
This is not working on my newest development machine, and some behavior on client machines mimicks the behavior. Another dll listed, C:\Windows\system32\nvinitx.dll, is still correctly being loaded, but mine is not.
Are there any known recent security patches that may affect this?
there are no new security changes as far as I know, you can inject any dll (but it must be compatible with the process you are injecting into) like if the process is 32bit your dll must be 32 and if the process is 64bit u need to inject 64bit or odd behavior will appear. another things that there is a new bool value must be set in windows 7 (not sure in vista) that is
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\LoadAppInit_DLLs" must be set to one
Related
I have an Excel file that contains VBA code and user forms.
One machine has been migrated to Windows 10. The Excel major version hasn't changed though (16). One of the forms lost almost all the controls on it and the user is getting
Compile error: Method or data member not found
at the line Me.cmbWeek.ListCount.
It looks as if this control is not existent in the file on that machine. I wouldn't say it is Windows10 incompatibility as some other machines migrated to Windows 10 flawlessly.
How can I debug what's wrong? The file has worked for years on several machines including the machine of this user (until on Win10). Checked references and there's nothing missing.
The form on user's machine (broken).
The form on on all other users' machines (proper).
I cross-posted to other forums:
excelforum.com
mrexcel.com
ozgrid.com
We managed to trace the problem to the DTPicker2 control on the form. It is part of MSCOMCT2.OCX library. It is present on user's machine, the same as on mine. That machine is version SP4 of the file whereas all other machines have SP6.
I can see that Excel reference points to some other destination than C:\Windows\SYSWOW64 - it points to other app's install path. Probably other app changed something in the registry.
When trying to uncheck the SP4 reference and load SP6 reference I get error
"Can't change references, in use".
Reinstalling office and registering MSCOMCT2.OCX did not help. As it's only two controls causing the issue - or so it seems - I'm now into replacing them with other date picker controls if there are any. If not, I might even use plain textboxes, though it wouldn't be very good solution. Are there any other controls that could handle calendar?
Do check if the region settings on the PC with Win10 the same as on the older PC's.
Changes in date formats, dots vs comma's, etc. can hugely impact VBA's ability to tinker company processes together.
My nw.js app suddenly stopped working on Windows 10 with the following error;
Failed to load extension from {path}. Default locale is defined but default data couldn't be loaded.
Structure & manifest
_locales
en
js/i18n.js
Manifest
"default_language": "en"
I don't know what windows has changed recently but it has been working solidly on previous versions of Windows for years. I've updated the country tag as per available language packs for windows here and chromium tags but still no luck.
According to this thread :
"I use Chrome and stopped updating it once they made tabbed-options
mandatory. I also keep my User Data folder in a non-default location.
When this bug started, I used the --single-process trick for a while
but as mwalsher said, it stopped working when they messed with the Web
Store. I used but hate the manual method outlined above, so what I did
was to simply move my User Data folder to a FAT32 partition. Problem
solved; now I can successfully install packed extensions from an older
version of Chromium, running in normal mode, to a non-default User
Data folder. Even better, thanks to a system I set up
(http://superuser.com/questions/196886/how-to-relocate-chrome-profile-but-also-make-new-links-open-with-the-relocated-p/257706#257706),
it was /extremely/ easy to change it (I had only to change a single
byte and reboot)."
..
"Change the security permissions of the temp directory might fix this
problem. On my computer, the temp directory only has 3 full control
user (My Account, System, Administrators) at beginning. I manually
give everyone full control to this folder (maybe adding list
permission only also works). However it doesn't work immediately,
until next day I restart the computer with great surprise.
..
As a workaround, --no-sandbox might work. Note that this is just as
unsafe as --single-process, so be careful when using it.
..
..
perform a "chrome://restart
Try this first:
..I restarted Chrome and tried to install it again, and now it
installed cleanly..
This one is too bizarre for me. In my Framework 4.0 WinForms app, FileSystemWatcher recently started giving me a null for OldName and only the parent folder for OldFullPath, not the full path of the old filename. However, some of the Windows 7 computers do this while others do not. I tried uninstalling our company anti-virus program temporarily but that didn't make any difference. I rolled back my code but it didn't make any difference.
