Java Runtime Environment Display Issues on NVIDIA GeForce FX 5200

The Java Runtime Environment (often called JRE, J2RE, Java Standard Edition, or JSE) is a set of software which allows your Windows system to run Java programs alongside your regular applications or within your web browser. Java is a programming language and software platform. Java applications run inside of a virtual machine which translates the portable Java code to native code on the host operating system. More information is available here.

On Windows, you usually use the Oracle (previously Sun Microsystems) version of the Java runtime (downloads available here), older versions available here. Note that there is a Microsoft Java VM (also called the MSJVM, or Microsoft VM), but because of a lawsuit from Sun, Microsoft is no longer allowed to distribute it. It can be downloaded from here and will still install into modern Windows versions, but it is quite old and unmaintained. There is also an IBM JVM (also known as J9), however IBM requires that you license it, so it is really only used internally or made available for IBM branded systems.

I’m currently running the current release of the JRE: Java 6 Standard Edition Version 6 Update 25 (build 1.6.0_25-b06). The issue I’m experiencing has appeared in many older releases which I was running under 32-bit Windows 7.

Basically what happens is that Java applications fail to display some contents of windows or controls. The objects which fail to be drawn correctly are different across various Java applications (ie. one might fail to draw the contents of a text box, another may fail to draw in a button caption, a third may not have any problems at all). However, for each application the same thing will always fail to be drawn no matter how many times you run it again (ie. the first application will fail to draw text box content, and this will happen every time the application is run). The buggy control will function normally even though you cannot see it’s contents (ie typed text will still be in the edit field, blank buttons can still be clicked). In a few cases the window is not functional at all (parts of the Java control panel even do this sometimes).

At first I thought my system was running out of handles, but Task Manager was able to load correctly with all of it’s window contents. Under Task Manager I was able to confirm that the Java process wasn’t using any resources excessively or doing anything else out of the ordinary. When I started troubleshooting the issue, I tried many different JRE versions, web browsers, and even a completely different installations of Windows 7. I also tried changing various settings under the Java control panel with no success. There were also not many other users who were reporting the same problem on the net, so it’s most likely not an issue caused directly by the Java Runtime.

I found that it would usually draw the missing content if I would minimize the window to the taskbar and then restore it (by clicking it’s icon in the taskbar). It also works sometimes if you drag the window onto another screen. As soon as the control refreshes or updates itself, the content will disappear again. You can keep minimizing and restoring the window over and over again in so you can view and interact with the missing contents…this can quickly become very annoying though!

Because the graphical content of the window is visible when it’s restored, it appears to be a problem with the display driver and some hardware accelerated graphics routines which Java uses. I tried lowering the graphics acceleration slider under the advanced display properties, but it didn’t have any effect (even at the lowest level).

I have an NVIDIA GeForce FX 5200 and am running the most current Windows 7 compatible driver release provided by NVIDIA (from their support/download page) for that adapter: version 9.6.8.5 (09/10/2006). The NVIDIA drivers and tools don’t provide many options which you can customize, I changed a few of the 3D options but none of them had any effect on the problematic Java applications.

The driver is old and will never be updated to fix this bug. From the sounds of their release notes, this version fixes many more significant problems in other programs, so downgrading to older versions of the drivers is probably a really bad idea. Java has used hardware accelerated drawing for a long time now, and you’d have to downgrade to a much older version which probably leaves you open to some nasty exploits. In the end it’s probably going to be easier to just replace the video adapter! The GeForce FX 5200 is old and was never a great video card anyway (I just use it because it was the cheapest AGP card I was capable of running Aero).

So for now the best solution is to use the minimize/restore trick for the Java applications that have problems, or replace the video card. If I have any more ideas or discover anything else, I’ll post it here!

Using the NVIDIA GeForce2 MX400 on 32-bit Windows Vista / Windows 7

The GeForce2 MX400 is an older NVIDIA graphics card which is no longer supported in Windows Vista or later versions of Windows (including Windows 7).

Windows Vista introduced a new display driver model (WDDM) which offers significant changes and improvements over the previous model (XPDM) used in Windows XP/2000/2003. WDDM requires advanced GPU features which are not available on many older graphics cards. Windows Vista can use XPDM drivers which means you can install versions of drivers which vendors have provided for Windows XP, but there are a lot of stability issues with most of them. Vista includes updated XPDM drivers for a limited number of legacy cards which are installed automatically work properly. For most legacy display adapters it will simply install the “Standard VGA Adapter” driver. This driver works fine for many things, but it ignores the extra features supported by many adapters (like multiple displays, larger screen resolutions, configurable CRT monitor refresh rate, and DirectX/OpenGL hardware acceleration).

