June 2011 Entries

The "scour" or Rootkit.Win32.TDSS virus has a long history which can be found here: http://en.wikipedia.org/wiki/Scour

Here is the primary symptom: after searching for something in your web browser using google, one of the results that you click on redirects you to scour.com.

If you've executed ClamWin, Malwarebytes, McAfee, Norton, etc. to find and isolate the virus without any luck--this isn't really a surprise, since this virus attaches to existing system drivers.

I only know of one reliable package that will remove this without ill effects--like adding new spyware. This package is called TDSSKiller. I have seen multiple websites that claim to have this software available, but the one that I know is reliable is located here:


Once you go to Kaspersky's tech support site, the TDSSKiller zip file is available for downloading.

When you execute this software, you will be able to "cure" or repair the infected driver. Remember to jot down the name of the driver for future reference--should you need to reinstall the driver from a "same-as" working computer, or your install disk if the repair is ineffective. The driver that happened to get infected on my computer was the tcpip.sys driver. This caused my win sockets to loose their ip addresses. In most other instances, less critical drivers such as HDAudBus.sys are infected. In my case, I was not through correcting my computer problems until I corrected the broken WinSock issue and loaded an earlier version of the tcpip.sys driver from: C:\WINDOWS\ServicePackFiles\i386 which I placed in: C:\WINDOWS\system32\drivers

Don't forget to reboot your computer after your repair!

Once you download TDSSKiller and cure/repair your infected driver(s), the redirect on google searches should disappear .

If you're like me, you've probably clicked/clacked, docked/undocked the window with the edmx file while you were working on it in visual studio without intending to--and now, the entity diagram is gone and you are unable to open the file again from the solution window!

Luckily, the edmx file is just another visually displayed xml file. From the solution window, right click on the edmx file  -- select "Open with..." -- choose Xml . Once you see the xml for the edmx file close it. Go back to the solution window, then double click on the edmx file. It should now come up presenting the default ER diagram.


The chances are pretty high that you are creating a multi-tiered application with a solution that may be calling several different projects, one of which is the ADO.NET Entity Framework DAO-layer. In order for the entity frame work to work outside the immediate project that its been created under, you'll have to import the connection string built by the EF wizard at create time to your other project's application or web config file.

Here's an example.  I have two projects under a single solution, 1 project is a test driver console app called RetroCar.Test.EF.  This project depends on a data access layer project called: RetroCarEntityFramework.  Even though RetroCar.Test.EF is just a simple unit test console app without an obvious need for a config file, I still need to import the connection string used in RetroCarEntityFramework in order for the test driver application not to bomb out.  The best way to do this is just go to the project RetroCar.Test.EF and add a new application config file item, then cut and paste the connection string from RetroCarEntityFramework into that. Recompile. This should fix the trouble.

If your woes drill down in the trenches of EF further, check out this thread on the topic:


Yes, Microsoft is getting quite a reputation for abandoning or deprecating it's data access products/libraries. One thing you can do is download a 3rd party product called dotConnect by DevArt. The express edition is free.


... however, if you are working in a shop that doesn't like its development team to use not well known  third party tools, there's an alternative--but it still requires that you go to a non-microsoft source. Use Oracle.DataAccess.dll with the Oracle Data Provider .NET (ODP.NET) client installed. This can be found on Oracle's website:


For now, System.Data.OracleClient still works, however Microsoft's deprecation message on compile is a warning to you that the feature will eventually be phased out completely--and although works, may not actually be supported.

Vista has an auto tuning feature which is hit and miss, depending on what network appliances/cards/devices you've got hooked up.  Try this:

1. Navigate to  Start>Programs>Accessories>MS Command

2. Type:  netsh interface tcp show global

3. Look the line for receive window auto tuning.  If it says highlyrestricted type this command (all on one line):

netsh interface tcp set global autotuning=restricted

4. Try browsing, if it isn't any better, enter the same command like, just change restricted to disabled. Try browsing again, if there is still no improvement,   change disabled to normal.


For those of you interested in the techie details, check out this blog:

TechNet CableGuy