As explained by Brian Krebs in an cialis jelly title=”http://windowssecrets.com/links/casamqr63t9zd/948e29h/?url=www.washingtonpost.com%2Fwp-dyn%2Fcontent%2Farticle%2F2008%2F11%2F12%2FAR2008111200658.html%3Fsid%3DST2008111801165%26s_pos%3D”>article at WashingtonPost.com, Hurricane — one of the two companies McColo depended on for its Internet connection — took the action after the newspaper informed the provider of McColo's role in hosting all sorts of Internet bad guys.

According to Krebs, McColo's clients included "international firms and syndicates that are involved in everything from the remote management of millions of compromised computers to the sale of counterfeit pharmaceuticals and designer goods, fake security products, and child pornography via e-mail."

The spam reduction held for a couple of weeks before rebounding, according to a Nov. 26 story at InfoWorld.com.

McColo's servers didn't send out the spam themselves. Instead, they provided the command and control for a vast network of PCs infected with malware. A collection of hacked PCs that have been turned into automated spamming machines is known as a robot network or "botnet." Security professionals name these botnets after the malware that runs them, which include Asprox, Rustock, Cutwail, and Srizbil.

The malware creators rent their botnets to spammers, who in turn use the control servers to coordinate the transmission of huge amounts of junk mail, as explained in another Washington Post story.

Your computer could be a spam zombie and you might never know it. And if you think your security software is keeping your computer safe from botnet slavery, you'd better think again.

A recent study by security firm FireEye revealed that antivirus products detect bots less than half the time. The study tested AV programs using Virus Total's free malware-scan service; consult that site for a list of the AV products tested.

Your four-step spambot-safety program

What can you do to prevent becoming a botnet victim? Although there are no perfect solutions, the following actions will help prevent your system from being compromised. (My thanks to the security blog written by Wiz Feinberg for many of the tips.)

Step 1: Keep your security products up-to-date. Although the FireEye study found little protection against bots from antivirus products, the study's author, FireEye chief scientist Stuart Staniford, did note that "AV works better and better on old stuff — by the time something has been out for a couple of months, and is still in use, it's likely that 70% to 80% of products will detect it."

Update your antivirus program regularly with the latest patches and virus definitions; even if the app doesn't catch the latest bot, your AV protection will reduce your risk of catching older malware still circulating around the Internet.

Step 2: Use a software firewall. By carefully monitoring your Internet connection, you'll reduce your risk of infection by botnet malware. By default, the firewalls built into Windows XP and Vista monitor only incoming connections. The firewalls can be configured to monitor outbound traffic, but doing so is technical and problematic for most users. The differences between the firewalls in XP and Vista are described in this Microsoft TechNet article.

Many free, third-party software firewalls are bidirectional. Third-party firewalls sometimes require updates after you install Patch Tuesday fixes from Microsoft, but the added functionality of these firewalls can make this inconvenience worth living with. WS senior editor Ian "Gizmo" Richards describes the best products in his July 31, 2008, column.

Step 3: Get a free diagnosis. Some security products are intended specifically to combat the botnet plague. For example, RUBotted is a free utility from Trend Micro that sits quietly in your system tray and monitors suspicious activity (more info). If the program spots an infection, it alerts you to take action. The program is currently a beta, but it worked fine for me.

According to a post by security blogger Feinberg, RUBotted encourages you to scan your system with Trend Micro's free HouseCall online virus-scanning service, which detects and removes many malware infections. Note that on my system, RUBotted uses 8MB of RAM.

Figure 1. Scan your system with Trend Micro's RUBotted to ensure that your PC is bot-free.

Full disclosure: Feinberg's blog is sponsored in part by RUBotted's manufacturer, Trend Micro. But I don't consider this to be an argument against using RUBotted.

Step 4: Try Norton AntiBot. Another bot-specific security product is Symantec's Norton AntiBot (more info). This $30 program claims to monitor, detect, and remove bots before they can cause harm. Norton AntiBot uses behavioral analysis rather than definitions for specific bots and received an Editor's Choice award from PC Magazine in 2007.

Microsoft has acknowledged that it will allow system builders to pay for installed copies of XP through May 30, rather than shutting down the pipeline this month.

If you order from your preferred vendor by Jan. 31, you may be able to rely on XP for new systems almost right up until the long-awaited Windows 7 ships, an event that's expected cialis instructions to occur within a few months.

Vista is looking more and more like the Edsel of the computer industry. Presumably as a result of slow uptake by corporations and individual users, Microsoft last month confirmed that it will allow OEMs and smaller-scale "system builders" to pay as late as May 30, 2009, for copies of XP ordered by Jan. 31. (Vendors won't have to pay Microsoft until the systems sell. MS previously had been expecting payments for copies of XP by Jan. 31.)

The details of Microsoft's new, flexible inventory program were first reported on the ChannelWeb site.

Combine this news with reports that Windows 7 may ship as early as mid-2009, and it looks like Microsoft is ready to relegate Vista to the binary scrapheap. Maybe the company's recent $300 million marketing push for Vista wasn't so successful as Microsoft claims it was.

