All that is wrong with the world…

November 8, 2011

Why is Notepad never improved?

Filed under: Tech — Tags: , , , — allthatiswrong @ 4:28 pm

I don’t understand over the course of 15 years how Notepad has never managed to be improved. Most of the basic Windows utilities have improved over the years, primarily Calc and to a lesser extent mspaint and wordpad. I am not aware however of any improvements ever made to notepad. It can’t handle word wrap properly, and will create newlines based on the size of the windows. It can’t handle Unix end of line characters, requiring you to open the textfile in wordpad or an alternative editor and resave it. It requires using double quotes to save with a non .txt extension, which shouldn’t be necessary. Even the view menu has a grayed out option for a status bar, which I can’t seem to activate. It is also unacceptable for an operating systems basic text editor not to have support for regular expressions in 2011.

The only advancement made in Notepad seems to be the algorithm for detecting Unicode files which was introduced with Windows 2000. While it may have been improved since then, no actual features that would make the program useful have been introduced. I’m not asking for more advanced features like code folding or syntax coloring, although they would be nice as well. Just enough basic functionality to ensure text files didn’t break while transferring between platforms or because you resized the window. There should be no requirement to open text files in wordpad these days just to be able to read it properly.

March 1, 2010

Windows Server 2008 R2 as a desktop OS

Filed under: Tech — Tags: , , , , — allthatiswrong @ 2:43 pm

For the last six months or so I have been using Windows Server 2008 R2 as my primary desktop OS. I recently acquired a new laptop of my own after not having had one for a while and was interesting to see the developments made in the recently released R2. Back in the early 2000’s, I ran Windows 2000 for a long time because I appreciated its speed and elegant presentation, in contrast to the fisher-price monstrosity that was XP. Windows Server 2003 was then released which had an updated kernel to that which shipped with XP making it slightly faster. I also liked the fact that it was minimalistic with only the necessary services enabled by default and allowed for more configuration than XP did.

I believe the situation was similar with R1 and Vista, with R1 being released slightly after and having a slightly improved kernel, none of the problems that were attributed to vista and substantially less cruft. For Windows 7 and R2 however, this is no longer true. Windows 7 and R2 were developed in unison from the same codebase. As such there are no technical improvements in R2 over 7, rather it is all a matter of configuration or functionality. In theory 7 is a far far better desktop operating system as you can make it just as slim and minimalistic as a server OS, while retaining its optimizations for games and desktop applications. Windows has matured a lot in the last few years.

Also missing from R2 is support for ReadyBoost and SuperFetch. Unlike with R1, support is removed completely and it is impossible to patch it in. This does not really concern me, as my laptop tends to stay on pretty much permanently except when I am on the move. Additionally Firefox and Games would not benefit from SuperFetch or ReadyBoost, so nothing is really lost. For people who do get a benefit from those technologies it might be worthwhile to stay with 7, or checkout R1 if a server OS is still desired. Another feature I quite like on the server versions of Windows is the advanced firewall. While not terribly advanced, it allows for simple rules to be created which is more than the deny or allow approach on the consumer OS’s. While it would seem there would not be much advantage to running R2 over 7 in general, the fact that I wanted to become more familiar with the AD and Hyper-V enhancements sealed the deal.

The first thing I did was go to www.win2008r2workstation.com. I remember an equivalent website existing for Windows Server 2003 which was quite useful, and the updated guide for R1 and R2 equally so. Much of the stuff is obvious such as turning of the shutdown tracker or enabling themes, however it was still quite nice to have a checklist with instructions. I highly recommend the site and forum for anyone interested in trying out a server OS as a desktop OS. Unfortunately there are a few idiots around who make claims such as we need 8GHz computers today and technology has not improved from 10 years ago and 32bit software is considerably less stable on a 64bit CPU. However this is expected from someone who use a server OS just to be different, doesn’t understand what managed code means or what a system exception is and doesn’t seem to understand the the concept of graphics drivers . Wow. Sigh. Anyway.

After getting the system setup and usable, I had to install my applications and drivers and such. I noticed when I was typing a lot that the cursor would randomly reposition, and I was unsure why. I found out that I needed to install the software from Synaptics (manufacturers of touchpads) which disables the cursor while typing. Much much better. I then had to use the Mobility Modder software to install updated drivers for my Radeon 3650, which went absolutely smoothly. I needed a media player and chose smplayer. I have long been a fan of the mplayer software, and smplayer is the only free media player I found that won’t crash when a UAC screen comes up, supports all codecs natively and is extremely configurable. Highly recommended.

