Monday, July 05, 2010
The event was a great success. In addition to the 500 of us walking up and down the halls of the three congress buildings and the three senate buildings and having our meetings and drop-offs, over 2000 of you called in to your elected officials as part of the National Call-In.
As of today, we now have:
- 225 co-sponsors for the House of Representatives bill (HR 745)
- 17 co-sponsors for the Senate bill (S. 3320)
In order for a bill to become a law, the bill must pass separately through both the House of Representatives and Senate.
To see the current numbers, visit http://pancan.org/section_get_involved/advocate/congressional_update.php.
Monday, June 21, 2010
My wife, Deborah, and I are in Washington D.C. for PanCan National Advocacy Day, June 22nd 2010. Today we learned how to become lobbyists to advocate for helping to solve the problem of Pancreatic Cancer. Tomorrow, almost 500 of us will head to Capitol Hill to meet with our senators and congressmen to ask two things. First, that they co-sponsor the (House or Senate) bill in support of Pancreatic Cancer and second to increase funding for Pancreatic Cancer research.
Pancreatic cancer is the only one of the top 10 cancer killers with a 5-year survival rate in the single digits (6%).
There are currently no early detection tools or effective treatments.
[Update]
We all went visiting the senators and congressmen and visited with their health liaisons to discuss their co-signing the bills (or thank them if they already did) as well as letting them know we want them to increase the Pancreatic Cancer funding level.
Weather was wonderful and we made all our appointments. In some cases, it was simply to drop off the packets of information for the congressmen of other districts.
Wednesday, April 21, 2010
Unlike earlier Tivos, the Premiere requires a multistream cablecard called an M-Card.
My first chat asked if I could pick up an M-Card self-install kit and the operator said yes. I went to the Pompano office, stood in line an hour and the counter person said that was not true. She wrote up the initial order to send out the installer.
My second chat was to make sure the order had instructions to bring M-Cards and not charge me for the installation. The chat person said she added the info to the order.
The installer came last Wednesday with no M-Cards and nothing on the order that said M-Cards were required for the Tivo Premiere.
I heard nothing for days so called and the operator set up the 2nd appointment for today – it had to wait for M-Cards to be available.
As I said, the installer came today with no M-Cards and nothing on the order that they were requested.
If things continue as they have, I will not hear again from the Comcast installer (contractor) that went to get an M-Card.
We shall see.
[Later that day…]
Well we have success. An M-Card was located and installed without incident. Contacting local Comcast supervisors may have helped – once they got on board with the issue, they kept me in the loop with several emails up through completion of the install.
Cablecard installation into Tivos (Series 3, HD Tivo and the new Tivo Premiere) have had frequent problems, generally due to bad cards, installers not familiar with Tivos and communications between the installer and the service department that has to provision the cards. See this long forum thread for more info: Official Comcast CableCard Thread.
This is an email that Comcast makes available to help in cases like this: we_can_help@cable.comcast.com.
This is a link to a direct online support forum through Broadband Reports: http://www.dslreports.com/forum/comcastdirect. This is a useful forum to join for other reasons.
Sunday, March 21, 2010
Some time ago, I blogged about setting up my home email server to support incoming email using the Rollernet.us service (How I Solved Comcast's Block of my SMTP (Email) Port 25). Most of my incoming email is through the webguild.com site but in this case, it is business-related email for my wife’s site, www.debsrealty.com which is hosted by the same home server.
The Webguild email was spam-filtered fairly effectively but the email coming in to Debsrealty via Rollernet was leaking lots of Canadian pharmacy and other spam. Lots of this spam is originating from some network of infected computers like the Waledac botnet). These spam emails are very difficult to block using the Outlook rules so I logged on to the Rollernet account to see what they offered for spam filtering support. It turns out there is pretty good support.
There five filtering options available. 
I had not configured any of them but two of the five were already enabled (DNSBL and SPF). I then turned on two of the remaining three options (Greylisting and Anti-Virus) to see if that solved the primary problems. Greylisting keeps track of incoming emails looking at three things (sender’s IP, From and To). If it is new, it replies to the sender to retry later. Normal senders will retry but spambots don’t bother. Retries are passed on by the filter and it remembers so future email with the same “triplet” are pass without delay. This technique is very effective and did successfully block all of the pharmacy spam that Deborah was receiving. There are logs of all incoming email kept by Rollernet to see whether or not an email was filtered and why.
The final option is the SpamAssassin filter which looks at the content to see if it can recognize spam and add **SPAM at the start of the Subject of suspicious emails (easily checked by Outlook rules). SpamAssassin assigns a score to each email on how certain (on not) it is that the email is spam. Then you specify the score that you want to use and if an email has a higher score than your threshold, it will be flagged as mentioned (or you can block it). I may enable this if Deborah gets more spam not blocked by the other methods.