The GeForce2 MX400 has decent enough features to be useful for regular users who don’t need a lot of GPU power (for gaming etc.). The problem is that the XPDM drivers for legacy NVIDIA display adapters included with Windows Vista only support the GeForce4 series or newer.  The GeForce2 MX400 is installed as a standard VGA adapter which cripples many of it’s capabilities.

Luckily, the Windows 2000/XP drivers provided by NVIDIA (version 91.31) work flawlessly in Windows Vista and Windows 7 without any modifications. Download the driver package here. The installation will fail if you try and run it, but you can extract the contents of the exe package to a directory using WinRAR. Open Device Manager (devmgmt.msc) and  expand the “Display Adapters” section, then update the driver for the “Standard VGA Adapter” (right click on it and select “Update Driver Software…”). Choose to manually select the device driver and then browse to the location where you extracted the NVIDIA driver files (you should see the ‘nv4_disp.inf’ file within the directory). Windows should find the correctly matching “NVIDIA GeForce2 MX/MX 400” driver and allow you to install it. Once you reboot the system the driver should work properly and support all of the adapter’s additional features. You can confirm that they are working correctly by running ‘dxdiag’ and checking under the ‘Display’ tab. All of the features listed under the “DirectX Features” section should be “Enabled”.

Windows Live Messenger Shows Contacts as Offline When They Are Really Online and You Cannot Send Offline Instant Messages to those Contacts

Recently I discovered a strange phenomenon under Windows Live Messenger 2011 (and it apparently also affects Windows Live Messenger 2010 as well). Some of your contacts will always be shown as being in “Offline” status when they are actually online (they show up as Online in other Messenger clients). You can receive instant messages from them, and messages sent to them from other clients also show up in the instant message windows of Windows Live Messenger 2011. When you attempt to send them an offline instant message, it reports: “The following message could not be delivered to all recipients”, and fails to send it it.

My wife is usually logged into a Windows Live Messenger instance through her cell phone carrier, and I often use Windows Live Messenger to send messages to her cell phone. For the past week or so my copy of Windows Live has shown her as Offline and failed to send her offline instant messages, which I initially thought to be a problem with her cell phone carrier’s system. When I started receiving messages from her which I could not reply to, I opened up Windows Live Web Messenger and verified that she was actually online the whole time. Web Messenger could also send her instant messages, which oddly enough would show up in the Windows Live Messenger 2011 instant message window.

I suspect that it is most likely a problem between the Windows Live servers and different versions of the Messenger protocol.

In the case of my wife’s account, I think her cell phone carrier’s software is using the old Messenger protocol, and it is somehow not being properly linked to the Windows Live servers (and ultimately clients) using the new protocol. Windows Live Web Messenger probably uses the old protocol.

The only solution seems to be to use a client which uses the older Messenger protocol.

You can use Windows Live Web Messenger which has no problems. The online version of Windows Live Messenger which is integrated into Windows Hotmail doesn’t work as it seems to (at least on my system). You can install Windows Messenger alongside MSN/Windows Live Messenger. It is lacking a lot of features and doesn’t always work well…but it is handy for situations where MSN/Windows Live Messenger is not working. You can download Windows Messenger 5.1.0701 here. To install it under Windows Vista or Windows 7 you will need to use a workaround or disable UAC to get the messenger.msi file to install correctly.

Install Windows Messenger 5.1 on Windows Vista or Windows 7

Windows Messenger was an instant messaging client from Microsoft which could connect to Microsoft .NET Passport (now Windows Live ID), SIP (session initiation protocol) communication services, and Microsoft Exchange Instant Messaging. Windows Messenger 5.1 was included with Windows XP but was not released for any newer versions of Windows (it has been replaced by newer products like Windows Live Messenger and Office Communicator). You can obtain more information about Windows Messenger from the Windows Messenger How-To Center on Microsoft’s web site.