One of the first changes I then made was to configure automatic updates to only notify me every 24 hours. Most of the updates are rather pointless and I don’t need to restart unless it was a critical security fix. Unfortunately I can’t turn off notifications entirely, only delay them for 24 hours at a time. To do so open gpedit.msc as an administrator and go to Computer Configuration > Administrative Templates > Windows Components > Windows Update and configure the Re-prompt for Restart with Scheduled Installations option.

My laptop is fairly new and all hardware seems to have been supported natively. I don’t own any Bluetooth devices to test and have heard of problems with Bluetooth on R2, so all I can say is that Bluetooth is recognized on my system. The built in webcam was detected automatically and works fine with MSN and such. My Authentec AES1610 fingerprint sensor was detected, but I have been unable to get software to work with it. I tried the TrueSuite software which recognizes the devices, but never saves any of the fingerprints asking me to scan again to infinity. The device was also annoyingly disconnecting and reconnecting making an annoying sound, which I solved by disabling the “Allow the computer to turn off this device to save power” option.

All my other applications have worked without a hitch. Firefox, Notepad++, Adboe CS4 Master Collection, MS Office, Daemon Tools…everything works flawlessly. What about games? I play a lot of games, and they have all worked without a hitch on R2. I did have to set MSN to run in Vista compatibility mode to stop it from pinning itself to the tasbar, and go back to the system tray where it belongs. Many games I tried were from a few years ago, as well as the most recent games. Fallout 3, Batman: Arkham Asylum, Aliens Vs Predator(2010), Prototype, Max Payne 2, Star Wars: The Force Unleashed, Doom 3, Stalker, Soldier of Fortune 2…they all worked perfectly without any intervention needed. Bioshock has been working mostly without a hitch, however I had to install Games for Windows and set it to run in Vista compatibility mode. The only game I absolutely could not get to run at all was Project IGI 2, which ran fine on Vista. I am 99.9% sure however this would not work on Windows 7 either. There is a great list games and their known status of working with R2 here.

A few things annoy me which I am sure can be fixed, but I have not bothered to do so yet. I have not been able to get Aero Peek to work for a normal user account, only for the Administrator account. I am sure it is a policy setting somewhere, but as I wouldn’t use it anyway I don’t really care. I also found it annoying that I could not disable grouping..I much preferred windows to be in the order they were opened in. I might prefer to have a FireFox windows with new, then a word document then a firefox windows with pages relevant to that word document. Instead, all FirefFox windows will be grouped followed by all word windows etc. Annoying, but not overly so. Lastly the new start menu annoyed me…however I am used to it now and since the old startbar is gone for good, I should get used to it. Despite these few things I can honestly say R2 is a rock solid operating system and is highly recommended. I love the extra configurability available through group policy, the increased focus on security and the minimalistic approach.

Obviously the main drawback for running a server OS as a desktop OS is the price, with the cheapest edition of a server OS being close to $600. The extra features and functionality do not justify this price…but if you can get a copy through work, university or any other means then it may be worthwhile. If nothing else it presents an opportunity to learn some new skills which is rarely a bad thing.

Links to software

  1. http://www.hardwareheaven.com/modtool.php – Download site for ATIMobilityModder
  2. http://downloads.sourceforge.net/smplayer/smplayer-0.6.9-win32-webdl.exe – SMPlayer. I had to revert to an earlier version of the mplayer.exe to get the direct3d driver working for transparency, however I am unsure if that is still necessary.
  3. http://drivers.synaptics.com/Synaptics_v14_0_3_C_XP64_Vista64_Win7-64_Signed_default.exe – The Synaptics software and driver
  4. http://win7beta.authentec.com/w7wbf64.exe – The beta version of TrueSuite software for Windows 7

Update 1 – October 6th 2010
Some further tips for running R2 as a desktop OS.

The nagger thing for rebooting after installing updates can not be disabled. Contrary to what I wrote above, I can find no group policy setting or combination of setting to stop being nagged every 4 hours. Some updates are mundane and I don’t need to reboot over them, and the 4 hour thing can really get on your nerves. Enter WindowsUpdateSilencer, available at http://download.cnet.com/WindowsUpdateSilencer/3000-2084_4-10968085.html. This nifty little program runs in the system tray until you are ready to restart, no annoying bag screens. It is sad that I have to rely on third party functionality in this case.

Secondly, I found a nice hack to have the sleep and hibernate options available in the start menu.

To do this, download the Application Verifier tool from the Microsoft website at http://www.microsoft.com/downloads/en/details.aspx?familyid=c4a25ab9-649d-4a1b-b4a7-c9d8b095df18&displaylang=en. Obviously, grab the 64bit version.

Now, add Explorer as an application, uncheck basics under tests, and then under Compatibility go to the properties for the HighVersionLie item. Set Product Type to 1, and voila, the sleep and hibernate options become easily accessible.