Thursday, March 18, 2010
|
Ave.exe Removal Instructions
If you have this ave.exe rogue anti-virus infection and are too anxious to read this posting, these are the removal steps that worked for me on Windows XP:
- Type Ctrl/Shift/Escape to bring up the task manager.
- Kill the ave.exe process. The popups will disappear. Leave the task scheduler up.
- Type Windows/R (to get the Run box) and type regedit and OK.
- Ave.exe will start again, just do step #2 again.
[Note: Be careful with regedit. If you are not familiar with it, use other solutions for this infection]
- In Regedit, go to HKCR\.exe\shell\open\command. You will see something like this for (default):
"C:\Documents and Settings\[your account]\Local Settings\Application Data\ave.exe" /START "%1" %*
- Modify the value to be:
"%1" %*
- Do the same with HKCR\secfile\shell\open\command.
- Delete ave.exe from the location in step 5.
At this point, you have control back and no more popups.
- Download the current version of Malwarebytes' Anti-Malware and run it.
- Choose to fix the items the scan found.
- Run a scan of your regular anit-virus program.
- Now you can read the rest of this post and add a comment about your experience!
|
This week I attended the Microsoft MIX10 Web Designer/Developer conference in Las Vegas. After the last session of the last day, before they kicked me out of the hall with the free WiFi, I somehow contracted a virus (I think from isohunt.com though just from browsing the site; I did no downloads). I actually did not realize it until the next time I started the laptop. I got a virus infection warning popup and then another window opened automatically running a scan and finding lots of infected files.
Then a tray notification bubbled up with more warnings.
The laptop was really scared out of its mind!
Well, I did not recognize the program displaying the warnings. The laptop is an old Dell running WinXP and is up to date with patches and runs AVG Free as its anti-virus software. The window title of the warning and scanner was Total XP Security. I suspected the laptop was infected with a virus that mimicked an anti-virus program. Process status showed ave.exe, a process that I did not recognize. Killing the process closed the popups. Until the next run of a program (like explorer). Some programs would not start at all (like my AVG scanner).
I searched for ave.exe but the search did not find it (it was there but hidden). I then searched for all files modified today and it found lots that shouldn’t have been. Exe’s that were installed long ago had a timestamp of the time the conference ended.
So with my laptop basically disabled, I used my BlackBerry to googled for ave.exe virus. There were several hits and I selected the Virus Removal Guru site. Looking at the manual removal instructions, I killed the ave.exe process and then I located the ave.exe (C:\Documents and Settings\[username]\Local Settings\Application Data\ave.exe) and removed it.
Well all of a sudden, none of my programs would start. They displayed the Windows dialog box to select a program to run the exe(?). That indicated to me that the programs first ran the ave.exe and then it did its work and transferred back to the originally requested program. Without ave.exe around, the requested program could no longer start up. The program I really wanted to run was regedit to fix up the registry. The running explorer still worked but I could not start up a new one.
I noticed that the programs in my launch bar (PowerBar) still ran but the same program would not run from explorer. I dragged regedit into the launch bar and clicked it and it did run! OK, Now I was back in business. I continued with the manual instructions from Guru but the registry keys it mentioned did not exist. I was hesitant to run their automatic removal tool since I am not familiar with their site. My next step in regedit was a search for ave.exe. There were several hits (ignore the scnsave.exe hits). The hits showed how it intercepted the execution of programs to do its deed first.
The first hit was:
HKCR\.exe\shell\open\command
(default)
"C:\Documents and Settings\Gary\Local Settings\Application Data\ave.exe" /START "%1" %*
I changed it to match others that were not altered:
"%1" %*
This did not work. The programs still failed to start. I went to the next hit
HKCR\secfile\shell\open\command
This did work (phew!)
There were a few more hits related to Iexplore and FireFox.
So things are working better now. I started up a complete scan with AVG Free and it is still running. I will research some more to make sure everything is cleaned out before claiming success.
Here’s another link and there are several others. As this post mentions, manual removal of viruses is generally difficult and if you make mistakes changing the registry, you may damage your system.
Well, I am now at the Las Vegas airport, waiting for the time to board my midnight red-eye back to Ft. Lauderdale. I was wondering what I was going to do to fill the time between 6pm and midnight. So a successful virus eradication plus a blog post were not on my plans but I guess you do what you’ve gotta do:)
[Update] Some of the research shows that this virus may be removed by recent versions of Malwarebytes' Anti-Malware. Anti-Malware found many infections which I chose to fix all. I then ran the AVG scan and it found none.
Some references about this virus:
I think the way I got infected was at isohunt.com. I clicked a link in the right nav Top Searches; went to the second search-results page which partially displayed the hits and then displayed a warning about the site containing malicious software. I clicked in the warning and exited the site completely. I think clicking on the warning is what initiated the download of the infection.
