Replacing Task Manager with Process Explorer on Windows 7 64bit

I’ve happily used Process Explorer for several years using the replace task manager function whenever I can.  When I moved to the 64 bit version of Windows 7, the functionality to replace the task manager began failing.  It would appear to work; however, when invoking task manager by right clicking on the start bar I would always see the error that it could not find taskman.exe.

Today I learned that the method used for replacing task manager is called Image File Execution Options.  Basically, via an entry in the registry, calls for the execution for one program are substituted with a call to another.  When you use the “Replace” functionality within Process Explorer, it creates the following key:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe

That key has this value:

Debugger:  "C:\SYSINTERNALS\PROCEXP64.EXE"

The problem arises due to the way Process Explorer works on 64 bit systems.  When you run PROCEXP.EXE, it creates the 64 bit stub PROCEXP64.EXE as a temporary file.  While I admit to not understanding fully why it does this, the issue that causes the problem is that Process Explorer also deletes that file when it exits, so the substitution will not work.  The error message is a bit misleading, but it at least makes sense now.

Simply replacing the value of the Debugger key with PROCEXP.EXE instead of PROCEXP64.EXE fixes the issue.

NOTE: As always, messing with the registry should be done at your own risk and may cause problems with your system.

Thorn’s Law

This was quipped by someone I know.  I wanted to make sure to record it for posterity.

The longer you are is in the bathroom, the faster others rush in when you’re done.  That’s actually the time you want to allow some time…and distance!

I suppose it all depends on the HAZMAT level of the room afterwards.

Using an External Config File With log4net with ASP.NET 2.0 and IIS7

I started a new project recently and set about adding log4net to it.  I’d upgraded to a new Window 7 workstation over the past month whereas I’d previously been using XP, so the step up to IIS7 was exciting and and a bit anxious all at the same time.  My first hurdle so far has been using log4net.

I tend to be the type of person that likes to separate out the log4net configuration into it’s own file, usually log4net.config.  Setting up this new project; however, I started running into a problem I’d never seen before.  When trying to use the XmlConfiguratior to read my log4net.config, I would see this exception:

[SecurityException: Request for the permission of type ‘System.Security.Permissions.FileIOPermission, mscorlib, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089′ failed.]

Searching for others with this problem has not yielded much success.  I’ve seen articles stating that it’s an issue with medium trust security (on m local workstation trust was set to full) to problems with some sort of breaking code within log4net itself.  Most of these articles I suspect were not using IIS7, but it was hard to tell.

I ended up digging into the log4net source code to find out what was happening.  The problem would occur on a line of code that tried to access the FullName property of a System.IO.FileInfo object.  That property threw the exception worked fine it I tried to access it from my web project, but once it got down into the log4net guts, it would not.

After a lot of frustration, I finally started looking elsewhere.  I ran across a comment on Stack Overflow that stated they used .xml instead of .config files.  I had dismissed it due since others claimed .config files where fine, but recalling what I’d seen there I decided to try it.  *Poof* it worked!

I didn’t really want to leave the configuration in a file with the .xml extension since that could easily be downloaded from a server.  The discovery told me that it was likely due to something IIS was doing with ASP.NET to hide files, but the odd thing was that it could read from the web.config, so I was a little perplexed.  I started digging into how IIS7 handles these types of protected files. 

IIS7 ManagerIt turns out that there’s a section in the hosting configuration that lists protected files under the name “requestFiltering”.  Hmm…that was an interesting sounding name.  Unfortunately all the entries were only by file extension, not by file name directly so there had to be something else.

Request FilteringI ended up in the IIS7 Manager application and found the Request Filtering area.  I began to poke around in there and discovered another tab called Hidden Segments which had an entry for the web.config!  I clicked the Add Hidden Segment link under Actions and added a new entry for log4net.config and viola, my application worked!

I know that most of the IIS7 configuration settings are stored in various config files, including the web.config, so I started looking in there and found this new element in the <system.webServer> section.

   1: <security>

   2:     <requestFiltering>

   3:         <hiddenSegments>

   4:             <add segment="log4net.config" />

   5:         </hiddenSegments>

   6:     </requestFiltering>

   7: </security>

I believe that including this section will allow the files to work.  I even changed my trust level in my dev environment to Medium and it still ran just fine.