Windows Messenger is fairly out-dated and does not have many of the features included in newer versions of MSN Messenger/Windows Live Messenger (see this Microsoft document for some details). It can still can be useful (or even necessary) for some things. It is especially handy because it works alongside MSN Messenger/Windows Live Messenger and is not affected by their installations. If Windows Live Messenger is broken or unable to connect you can use Windows Messenger as a backup. Windows Live Messenger also cannot connect to SIP communication services or Exchange instant messaging.

You can download the installer for Windows Messenger 5.1.0701 from here.

When you run the “Messenger.msi” installation file under Windows Vista or Windows 7 it fails partway through the installation process, reporting that the installation was interrupted. The problem is caused by a compatibility issue between the MSI package and UAC. You cannot simply adjust compatibility modes or elevated privileges for standalone MSI packages like you can for setup executables because they are handled by the Windows Installer service.

To get it to install properly, open an elevated command prompt (right click the “Command Prompt” shortcut under the start menu and select “Run as Administrator”). From the administrative command prompt enter the commands:

msiexec /a <path>
msiexec /i <path>

Where <path> is the location of the messenger.msi file. So if I saved it to my desktop, the commands would be:

msiexec /a C:\Users\Keith\Desktop\Messenger.msi
msiexec /i C:\Users\Keith\Desktop\Messenger.msi

The installation will run and should be able to complete successfully.

How to Remove a Network Driver that Locks Up Device Manager When You Attempt to Uninstall It

A typical fix for networking issues in Windows XP is to uninstall the device in Device Manager and then have Windows reinstall it by selecting “Scan for Hardware Changes”. Under Windows Vista and Windows 7 the network troubleshooter will do this automatically if you choose to reset the network driver. I don’t know the exact reasoning, but I suspect it is because of the interaction with the NDIS miniport driver.

Sometimes there is a problem with the drivers and they simply will not uninstall. When you try to uninstall or disable the device, Device Manager will stop responding until the end of time (or until you end the task). You can re-open Device Manager and try as many times as you like, but the same thing will happen every time. Afterwards Windows will usually also hang during the shut down process and never complete it.

The broken driver most likely has an outstanding IRP request which it never completes or cancels.

When I was doing contractor work one of my clients was specifically having this problem with the Intel wireless drivers on a lot of their systems. The driver could not be updated or reinstalled with Intel’s installer either, as it would also stop responding.

The solution is to disable the driver’s service entry so that Windows does not load it at all, and it will no longer have any open IRP requests which prevent it from being removed.

The first step is to obtain the name of the driver’s service entry. You can do this easily if you open the device’s properties in Device Manager and select the “Details” tab (other tabs may cause Device Manager to stop responding if you click them, but Details will work). Select “Service” from the drop down list in the middle of the Details property page. If you can’t access the Details tab in Device Manager, you can also use the command: ‘sc query type= driver group= NDIS’ to display all of the network drivers on your system along with their service name and obtain it from there.

Once that’s done open the system Registry Editor (regedit.exe) and navigate to: ‘HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services’. Expand the ‘Services’ tree and look for a subkey underneath it with the driver service name we located in the step above. Select the driver service subkey and there will be a DWORD entry inside it named “Start”. Double click the “Start” entry and set it’s value to the number ‘4’ (decimal). Setting the value to 4 disables the service on startup.

After you reboot the system, the device should appear in Device Manager with a bang and you should have no problem uninstalling it.

File Copy Between Local Drives Hangs in Vista

Recently I have run into a strange issue on my Windows Vista machine. When copying movie files between my local hard drives the file copy process gets stuck and never completes.  The dialogs will remain there forever at the same spot unless you end the explorer.exe process which hosts them or use the Cancel button and then the close box (described further below).

There was a popular Vista file copy problem that was patched a long time ago related to copying from mapped network drives. The problem on my system occurs when copying between hard drives.

I have been trying to troubleshoot the issue and have found a workaround but no solution for the problem so far.

Details

The file copy or move process starts and hangs at a random point within the process. Some files are successfully copied or moved but the rest of the operation will never be completed. The file copy dialog is responsive and doesn’t lock up. It just get’s stuck and reads the same file, speed and time remaining until the explorer process ends. If you hit the “Cancel” button on the file copy dialog, it will remain stuck on the “Cancelling…” operation.

If you check the destination there may be files copied or many not be, depending on how far it got before it gets stuck. If you try to perform another file copy after, it will also get stuck. Often a problem will reoccur with the same file if you just try to copy it again afterward. If you try to delete those files afterwards that may also get stuck.