Sunday, February 28, 2010
Yesterday was the South Florida Code Camp 2010 in Miramar (that’s between Miami and Ft. Lauderdale). I gave a presentation on integrating PayPal Website Payments Standard with ASP.Net C#. I included a demo web application showing four different options to program the application though from the buyer’s point of view, all four examples looked and acted the same.
PayPal standard is the familiar option that displays PayPal buy-buttons to the buyer and when clicked, control is transferred to PayPal for the buyer to complete the payment and hopefully return to the website.
Each Buy Now button is a <form> with some hidden <input> fields and the button <img>. The four examples show different ways to implement or create the <form> fields. The first two examples redirect directly to PayPal as specified by the form’s action parameter and the last two examples post to an aspx page that controls building the post form to cause the redirect to PayPal.
- Example 1 – This page builds the form and fields and may be seen with a View Source. This is easy and can be dynamically built by the code but may be hacked by a user that can copy and modify the page source (like the amount field) to buy your product or service at whatever price they want. Automated fulfillment sites may miss this fraudulent purchase.
- Example 2 – The seller used PayPal’s button factory to build a hosted button. This solves the security issue but at the expense of the dynamic nature of the form field generation and the issue of manually having to create a button for every product of your inventory. View Source shows the main field in the form is the identifier of the hosted button.
- Example 3 – In this example, clicking the button does not sent the buyer to PayPal immediately (though it appears that way to the buyer). View source will only show the product’s ID is passed in the form which calls PayPalRedirector.aspx. The aspx page looks up the product in the database to get its name, price, etc. and builds the html needed by PayPal (much the same as seen in Example 1. It pushes this html to the buyer’s browser with an automatic form submit. This is a bit more secure than Example 1 but a knowledgeable user can capture the generated html to forge a similar fraudulent order.
- Example 4 – This final example solve the hackability problem and still allows dynamic buttons to be generated. The button form is generated as in Example 3 but is encrypted before sending the redirect form to the buyer’s browser. This does require that the seller obtain an encryption certificate and upload the public key to PayPal so PayPal can decrypt your button.
The PayPalRedirector.aspx code used in Examples 3 and 4 used a class library (PayPalStdLib) I wrote to allow easy strongly-typed access to build and initialize the object with the payment parameters and a method to initiate the redirect to PayPal. This is a bare-bones class you can enhance with additional properties as needed for your own use.
The presentation was the last of the day but was well attended by a lively group who had many questions. See my article about PayPal Encrypted Website Payments for additional information about that part of the code in Example 4. Source code and PowerPoint slides are available at http://code.msdn.microsoft.com/webguild.
Plug: Webguild does PayPal development, integration and consultation including full-blown PayPalStdLib and PayPalProLib class libraries.
Thursday, February 18, 2010
Yesterday, my Windows Server 2008 R2 laptop was running extremely slow. Eventually, I figured out it was all video related – resizing windows, Snagit, even Outlook opening email. The Aero theme was enabled.
A Google search helped pinpoint it to the Hyper-V role I had recently added. The combination of Hyper-V (the virtualizaton software for Server 2008 R2) and Aero is the problem.
Switching off the Aero theme helped a lot but removing the Hyper-V role is the real answer for now.
I wanted Hyper-V to play around with a
virtual image of Win Server + Visual Studio 2010beta.
Links about this problem:
Wednesday, July 29, 2009
My connection used to be fast when I first installed my TRENDnet TEW 672GR Wireless “N” Gigabit router. I have three computers that are connected using a wired GB connection. Things just seemed real slow when sending or receiving large files between the home server and my (or my wife’s) PC. For example, shutting down MS Money writes a backup to the server and this took several minutes. Copying a gigabyte .avi movie file would take a long time and copying a DVD would take hours.
So I needed some metrics to get a baseline. I decided on Jperf (tutorial) which is a graphical front-end to Iperf. With this tool, you run the client at one computer and the server on the other. The program easily connects between them and sends messages back and forth for several seconds and displays a graph of the performance.
The graph shown on the left is the performance I was seeing which was about 376KB/sec.
Another tool I used to get some more data is WireShark. This is a complex tool to capture low-level packet data on the network. I viewed some tutorials on YouTube and captured a few seconds worth of data (that’s actually a lot of capture). It did confirm that gigabit throughput was happening by looking at the time between frames, but there were areas of re-transmissions due to failed acknowledgements, collisions or something. It takes a lot more networking experience to analyze these captures than I have or want to learn at this point.
So the first thing I tried was to replace the cat5 homemade cables with cat6 manufactured cables from Monoprice, a great place to get cheap inexpensive cables. This did not improve things at all.