There may be other things that can cause this sort of problem, but this fixed my example.  Hopefully this helps someone else out there as it was a bear to track down!

How To Create Custom Libraries in Windows 7

Default Windows 7 Libraries I recently discovered a cool little feature in Windows 7.  I’d known about the libraries that come default, which include Documents, Music, Pictures and Videos.  I thought that it was a nice idea that these libraries looked in multiple locations.  While I hadn’t had much need for it yet, I can envision my home network utilizing it once I start upgrading my home machines.

At work, I’m testing the 64-bit version of Windows 7 RTM as a developer workstation in our environment.  One thing that I constantly kept doing while making sure my environment is set up correctly, is looking for an application in the C:\Program Files folder.  Unfortunately, there are quite a few applications that are still 32-bit, so they get installed in C:\Program Files (x86) so I find that although I have a 50% chance to look in the right folder, I get it wrong about 90% of the time.  Wouldn’t it be great if there was a library that included both!  I decided to try it.

Custom Library Contents in Windows 7 Right clicking in a blank spot in my libraries window gave me a New –> Library option.  Cool!  After giving my library a name (Programs) I found there was nothing inside, I went back and right clicked on my new library and chose Properties.  I was presented with a dialog that let me change a few things, such as adding folders the library should look into.  I added my two Program Files locations, closed the dialog, opened the library and viola!  There are all of my programs!  Very cool!

Custom Windows 7 Library OptionsOne thing I will briefly note, if this library is for a type of files that you will be actually saving files into, you can select the folder that acts as the default location to save files.  That way when you are in an application and you choose to save something, you can just click on the library and it will save in the default folder.  That’s not something you’re likely to do with programs, but there are other file types.  Another library I have added, for example, is Source Code.

Customized Windows 7 Library They only thing that was disappointing at this point, was the fact that there was no option to assign a custom icon.  I did a quick search on Bing (I did a quick Google on Bing?) and found this guide regarding custom libraries.  It explained that libraries are really just XML files located in the special folder at C:\Users\<User>\AppData\Roaming\Microsoft\Windows\Libraries with some data describing the library.  One of the elements you an add to the library is called <iconReference></iconReference> which simply takes a path to an .ico files.  It does note that for the best results a 256×256 icon should be used, or an icon with appropriate sizes all in one file; however, I found one at 128×128 for my programs and it worked fine.

Using Windows 7 with Multiple Gateways (Routers) and DHCP

Early last year we implemented a second Internet connection on our network.  We wanted to make it as easy as possible to switch between the two if the primary connection went down.  We are on a Windows domain and use DHCP from one of our domain controllers so it was easy to implement the 003 Router scope option with the two gateways and it worked great!

According to RFC2131 and the DHCP Options and BOOTP Vendor Extensions;

The router option specifies a list of IP addresses for routers on the client’s subnet.  Routers SHOULD be listed in order of preference.

That last bit was the key for working in our situation.  Our Windows XP clients grabbed the multiple gateway addresses and modified the routing table like this:

Active Routes: 
Network Destination  Netmask       Gateway    Interface  Metric
          0.0.0.0    0.0.0.0    172.16.0.1  172.16.0.40      20
          0.0.0.0    0.0.0.0  172.16.0.220  172.16.0.40      20

Both entries have the metric of 20, which was dynamically assigned by windows based on the link speed, the first entry is the one that was used.

We recently began testing Windows 7 in our environment.  We are fairly happy with most of the new features, performance and the overall experience in the new OS.  One thing that, so far, has been a great improvement is the new network stack.  With Vista, there were several issues including problems with unexpected freezes while network requests are made and problems with notebooks when trying to close the lid.  In Windows 7 most of those issues seem to have went away.