Vista also usually has a thread I/O request timeout error that occurs when a file copy gets stuck, but for some reason it doesn’t appear when this issue occurs and the copy dialog will remain until the explorer.exe process ends or it is cancelled and then closed.

Troubleshooting

When you check the explorer.exe process under task manager, there is no significant change in I/O reads or writes after it gets stuck. It’s committed memory size and number of page faults do not significantly change either.

At first I thought it may be a problem with the hard drives. I ran a full chkdsk /r (locate bad sectors and attempt recovery) on all my drives and there were no problems found at all.

I had a similar problem when Vista first came out with Symantec Antivirus severely slowing my network file copies because it was scanning huge RAR and ISO files. I tried stopping the Microsoft Security Essentials service and turning off real time protection, but it didn’t affect the issue at all.

I also tried stopping the Windows Search service in case they may be attempting to index the file (and perhaps a bad iFilter) was causing the stall. But there also was no effect on the issue.

Since I often had the problem while copying video files, I thought it could possibly be Explorer’s thumbnail generator causing the stall (maybe in combination with a bad DirectShow Filter). Usually when there’s a problem with a DS filter it ends up crashing the app it is running in but I have seen other things happen, like a splitter causing Windows Live Photo Gallery to stall on the first frame of video. I unregistered (regsvr32 /u) most of the DirectShow components I had installed except for a basic few (DivX, ffdshow, XVid,  Ogg DS) which I also made sure were up to date. I tried disabling explorer’s thumbnail generator (by unchecking “Always Show Icons, Never Thumbnails” in the Advanced Folder options), but there was no effect on the problem.

I will have to do some further investigating with Process Explorer when I have some more time this week. For now I haven’t found the cause, just a way to work around the issue.

Workaround

I tried performing the copy operation from an Administrative command prompt and found that you could successfully copy the files without any problem using the “copy” command. Even while 3 or 4 hung explorer file copy windows are present and supposedly copying the same file.

Strangely, using the “move” command has the same problem as explorer and will just hang until you break out of it with CTRL-C. I don’t know why “move” has trouble because you can use manually use the “copy” command to copy the files and then “del” to delete them afterwards without any problems.

You can also cancel the hung file copy dialogs by pressing the “Cancel” button and then the close button on the dialog afterwards. Just hitting cancel will not work. Sometimes explorer will maintain a lock on the file it was stuck on (preventing you from moving or deleting the file) even after you have cancelled the copy dialog. You have to kill the explorer.exe process from Task Manager and restart it to remove the file lock.

Entering Non-Printable ASCII Characters Into Text Files Under Windows (With MS-DOS Editor)

When editing a text file in Windows it is sometimes necessary to embed special non-printable ASCII control characters into the text. This is quite difficult in modern Windows versions. Windows does not allow any way to enter codes below code 032 (space) into standard text fields. Newer NT based versions of Windows also use UNICODE strings internally, which does not support lower ASCII control codes.

Notepad supports entering some of the character codes using ALT key codes. You hold down the ALT key and enter in the three digit ASCII code for the character on the numeric keypad. Number Lock must be turned on and you have to enter the numeric code on the numeric keypad (it will not work using the regular number keys). For example, to enter in a carriage return you can use ALT+013 or to enter in a line feed character, you can use ALT+010. Notepad allows a few ASCII control codes to be entered this way, but you cannot use all of them.

The best way that I’ve found is to use the MS-DOS Editor program (edit.com). MS-DOS Editor is still included with all 32-bit version of Windows. You can open it by entering ‘edit’ in the run box or command prompt.

In MS-DOS Edit you can use CTRL-P and then enter an ASCII control code which will be embedded into the text file. You can enter the code as an ALT key code or an ASCII control code,  a list of ASCII control codes is available here. So to enter the Form Feed character for example, you would press CTRL-P and then CTRL-L (or CTRL-P and ALT+012). It will place a symbol in the editor to represent the non-printable ASCII character. When you save the file in the MS-DOS Editor it will save the embedded character codes in the text file.

Once the file is saved you can re-open it in a Windows editor which supports ASCII text files like Notepad or ConTEXT. The symbol will be displayed in the editor and you can copy and paste it into other text files to embed the control code into them.