I next tried a 7.25 GB DVD transfer and it would have completed in about 4 hours if I let it finish (see screen shot on right). The transfer rate is 556 KB/sec, a bit faster than the above graph. It also shows the network utilization at a fraction of a percent. The little graph at the bottom is a nice little utility called DUMeter, nice to keep at the bottom of your desktop.
My next test was to connect my PC and the Server with a 25’ cat6 cable port to port, bypassing the router altogether. This requires a crossover connection so the cable wire pairs are correctly flipped (normally done when connecting via a hub, router or switch. There’s no DHCP to assign IPs when connected this way so I had to assign static IPs to each site (192.168.1.1 and .2).
The throughput jumped to what it should be when using Jperf. Now, instead of 4 hours, the file transfer would take about 7 minutes.
The transfer rate is about 23MB/sec and net utilization is 25%. That’s about 50 times faster.
So with the TRENDnet in the middle, the transfer is slow and without it, the transfer is fast. That tells me the router is the problem and that something is seriously wrong with the Gigabit part of it (the wireless part is fine).
I looked at the TRENDnet router configuration settings but there are very few related to the wired LAN and nothing performance-related. Most settings are for wireless. I checked the TRENDnet knowledgebase and forums and found nothing obvious. I started a trouble-ticket with TRENDnet and sent them a screen capture of the performance issue.
I continued thinking about the difference between the two tests and decided to try removing all the attached cables from the router to make sure none of the
other devices was causing the problem. There are four ports on the router: 1) Server, 2) my PC, 3) wife’s PC and 4) connection to a 8-port cheapie switch (Zonet). Disconnecting one at a time quickly showed that the Zonet switch was the culprit. With it out of the mix, I had the fast network with the TRENDnet. Even if no connections were in any of the Zonet ports (the Tivos, etc.), it caused the slowness. So I told TRENDnet support that they could close the ticket, it was not their device’s fault.
This is the final Jperf graph for the fast network at 36372KB/sec. If the above graph was included in this graph, it would just be a straight line at hugging the bottom around 0.
Update: I tried a different switch (a TRENDnet 10/100 Wireless 4-port router, actually) and it had the same effect as the Zonet switch so the problem is not fixed as I thought. I will get a new Gigabit switch which should work, else I am back to blaming the TRENDnet Gig router.
Monday, March 30, 2009
My younger brother, Dr. Ron Davis, was diagnosed with Pancreatic Cancer last February and passed away nine months later. Ron was diagnosed while president of the AMA. Ron was a preventative health specialist and worked for years for the Center for Disease Control's Office on Smoking and Health under Dr. Everett Koop and later, for the Ford Health System in Detroit.
Today, I am in Washington D.C., preparing with my wife Deborah, to participate in the third annual PanCan Advocacy Day (tomorrow). Our "team" will meet the Florida senators (Mel Martinez and Bill Nelson) as well as our congressional representative Ron Klein. In addition, we will meet with a few other reps and for those we don't have scheduled meetings, we will drop off a packet of information about this disease.
There are two things we are asking of these elected officials:
- To co-sponsor the Pancreatic Cancer Research and Education Act, and
- To double the budget for the NCI over the next five years ($6B for FY10)
Here are a few facts about Pancreatic Cancer
- It's the fourth leading cause of cancer-related death
- There are currently no early-detection tools (usually, by the time you find out you have it, it's at stage 4)
- 75% of Americans diagnosed with Pancreatic Cancer die within the first year.
For more information, you can see my Team Ron page and also the PanCan site and Advocacy Day pages.
Wednesday, November 26, 2008
The Netflix Now Showing gadget for the Windows Vista Sidebar is a useful little thing to display the DVDs you currently have checked out as well as a few of the upcoming DVDs you are to receive from the top of your Netflix queue.
Sometimes, when my Windows Vista 64 Ultimate starts up and I log on, an error message pops up three times indicating Line 91: Error: 'xmlathome' is undefined:
A search of Google showed several people had this error (which was an annoyance but did not prevent the gadget from working). I went to the author's site but there was no mention of the gadget there.
So, I decided to click Yes to debug using Visual Studio. The line in error was highlighted:
var athomestate = xmlathome.readyState;
The debugger showed that xmlathome was truly undefined (null) so the attempt to reference readyState caused the error.
Looking at the code showed that a race condition existed where the CheckState function could be called before the xmlathome variable was initialized. The fix is to make sure the variable is initialized before the function could ever be called. The line to initialize the xmlathome variable just needs to be moved up in the code a few lines (from line 77 to line 71 as shown):
The file that needs to be fixed is netflix.js in this folder (copy/paste this into Windows Explorer):
%UserProfile%\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Netflix[1].gadget\