Recently I was creating a simple PHP webpage that required an MSSQL connection for a query. I installed the freetds-0.91-15 driver on my Oracle Linux and configured unixODBC-2.2.11-10.el5 appropriately. All went well and I soon had the first results on my page. My next task was to create a simple enough query that would ‘count’ some database rows. Simple enough, right? Well, at least up to the part where I ran into this error:
No tuples available at this result index in […]
All the posts I found referred to multiple result sets in which ‘odbc_next_result($result);’ should be the resolution. The weird part was, pasting of the echoed $sql into the MSSQL query box would give me the desired effect. One result with an count of the rows. The same SQL in the PHP script would give me the ‘no tuples’ error. I nearly fixed it the ugly way (counting the rows in an php while that would work) when I had an insight.
In the mssql output i noticed NULL fields in the table column that I was counting. So i figured, might counting NULL values somehow trigger the ‘No Tuples’ error im getting?
So this is what I ended up testing:
SELECT COUNT([sdk].[Events].[FirstName]) as Counted FROM [sdk].[Events] WHERE [sdk].[Events].[PeripheralName] like '%Search%' AND [sdk].[Events].[EventTime] BETWEEN '1' AND '31'
Which resulted in : Warning: odbc_fetch_array(): No tuples available at this result index in /var/www/db.class.php on line 52
SELECT COUNT([sdk].[Events].[FirstName]) as Counted FROM [sdk].[Events] WHERE [sdk].[Events].[PeripheralName] like '%Search%' AND [sdk].[Events].[EventTime] BETWEEN '1' AND '31' AND [sdk].[Events].[FirstName] is not null
Which resulted in an working count query.
Yesterday Mcafee released a new DAT update that caused mcafee to identify svchost.exe as an infected file. Mcafee next attempts to quarantine this file which results in windows rebooting with a shutdown message some of us will remember from the Sass worm chaos.
Result of this is that the machine can be used anymore. svchost.exe is a name for general hostprocesses ran from DLLs, and pretty important for windows. If you would like to get an idea of the impact on you system this article might be all you need 🙂
Now how to recover?
1st i would advice to follow any manual mcafee brings out describing how to recover using the mcafee scanner console. In the cases where the quarantine is deleted (some of our machines) follow the instructions below…
If you are unable to restore svchost.exe from the quarantine you might follow these steps to recover your system.
0. Get the corrected Superdat from Mcafee and put it on a USB, CD or other available media, No network locations.
1. Boot from the windows CD and select the recovery console.
2. Select the correct windows partition and logon as the local administrator.
3. Browse to C:\windows\system32 using the command : cd \windows\system32\
4. open de CD-rom player using the allocated drive letter, usually D:\ by typing D:
5. Browse to the i386 directory located on the CD using : cd \i386\
6. copy the original svchost.ex_ to your windows drive using the command:
expand svchost.ex_ C: (C: is the drive you where on in step 3, this might differ,
in which case you need to change the drive letter to your system specific drive)
7. Boot the system in savemode. The selection can be done by pressing F8 repeatedly during boot.
8. While in savemode run and execute the superdat you accuired in step 0.
9. After the update reboot your system normally.
This is a pretty long road, but will fix the problem in all cases.
Thanks to Benjamin van Ditmars for suggesting the Expand option. We used a “good” copy of svchost before this suggestion. The expand option is “saver” 🙂