Be warned that many Windows programs and text boxes may attempt to convert the character code into something else when you copy and paste it (I believe it may have to do with Windows converting it to UNICODE). For example, when I copied the form feed (code 12) character directly from a console running DOS Edit, it pasted into other Windows applications as “?” (code 63). Notepad even displayed a similar character to the one in DOS Edit but it still was as a different character (not code 12) when I checked. Also, when I copied the character from a file opened in ConTEXT, it pasted into Notepad properly (as code 12), but pasted into the Visual Studio IDE as “?” (code 63).

Installing Windows Live Suite 2010 Wave 4 Beta

The beta release of the next Windows Live suite of applications has been leaked to the internet and is available for download. It can be installed on a regular system with no issues, but there are problems with the login process. The wave 4 applications detect that your Windows Live account is not part of the wave 4 beta program and will prevent you from logging in unless you sign up for the “dogfood” program (Microsoft employees only!). There are patches available to get most of the wave 4 applications to login with a regular account. A public beta of the suite will hopefully be available soon.

You can download a good torrent with the installer and required patches here.

The Windows Live Essentials installer is about 126MB and works offline (doesn’t download any components). The installer includes the following Windows Live applications: Windows Live ID, Windows Live Messenger (15.2.2583.119), Windows Live Call (part of messenger), Windows Live Mail (15.2.2583.119), Windows Live Contacts (part of Windows Live Mail), Windows Live Companion (15.2.2583.119), Windows Live Writer (15.2.2583.119), Windows Live Photo Gallery (15.2.2590.301), Windows Live Movie Maker, Windows Live Family Safety, Windows Live Sync, Microsoft Outlook Connector, Bing Bar (replaces the MSN Search Toolbar/Windows Live Toolbar). Windows Live SkyDrive has been integrated into the web interfaces for hosting photos and documents and also can now stream video.  Windows Live Mesh is still a separate beta but many of it’s features have been moved into Windows Live Sync. There may be other updates to the web based applications like Live Mail (Hotmail) and Spaces, but they are not available without a valid beta participation account.

Main Issues With the Wave 4 Beta

• Windows Live Sync which requires a valid beta account and doesn’t run.
• Windows Live Photo Gallery will work but cannot login to the network (also requires a valid account).
• Windows Live Movie Maker requires an Aero compatible video card or it will not run at all.
• Some of the applications crash at times (they are still beta!).

Overall, the applications run fairly well and perform decently. There are probably features that are still missing (like ribbon customization) but they are decent enough quality that they were released to Microsoft employees for testing.

 

Installing the Windows Live Essentials Wave 4 and Patches

1. Extract the RAR archive from the torrent and run the Windows Live Essentials installer named “run this first.exe”. Select the components you would like and proceed through the installation process.
2. Make sure that no Windows Live applications are running, if they are make sure you exit them.
3. Open the XML file “then run this second.xml”, it will open up in Internet Explorer and the information bar will pop up and tell you it has blocked running active content on your computer (picture).
4. Click the information bar and select the option to run the content. After the page reloads it should be installed.
5. Finally, run the patch named “then run this patch lastly.exe” and install it.
6. Restart your computer. After rebooting you should be able to use the new Windows Live betas!

(You do not have to worry about the Internet Explorer 9 tech preview installer that is also included in the archive)

New Features

The main feature is the new ribbon interface which has been added to Windows Live Photo Gallery, Windows Live Mail and Windows Live Writer. Many of the apps have moved things to the ribbon or to new side panes. There are new view and sorting options for many applications.

The new social integration features (like FaceBook updates) have been integrated into Windows Live and there are better publishing options as well. Live Messenger now supports tabbed conversation windows (like Lotus Sametime) and a new Social Mode.

Windows Live Writer adds better account support and blog sites can provide links to services and extensions which are available in the editor. You can create custom manifest files which define features for other types of blog sites. Editing is much easier with the options on the ribbon (rather than under menus) and plugin features are more accessible. You can also configure advanced permissions for posts like allowing comments and pings from the editor.

Windows Live Photo Gallery adds GeoTags (location tags) and many additional photo editing tools. The ribbon also makes working with tags and other meta data much easier.