As Mary Jo Foley states in her All About Microsoft blog, vendors of low-budget PCs such as netbooks were already being allowed to sell new systems based on XP through June 30, 2010, or one year after Windows 7 ships — whichever came first. Microsoft's new policy now gives a reprieve to builders of mainstream computers, and to end users who want to buy systems running Windows XP, not Vista, indefinitely or until Windows 7 is a proven commodity.

Will the Windows 7 RTM make an early entrance?

The official release of Beta 1 of Windows 7 to the public is widely expected to occur next week. If all goes well with the remaining testing, indications are that the final, RTM (released to manufacturing) version will be available as early as August. Lending support to this theory is the fact that the end-user license agreement of Beta 1, like all recent prerelease versions of Windows 7, states that the software will expire Aug. 1, 2009.

This feature — as well as the use of the product's built-in slmgr -rearm command to extend the beta's trial period without an activation key — was recently explained by Marius Oiaga of Softpedia. Other sources predict that Windows 7 won't ship to OEMs until October 2009, becoming available to end users the following month.

Early reviews of the Windows 7 beta, such as those summarized by the Telegraph of London, variously describe the new operating system as being not much different from Vista or representing an unspectacular-but-solid improvement. If Windows 7 turns out to have better performance and reliability than Vista, as some reviewers believe, the OS may gain a measure of relieved acceptance from end users after only a few months on the market.

Paying a premium to downgrade from Vista to XP

The extended availability of XP on new PCs will gladden the hearts of many Windows users. For a few unfortunates, however, the XP option is coming at great cost.

Eric Krangel reports on the Silicon Alley Insider blog that Dell has gradually been inflating its surcharge for "downgrading" a PC from Vista to XP. The bite rose last June from U.S. $20 to $50, then spiked in October to $100, and now is a whopping $150.

The fact that Dell's customers appear to be willing to pay this amount or more to avoid Vista may be the greatest indictment of Microsoft's unloved OS.

The reality is that the Redmond software giant has been forced by popular opinion to provide customers with a Vista-free option — an extended life for XP — more than two years after Vista's rollout. Depending on your point of view, this concession can be interpreted negatively as an act of desperation or more positively as a burst of marketing acumen on the company's part.

Moreover, even if you have 4GB of memory installed in your PC, you may not be able to use it all. For example, if your video card comes with 1MB of memory and you have 4GB of RAM, your system actually has 5GB of memory physically installed. But Windows will use only 4GB of that total, regardless.

It gets worse: according to a comment posted to the MSDN article, Windows itself is getting only 3GB because the video card gets 1GB. This happens because the memory aperture — a portion of system memory — is used to work with the video system.

Ways to break through Windows' RAM ceiling

Fortunately, there are techniques you can use to get around Windows' system-memory limitations. One method is to use Physical Address Extension (PAE), a feature of x86 processors that lets 32-bit operating systems overcome the 4GB memory limit.

Another MSDN article explains that 32-bit Windows operating systems support PAE. Even though XP and Vista still cling to the 4GB limit with PAE enabled, the feature may help you get back some of your unused RAM.

In one or two rare cases, a developer may take advantage of PAE technology to get around the usual Windows limits. For example, reader Alan Gorski reports that when he increased a computer to 8GB, the program AutoCAD was able to open large drawing files without generating the "out of memory" errors he previously had seen. As Gorski notes, "AutoCAD has long used special memory management techniques since the DOS days to maximize use of available RAM."

There's a good chance your system is already using PAE. That's because Windows relies on the technology to support the security feature known as Data Execution Prevention (DEP). For more information about Windows and DEP, see my Top Story in the May 3, 2007, issue.

If a computer supports hardware-enforced DEP, then PAE is enabled as well. Here's how to check for it in Windows XP:

Microsoft warns in another TechNet article that some drivers will not load if PAE is enabled. After you make this change, keep an eye on your system. If you have problems with drivers or your system starts acting up, remove the /pae switch from boot.ini in XP, or enter the following command line in an administrator command prompt in Vista:

BCDEdit /set PAE ForceDisable

Because of this difference — and the fact that .NET installs can fail, as I discussed last week — I urge you to regularly use a third-party software-update service such as Secunia's free online Software Inspector or the company's standalone program, Personal Software Inspector (obtain PSI from its download page), to check the vulnerability of your PC's software.

PSI scans for outdated and vulnerable versions of Sun's Java, Apple's QuickTime, Adobe's Flash and Acrobat, and other common programs that put your system and data at risk if they're not patched. After scanning 20,000 machines in a recent seven-day period, Secunia reported on Dec. 2 that fewer than 2% of the computers were fully patched.

The Dec. 4 Top Story in Windows Secrets described how to make sure your system has the Microsoft .NET that's needed by various applications, but doing so sometimes requires a brute-force approach.

Note that in her July 24, 2008, Patch Watch column (paid content), Susan Bradley described how to use the OpenDNS forwarding service to improve the security of routers and Web servers.