Saturday, June 19, 2010

How to remove AV Security Suite

How to remove AV Security Suite

remove procedure:

1. Press power button to restart computer.
2. when window appears, ctrl+alt+delete to get task manager
3. remove the process:
[random string]tssd.exe

4.Edit host file under
WINDOWS\system32\drivers\etc. to block following sites:
127.0.0.1 antispyprogtool.net
127.0.0.1 antimalwaresecurity.net
127.0.0.1 antispyware-guard.net
127.0.0.1 threatremover.net
127.0.0.1 antispywareprog.net
127.0.0.1 antispantispycastle.com

5. remove registries like:
HKEY_CURRENT_USER\Software\avsoft
HKEY_CURRENT_USER\Software\avsuite
HKEY_LOCAL_MACHINE\SOFTWARE\avsoft
HKEY_LOCAL_MACHINE\SOFTWARE\avsuite
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:1041"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = "1"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ouferdbubtdve"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run "ouferdbubtdve"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = "1"

6. Remove folder and files:
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string]tssd.exe
%Documents and Settings%\[UserName]\Local Settings\Application Data\[random string]\[random string].exe

How to Display Chinese on Windows Mobile?

How to Display Chinese on Windows Mobile?

It's kinda weird as to why Microsoft does not enable displaying of 2nd language e.g. Traditional/Simplified Chinese other than English on a English Windows Mobile OS. They have done it easily on all Server/Desktop Windows and it shouldn't be too difficult to activate it on a Windows Mobile.

To unlock and allow Chinese display on Windows Mobile, you can perform the below steps. Please note that the below is tested on Windows Mobile 6.0. However, I believe it will work on Windows Mobile 5.0 as well.

1. Download PHM Registry Editor

Windows Mobile does not come together readily with a Registry Editor. Do not ask me the reason as to why the decision was made like this/that because I don't know why. Nevertheless, there is a freeware downloadable from the Internet that provides us with a GUI to "mess" with the registry. Download and install PHM Registry Editor now. Perform a soft reset after installation.

2. Transfer font files from Desktop PC to Pocket PC

Copy both simsun.ttc and TAHOMA.TTF from your Desktop PC's C:\Windows\Fonts\ directory to Pocket PC's \Windows\Fonts\ directory. If for whatever reason the 2 abovementioned font files are absent, do a search in the Internet and download them. Physical copying of font files from one OS to another will not pose any problems but I am not sure if there are any licensing issues.

3. Tweak Windows Mobile Registry

The standard advice goes again, "Be careful when you mess with the registry". You will need PHM Registry Editor to assist you in changing the registry.

  1. Add [HKEY_LOCAL_MACHINE\Software\Microsoft\FontPath] key if it does not exist. --dx: added
  2. Add/Modify string value "FontPath"="\Windows\Fonts" to (i) key. Steps (i) and (ii) tell Windows Mobile the alternative font directory you are using other than the ones burnt onto the ROM. --dx added
  3. Go to [HKEY_LOCAL_MACHINE\System\GDI\SYSFNT] and verify string value "Nm"="Tahoma". Add/Modify where necessary. --dx: already there
  4. Go to [HKEY_LOCAL_MACHINE\Software\Microsoft\FontLink\SystemLink] and verify string value "Tahoma"="\Windows\Fonts\simsun.ttc,NSimSun". Add/Modify where necessary. Steps (iii) and (iv) link the system font with the Chinese font simsun.ttc. --dx: systemlink already there, added string value.
  5. Go to [HKEY_LOCAL_MACHINE\Software\Microsoft\FontLink\SkipTable] and verify string value "Tahoma"="005c,00a5,007e,0391-03c9,2026,2116,221a,25a0-25ff". Add/Modify where necessary. Since some system fonts have Unicode definitions that you do not want to use, this test will add a skip table to force the use of the linked font. --dx: no skiptable, so added both key and string
  6. Do a soft reset and you are done.

Hope it helps.