Other Notes

• Windows Live Mail is prone to crashes when switching between the shortcuts (the lower right icons for Calendar, Contacts, Feeds…).
• Various Windows Live Writer plugins may cause it to crash, but most of them have no problem. Unfortunately there is no published command line option for running Live Writer without plug-ins so you can use the GUI to manage them. You will have to manually remove the offending plugin from the “C:\Program Files\Windows Live Writer\Plugins” folder. If they are in another location they may be COM objects and you should run their uninstall program to unregister them (or use “regsvr32 /u <DLL FILE NAME>” to do it manually).
• All of the tested Windows Live Photo Gallery plug-ins worked properly.
• A-Patch is an application which patches Live Messenger to remove adds and change other features like nudge delay and maximum file transfers. There is no version of a-patch which will patch the beta version of Live Messenger yet.
• Microsoft beta’s often do not update automatically to the full release and may require you manually uninstall the beta from Programs and Features (appwiz.cpl) before you can install the release version (when it comes out).

Conclusion

The new Windows Live beta applications are pretty nice and I personally like the new versions enough that I will use them instead of the old versions on my systems. This post was written and published in the beta Windows Live Writer.

I would not recommend installing it for every user, especially with the sign-in issue and possible crashes. Some of the earlier Windows Live betas (like the first Windows Live releases, and wave 3) were good enough that the betas could be installed for most users. I don’t feel this release is good enough quality yet.

Adding Custom Entries to the Windows Components Wizard in Windows XP

About the Windows Component Wizard

The Windows Component Wizard can be accessed from inside the “Add or Remove Programs” control panel (appwiz.cpl) in Windows XP. On the left hand side of the control panel (in the grey band) is a button to “Add/Remove Windows Components”, which will launch the Windows Components Wizard.

The wizard provides and manages a list Windows components and component groups which can be selected for installation or removal. Each item can be checked or uncheck to control it’s installation status. Once the user has selected the configuration they want, they can click the “Next” button and the wizard will perform all of the chosen installation or removal tasks.

About the Sysoc.inf File

All of the entries which are displayed in the Wizard are contained in the file “sysoc.inf” which is stored under the %WinDir%\INF directory (The INF directory may be hidden on some systems, but you can quickly open it by typing “INF” in the Run box).

Many people who tweak XP will recognize this file, as it has hidden components which are not listed in the Wizard (like Windows Messenger) which can be made visible by editing the entries in this file (and then removed using the wizard).

The file can also be used by the System Stand-Alone Component Manager (SYSOCMGR.EXE) tool which is included with Windows 2000 or higher for the unattended addition or removal of Windows components.

The Sysoc.inf Entries

If you open up the file you will see a bunch of INF code. INF is an installation scripting language which looks much more complicated than it actually is. If you’d like to learn about INF files, MSDN has some good documentation here.

Inside the file will be a [Version] section which we don’t have to worry about. The section we want to look at is [Components]. Those are the entries which form the root listing of the Components Wizard.

Each entry will have the following format:

[Component]=[DLL Name],[DLL Entry Point],[INF File],[hide],[Number]

Component is the internal name which is used to reference the component in the INF files. I’m not 100% sure what the  DLL name and entry point are for (probably setup procedures). The INF file is a separate INF which contains the component details and installation script. The hide entry is used to hide the item in the Wizard, or is left empty when the item is visible. I don’t know what the last number is for either, it usually is 7. All of the values are required except ‘hide’.

For example, in the line for Windows Messenger:

msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7

‘msmsgs’ is the internal name which is used to refer to the component within the INF files. msgrocm.dll and OcEntry are the DLL file and entry point. The next item is the INF file (msmsgs.inf) which contains the component’s information and installation code. The hide entry means it will not show up in the Component Wizard. Finally, there is the number 7.

The Component INF Entries

If you open up one of the component INF files which is referenced in sysoc.inf, you will see INF code which describes the component or group, and the code which is used to install or remove the component.

The first section that is unique is [OptionalComponents]. This section contains all of the internal component names, with the first being the top level option, and all of it’s child components after. I believe this defines the items in a group, but have not confirmed it yet.

The component name used in the sysoc.inf line will be the name of the section which contains the component information. For example, the Windows Messenger line listed above specifies the component name as ‘msmsgs’, That means the messenger component’s information will be found under the [msmsgs] section in the msmsgs.inf file.

Under the component’s section will be several directives. The following directives control what is displayed under the Component Wizard:

OptionDesc	Display name of the component.
Tip	Description of the component.
Uninstall	The INF section used to uninstall component.
InstallType	Number (Don’t know what it means)
IconIndex	Index of icon within a Windows DLL (shell32.dll?)
Modes	Comma separated numbers (don’t know)
SizeApproximation	Approximate size (in bytes) of installation.
Parent	Name of parent group.