I tried switching my application from Framework 4.0 to 4.5.2 but the problem persisted. In fact, I believe the problem is at a lower level than .NET because I wrote a test C++ program that uses ReadDirectoryChangesW() and a similar problem occurs: the problem computer never receives the FILE_ACTION_RENAMED_OLD_NAME notification, only the FILE_ACTION_RENAMED_NEW_NAME one.
I compared running processes and ended ones that are running on the problem computer but not on the non-problem one. Both computers are up to date with Windows Updates; I am hoping not to have to start uninstalling them.
I have one Windows 8 computer and the problem is not there; however, upgrading from 7 to 8 is not an option for several other deployments.
It just occurred to me to look at kernel32.dll on the respective machines, since that is where ReadDirectoryChangesW() lives. It's different.
Worky: v6.1.7601.18798
No worky: v6.1.7601.18869
Was there a recent change to the API that I need to accommodate?
Update: I found a non-working machine with v6.1.7601.18409 so that's not the problem.
In a word, Kaspersky.
To elaborate, I thought I had already tested removing KAS but maybe I didn't reboot after or something, and it's odd because it is also installed on a computer at work that does not present the problem--same version of KAS.
Note that this version is a corporate version, which installs:
Kaspersky Endpoint Security 10 for Windows
and
Kaspersky Security Center Network Agent
A central policy is pushed out to each client computer and enforced. It has control over settings, like trusted applications (a whitelist). When IT pushed out a whitelist entry for my specific application, it fixed the problem.
Note that there are several checkboxes to select for each trusted application entry. This fix only needed one of them.
Under Settings | Anti-Virus protected | Exclusions and trusted applications | Settings, there is a list that can be added to.
Do not scan opened files
X Do not monitor application activity
Do not inherit restrictions of the parent process (application)
Do not monitor child application activity
Allow interaction with application interface
Do not scan network traffic
Honourable mention must go to my co-worker, Arti Chauhan, who suggested more than once that KAS might be the problem. I thought I had fully tested when I guess I hadn't.
I've created a field picky but when I try to actually put in onto the form of my entity, I can't. I'm pulling it out hovering over a place to set it but the red line marking the drop-off spot doesn't show.
I remember very clearly it did in my last Project. In fact, I went back to the previous customer's GUI and tried the same and it worked there. I suspect it might have to do with the different versions. The customer runs on-premise (4.0 or 2011), the new project is on-line (2011) and I wonder how it's going to be in the next version (2013).
What can be causing it?
What can I do about it?
Incompatibility in IE 10.
(a) Run IE9/IE8 (works always).
(b) Try to run IE10 in backwards compatibility mode (works often).
(c) Wait for an update for CRM/IE10 (works slowly and seldom).
As a side note, I can tell that when I was having that issue, I noticed that by using a remote desktop to our development environment (or at least a virtual machine, e.g. VirtualBox, wouldn't you have access to an external environment), one could omit the whole issue sans having to degrade to an earlier version of IE.
I've searched long and hard for an answer to my question and have found answers only to a class that does not exist in the 3.5 .NET frameworks version (and with CE Windows 5.0.) Also, it's Visual C# with Visual Studio 2008.
When I try the following (using System.Threading)
bool ok;
Mutex myMutex = new Mutex();
ok = Mutex(true,"scanner", out ok);
The compiler complains that the Mutex is a type, but used as a variable. If I use a [STAThread], it also complains that it can't find it and I"m forced to use [MTAThread].
Are the classes for the mobile device type of c# programs the same for console based ones? I'm somewhat new to this and the idea of how to declare, use, lock and everything you wanted to know about a mutex is making my head sore. O.o I suspect it's because the classes are different from the console verseions and the mobile versions.
It seems so simple, create a mutex, check for it's existance, if so then don't start a new exe instance. That is all I want...just run one instance of any exe. This is a mobile device thus it's a standalone and I never have to worry about anyone else using the .exe. Just need to stop the user from tapping the start button 15 times and having 15 instances of the application running (then complain about low memory usage!)
I've read that a good way is to create a thread, lock it then check if the lock was successful to test if an instance of an exe is already running, close it if so else run the exe. Is there an easier way to do this?
One way to approach this would be to open a file for writing. Only one instance of the application could obtain this lock at a time. On startup, try and obtain a file handle for writing, if it fails, there must be another instance already running: exit immediately.
I think you can forget mutexes since we are talking about separate proceses here.