Update 2 – October 13th 2010
OK, So WindowsUpdateSilencer actually does not work. I’m not sure why it did, or maybe it was working but doesn’t work every time….I’m not sure. Either way, I have found the Postpone Restart tool, which actually does work. It basically clicks the postpone button for you. It is somewhat noticeable as the window will still popup briefly but it is nowhere near as much a distraction as having to keep manually postponing it.

October 19, 2009

Guide to detecting and removing malware

Introduction

Many people make posts wondering if they are infected with a virus or some kind of malware, or if they have some unauthorized software running without their permission or not, and how to get rid of it and regain control over their PC. It is my goal with this text to list many of the basic techniques, and places to obtain software to help people work out if they are infected, and have a go at removing malicious software themselves. Failing that, when they post in a forum, the people trying to help them will know they may have tried the techniques in this text, or can direct them to it. Additionally, tools and instructions to collect relevant information when posting a question are provided. I will try to keep this entry updated as techniques change and toos become replaced or updated. The techniques and tools listed should be valid for any version of Windows after and including XP.

Overview

Malware can be one of the most frustrating, confusing and dangerous things to plague less experienced computer users. Quite often they may not realize that they are infected, may wonder why their computer is suddenly acting a lot slower or may simple want to have peace of mind. The first thing to remember is, that if any malware is detected, DON’T PANIC. All malware can be removed, and can be contained, without risk to your data, or other computer users. You will likely never have to resort to a format and reinstall to restore your PC, and in some cases this would not be effective.

The first steps are to use the tools and instructions contained in the guide, to identify the malware, and then go about removing it, and repairing and collateral damage. More often than not, either one of the listed AV’s or one of the listed anti-malware tools will be able to safely remove the malware. The AV’s I have recommended are both completely free for home use, have very high detection rates, and a very low performance impact. I understand AVG is popular with a lot of people, however this should be removed immediately. It is inefficient, and somewhat untrustworthy, and will only lead to a false sense of security.

The anti-malware tools I have suggested will scan and detect malware that most AV software will generally not detect, nor is it designer to. This includes software such as browser toolbars, adware programs and updaters for certain browsers etc.

Tools to assist in detection and removal

Each of the following are completely free, and valuable to have. If I refer to a tool below, then you can obtain it from the direct link in this list. Alternatively, you may wish to keep some software, such as an AV permanently installed.

Malwarebytes Anti-Malware

Sysinternals Utilities

Spybot Search & Destroy

Avira AntiVir Free Version

avast! antivirus Home Edition

Microsoft Security Essentials

HijackThis

Restore Safe Mode

First steps

Step 1: The very first step you can try, is to use System Restore. If you have System Restore enabled, Windows will be restored to a known good point, before you were infected. You can then use the following steps to verify that your install is clean, and follow the instructions in the Good Practices section to make sure you stay clean.

Step 2: The next step is to install and run an AV scan, if you have not done so already. If you don’t already have an AV installed, I recommend Avira, for the reasons mentioned above. You can set Avira to do a boottime scan, which will be able to scan certain files that the malware may block access to when Windows is running. If anything is found, you can safely delete and/or quarantine the file, which should keep malware under control.

Step 3: You can then download and install Malwarebytes anti-malware, which is linked above. You can run the scan, which is a bit lengthy, and if you have anything Malwarebytes will likely detect it. If it does not, and you are still sure that you are infected, you can install and run Spybot S&D, which may detect somethings Malwarebytes missed.

Step 4: If nothing is detected, and you are still certain you have malware on your machine, then one of the best things to do is to look for some telltale signs. You should looks for any processes running that should not normally be running. Google each process if you are unsure or don’t recognise it. Many malware executables like to take the name of something that seems official, such as update.exe, so make sure you verify that a file with an official name is running from the right path. To check processes, I recommend using Process Explorer from the System Internals tools linked above, which may detect some processes hidden from Task Manager.

Step 5: Another basic step you can take is to inspect the Windows Hosts file. The Windows hosts file is used to resolve hostnames to IP addresses without using the DNS system, it will also override any DNS queries. This means, malware may take a malicious IP and make it resolve to say, microsoft.com. The windows hosts file is located in \Windows\system32\drivers\etc\, and is called Hosts, without a file extension. The only content by default should be an entry for 127.0.0.1, the local interface, or two entries if you are using Vista or later. If you have used antimalware software, there may be additional entries added a countermeasure to prevent malicious sites from being contacted.If there are entries for well known or good sites such as microsoft.com, mcafee.com or similar, then this may be a sign of infection. You can delete these and similar entries from this file aside from the entry for 127.0.0.1 if you have not used a malware program to aid with your hosts file. If you are unsure, you can ask for clarification in this forum.