The remaining section lines are standard INF directives which are used for the component’s installation process.

After you look at a couple of the component INF’s you should get a decent idea of how they work. Now we move on to:

Adding Your Own Entries

In order to add your own components you will first need to add a new entry under the [Components] section of sysoc.inf.

WARNING: If you edit the sysoc.inf file incorrectly, it will cause the Windows Components Wizard to crash or close unexpectedly. Make sure you backup the sysoc.inf file (or any others) before you modify them.

You can add your entry anywhere under the [Components] section. Make sure your component name is unique. For the DLL name and entry point you can use “ocgen.dll” and “OcEntry”. Some of the others can cause crashes, but I have used OcEntry many times and have had no problems. It may even be a dummy function call, many other items in sysoc.inf use it. Enter the name of your component’s INF file. You can include your component section within an existing INF file, or create a new one. You can leave the next value empty, or put in “hide” if you want it to be hidden. For the final value put 7.

Here’s an example of a custom component sysoc entry to install the Visual Basic 1.0 runtime library:

[Components]
vbrun10=ogen.dll,OcEntry,vbrun10.inf,,7

After that you will need to create your component’s section in the specified INF file and set it’s options. If you are creating a new INF file for your component you will need to also have the [Versions] section with the Signature=”$WINDOWS NT$” directive as a minimum. You should be able to test it in the wizard at this point to see how it looks. The final steps will be to write the installation code and make sure it all works.

For our example component, here’s the INF:

[Version]
Signature = $WINDOWS NT$

[DestinationDirs]
1=

[vbrun10]
OptionDesc = %CAPTION%
Tip = %INFO%
Uninstall = vbrun10_uninstall
IconIndex = 34
Modes = 0,1,2,3
SizeApproximation = 151552
CopyFiles = vbrun10_copyfiles

[vbrun10_copyfiles]
vbrun10.dll,,,

[vbrun10_uninstall]
DelFiles

[Strings]
CAPTION = "Visual Basic 1.0 Runtime"
INFO = "Allows you to run Visual Basic 1.0 applications."

Bypassing the Annoying Policy Settings on My Workstation

A lot of people in IT complain about Windows being unstable and insecure, but they probably aren’t running the system in a correct and secure fashion. I found a perfect example of this while I was working for a major PC manufacturer not too long ago. I had a workstation that was locked down with the absolute worst policy settings. Obviously some admin just went nuts with the policy editor, while having no clue about actual Windows security.

First off, the ‘Run’ menu was disabled. I hate when people do this because I honestly use the Run box for launching everything in Windows…even Word. Let me tell you now…disabling the ‘Run’ menu does nothing for security at all. You have to secure the system by properly restricting a user’s access so that their commands can’t do anything harmful. Disabling the box they use to launch the commands provides no security at all. There’s a million other ways to get the system to execute commands.

Getting around it on my workstation was as easy as launching CMD.EXE from a shortcut and using the ‘start’ command (which works almost exactly like the Run box).

Even if CMD.EXE had been unavailable, I could have easily written a short VBScript that passes the contents of an InputBox to the Windows Script Host’s Run command.

The second useless policy was the one that wouldn’t let me open my C: or C:\Windows folder by double-clicking them from Explorer. Yes you read right, the admin didn’t secure the disk/file/folder permissions, he just set the policy which prevents people from opening them directly under the “My Computer” icon.

So I could still use commands like “explorer /root,C:\”, which would cause Explorer to happily display the hard disk contents in a new window (more info on Explorer’s command line options is available here). Of course I could also freely manipulate the files from CMD.EXE or any application’s open dialog as well.

The only setting which was an actual hurdle was the policy setting which prevented me from running the system registry editor. There was no clever built-in hack that I could use to bypass this setting. I was still able to easily get around it however. I simply downloaded a third party registry editor which didn’t acknowledge the policy setting.

In fact, there are many available stand-alone Windows applications which can replace the Windows functionality that the above policies had disabled. If you browse a site like Shell Extension City, you’ll find software that would adequately bypass all of them.

I guess the point of this post is to show how easy it is to get around on Windows when it’s not secured properly. Windows policies can be very powerful when used correctly…but they should never be the first and only line of defense on your systems!