One minor issue that we did run across seems to be a bug, in my opinion.  When our Windows 7 clients processed the same DHCP requests as our XP clients, the routing table looked like this:

Active Routes:
Network Destination  Netmask       Gateway    Interface  Metric
          0.0.0.0    0.0.0.0    172.16.0.1  172.16.0.40      30
          0.0.0.0    0.0.0.0  172.16.0.220  172.16.0.40      30

Very similar results, just slightly modified metric which I can only assume is due to an updated algorithm for calculating the dynamic metric.  The only problem is that the second entry was being used as the default gateway.  We verified this on multiple Windows 7 clients.  It seems like it goes against he “order of preference” bit of the RFC.

It took quite a while and a lot of research, but I found out that Microsoft implements a vendor specific extension, 003 Microsoft Default Router Metric Base option.  The documentation for this value reads:

This value is a specified router metric base to be used for all default gateway routes used at Windows 2000 DHCP-enabled client computers.

This value can be assigned as an integer cost metric ranging from 1 through 9,999. It is used in calculating the fastest, most reliable, and least expensive routes. If a value is not specified, a default of either one (1) or the currently set interface-specific metric is used.

This is not very specific and for a while I did not think it would apply different metrics, but rather the same metric to all of the values in the 003 Router option.  I decided to give it a try regardless of my doubts and it worked!  Now, my XP route table looks like this:

Active Routes:
Network Destination  Netmask       Gateway    Interface  Metric
          0.0.0.0    0.0.0.0    172.16.0.1  172.16.0.40       1
          0.0.0.0    0.0.0.0  172.16.0.220  172.16.0.40       2

And my Windows 7 route tables looks like this:

Active Routes:
Network Destination  Netmask       Gateway    Interface  Metric
          0.0.0.0    0.0.0.0    172.16.0.1  172.16.0.40      31
          0.0.0.0    0.0.0.0  172.16.0.220  172.16.0.40      32

It is still disappointing that the DHCP routing options seems to be broken in Windows 7 (IMHO), and I am sure there will be plenty of people having similar problems when they begin rolling out Windows 7 clients in their environments.  Hopefully this article will save someone a little time trying to configure their Windows 7 clients to use multiple gateways.

What’s So Hard About Managing Podcasts?

<rant>What is the big deal with podcasts?  I’ve tried many different podcast client software and all have had one problem that seems to remain the same.  At times, they will suddenly start downloading old podcasts that have already been listened to.  Argh!  Some podcasts (like my local news, the Bend Bulletin) have archives going back or over 2 years that I then must go delete in order to clean up the massive amount of space they’re using again!</rant>

Ok, now that I’ve got that out of my system, the real question is, where does the fault lie?  Is it with the software itself, or is it the content provider?  Do the content owners change something that causes all of the items to look “new” or does the software simply fail at some point to recognize that the episodes are old?

I’ve tried Miro, Zune, Juice and HappyFish among others and they all seem to have the same occasional (once a week or so) problem.  If anybody has a better suggestion, I”d be happy to try it!

The one thing that I like to do, which may be different that most users (although I don’t think it’s so unusual) is to save some of the episodes.  For example, I subscribe to some guitar podcasts and many of the lessons I like to keep.  Maybe that’s messing them up?  It shouldn’t, but man it is annoying!

Fixing Windows Update on Windows XP

On the 4/19 the virus software we use falsely detected the system file wmiprvse.exe as a virus/malware threat.  The specific detection reported the file as Backdoor.Win32.Agent.afqs.  This happened on at least three of our workstations.  Some research on the web shows that more than one virus company had the same problem at around the same time which makes me wonder what happened.

While we were able to recover the file, some things just weren’t right.  The biggest problem ended up being with Windows Update.  When going to the site, it would simply hang on the part where it was checking your system for updates.

Investigation turned up mismatched versions of several of the wmi…. family of components.  Presumabl this was due to an incorrect file being restored by the system after the false positive event.  Trying to get it matched up correctly by had turned out to be problematic at best.

Finally I ran across an obscure post (sorry, I no longer have the link) where someone claimed that reinstalling a certain security patch from Microsoft fixed his problem.  After going through the re-installation of this patch on the first affected machine, it indeed worked!

The post referred to the MS09-12 securyt bulletin from Microsoft.  Most of the page refered to using Microsoft or Windows update to install the patch, which of course was not possible.  I was able to track down the direct download link for the file and I thought I would post it here for posterity.