Step 6: If you are using Internet Explorer 7 or above, you can run Internet Explorer in protected mode(right click, and Start in Protected mode), which will prevent any addons from loading. This will then allow you to see if the problem is isolated to Internet Explorer or not. If the problem is isolated to Internet Explorer, you can go into the addons section, and disable or remove any addons that are unknown to you, or that are unnecessary. Reenabling any you want to keep one at a time to isolate which is causing the problem.

Step 7: If you have a particular file that you think may be malware, of you have an infection but are not able to reliably detect what it is, then you can submit the file to either VirusTotal or Jotti’s Malware Scan, which will give a reliable identification by scanning the file with several(30 or more) AV products. Once you have identified your malware, of if one of the anti malware programs identified but was unable to remove the malware, a quick search on google should produce detailed instructions or a tool for removing the specific malware.

Step 8: You can also prevent unknown software from loading at startup. To do this, I recommend the autoruns tool from the Systems Internals tools linked above. This tool will allow you to disable any processes, registry entries, DLL’s etc that run at startup, so you will be able to isolate the issue. Once you have isolated a troublesome entry, you can take appropriate action, such as submiting to VirusTotal, or simply deleting the file.

Step 9: If some of the techniques listed above are not working, then you should attempt to do them in safe mode. Safe mode should prevent the malware from lading, and will give you a better chance to remove it. Some malware will disable the option to boot into safe mode, in which case you can use the registry fix above to restore the option to enter into safe mode.

Step 10: If you have trouble ending a process or deleting a file that you suspect is malicious, then you can use the Handle tool, from the Systems Internals utilities linked above. The handle tool will allow you to list and close the file handles a particular process has open, allowing you th then close the process. Alternatively, if you have found a suspicious file, you can see the name of the process that has a handle to that file to end it.

Good practices

There are several good practices you can follow, which are quite simple, require minimum effort, and will greatly reduce the risk of reinfection. The first is to use a secure browser. This basically means Firefox with latest updates, or Internet Explorer 7 or 8. Any plugins you have installed should also be updated.

You can also do things like turn on file extensions and hidden files. This will allow you to recognize suspicious files a lot quicker.

Stay Updated

Vulnerabilities in software are on of, if not the main avenue of attack for malware to install. This can include placing files on your computer after visiting a website with an insecure browsers, by exploiting a browser plugin such as flash, or exploiting a vulnerability in Windows itself. Indeed, web browsers, and Adobe products are the major avenue of attacks these days. Generally, as a home user, there is no reason you should not be updated at all times. This is the best approach to prevent infection/installation of malware, and in some cases will fix an existing problem. It will certainly prevent the same problem from reoccurring. Generally, most programs have a facility to update automatically. If you don’t want to enable this, then you should check the manufacturers website semi-regularly to keep a lookout for new versions.

Use Antivirus

If you have any doubts about your ability to detect malware at all, then you should definitely be running an AV. AV’s have come a very long way, are lightweight and non intrusive, and can detect many types of known malware and remove it. The best AV for consumers is currently either Avira AntiVir or Microsoft Security Essentials, both of which will run unobtrusively in the system tray. Avira is more configurable although has ad popups, but a quick google for “avira disable ads” can show how to remove these. Second to Avira/MSE is avast!, which has a slightly lower detection rate, but is more configurable, and just as fast. avast! requires registration, but is then free to use at home. Running an AV is an important step, because aside from protecting yourself from unknown risks, you can help to protect other users by being prevented from forwarding malicious files.

Backup any important files

This goes without saying. You should always regularly back up your files, so in the event you are infected, you can be sure that nothing valuable is lost. Personally, I just organise my files into directories and copy to a harddrive or DVD disc. If this does not work for you, then there are many other approaches, and may other atomicans will be able to recommend you a suitable backup program and/or approach.

Posting a question

If you were unsuccessfully after following the above steps, or need help at any point along the way, then feel free to make a post asking for help. To make it easier for people to answer your question and provide the help you seek, a few basic steps can be followed to make this process as painless as possible. Some of the things that you should include when asking for help are:

  • The version of Windows you are using, including any service packs
  • Any recent changes or software that has been installed
  • Whether or not you are up to date with security patches
  • What, if any of the above steps you have tried.

After this, you should post the complete log produced by running HijackThis within code tags. You can select the text within the post box, and click the rightmost icon that looks like a scroll, to enclose text in code tags. his will then preserver the formatting, and make the log easier to read. Above all else, it is important to be courteous in your post, and to indicate that you have made some effort, even if you don’t completely understand the problem.

I hope that this has been a helpful and informative post. If you liked it, or have some suggestions or feedback, please feel free to leave a comment. I plan on expanding it at a later point, or perhaps following up with a subsequent post to explain how to use System File Checking in Windows, and how to check for and remove rootkits.