Friday, June 11, 2010

TerminateProcess in WM6 (C++)

BOOL KillAProcess(CString csName)
{
BOOL bRetVal = TRUE;
//HANDLE hPID;

HANDLE h_pro;
HANDLE h_sna;
PROCESSENTRY32 pe_sen = {0};
bool lpFound = false;
int result;

CString csMsg;
CString cMethod = L"KillAProcess";

h_sna = CreateToolhelp32Snapshot(
TH32CS_SNAPPROCESS|TH32CS_SNAPNOHEAPS, 0);
//A snapshot tries to reserve 1MB of virtual memory. If it can't, or can't
//commit the first page (or n pages), then you'll get ERROR_NOT_ENOUGH_MEMORY
//and very important, to add the TH32CS_SNAPNOHEAPS, to limit the ammount of
//data the snapshot generates


if ((HANDLE) -1 == h_sna)
{
DWORD lngResult = GetLastError();
CString csError;
csError.Format(L"CreateToolhelp32Snapshot failed=%d",lngResult);
AfxMessageBox(csError);

}

pe_sen.dwSize = sizeof(PROCESSENTRY32);

if (Process32First(h_sna, &pe_sen))
{
do
{
h_pro = OpenProcess (PROCESS_ALL_ACCESS, FALSE, pe_sen.th32ProcessID);
CloseHandle (h_pro);

//AfxMessageBox(pe_sen.szExeFile);

if (pe_sen.th32ProcessID != 0)
{
result = _tcscmp(pe_sen.szExeFile,csName);

if(result==0)
{
//hPID = (HANDLE)pe_sen.th32ProcessID;
lpFound = true;

//start kill
HANDLE hProcess = NULL;
hProcess = ::OpenProcess(PROCESS_TERMINATE, FALSE, pe_sen.th32ProcessID);
//********************
//NOTE!!!!Have to have this Openprocess before TerminateProcess call to make it work.
//************************

if (hProcess != NULL)
{
if (::TerminateProcess(hProcess, 0))
{
csMsg.Format(L"%s: killed %s", cMethod, csName);
AfxMessageBox(csMsg);
}
else
{
csMsg.Format(L"%s: error terminating %s [0x%08x]", cMethod,
csName, GetLastError());
AfxMessageBox(csMsg);
}
}
if (hProcess != NULL)
{
::CloseHandle(hProcess);
hProcess = NULL;
}

break;
}
}
} while (Process32Next(h_sna, &pe_sen));
}else
AfxMessageBox(L"Process32First failed");


return bRetVal;
}

DWORD and HANDLE

Win32:

  • DWORD 32 bit unsigned long
  • HANDLE void * (32 bit pointer)

Win64

  • DWORD 32 bit unsigned long
  • HANDLE void * (64 bit pointer)

DO NOT just assume you can cast one to the other. It will work for Win32 and break when you port it to Win64.


1

If you're asking in the context of the Win32 API, then there is no substantive difference. A HANDLE is a 32-bit number, same as DWORD.

If you're asking in some other context (you have tagged this ansi-c for a reason?) then you will need to explain what context that is.


A HANDLE is a PVOID or a void* typedef, A DWORD is a uint32. Isn't a void* length depending from the memory architecture (eg. x86 & x64)?

How to disable menu items in VC++

How to disable a menu item in VC++?

06/11/2010

.h:

afx_msg void OnUpdateXXX(CCmdUI* pCmdUI);

.cpp:

ON_UPDATE_COMMAND_UI(ID_NEW_XX, OnUpdateXXX)

void CXXXXXX::OnUpdateXXX(CCmdUI *pCmdUI)
{

pCmdUI->Enable(FALSE);

//pCmdUI->Enable(TRUE);

}

NOTE: the following doesnot work properly:

CWnd* pParent = GetParent(); // This is a point to the window
CMenu* pMenu = pParent->GetMenu();
pMenu->EnableMenuItem(ID_NEW_WO , MF_GRAYED );

Reason:
The effects of EnableMenuItem are preempted by the actions of the menu
update handlers. For example, if you use EnableMenuItem() to disable a
menu item, the default menu update handler will reenable it if an
ON_COMMAND macro is defined for that item. This, off course, negates
the effect of your attempt to disable it. To eanable or disable a menu
item, you should provide your own menu update handler and then use the
Enable() member function of CCmdUI.