February 12, 2009

Access more memory, even on a 32-bit system

cialis in usa summary=”Top Story summary” bgcolor=”#ffffff”>

Scott Dunn By Scott Dunn

No matter how much memory you have in your PC, you may not be getting the most out of your installed RAM.

A few little-known system tweaks can improve the way Windows manages memory, freeing up more RAM for your applications.

As described in an entry on the Microsoft Developer Network, all non-server 32-bit versions of Windows XP and Vista impose a memory limit of 4GB. Your system may allow you to install more than this amount of RAM, but with few exceptions, the extra memory won't do Windows or your applications any good.

Moreover, even if you have 4GB of memory installed in your PC, you may not be able to use it all. For example, if your video card comes with 1MB of memory and you have 4GB of RAM, your system actually has 5GB of memory physically installed. But Windows will use only 4GB of that total, regardless.

It gets worse: according to a comment posted to the MSDN article, Windows itself is getting only 3GB because the video card gets 1GB. This happens because the memory aperture — a portion of system memory — is used to work with the video system.

Ways to break through Windows' RAM ceiling

Fortunately, there are techniques you can use to get around Windows' system-memory limitations. One method is to use Physical Address Extension (PAE), a feature of x86 processors that lets 32-bit operating systems overcome the 4GB memory limit.

Another MSDN article explains that 32-bit Windows operating systems support PAE. Even though XP and Vista still cling to the 4GB limit with PAE enabled, the feature may help you get back some of your unused RAM.

In one or two rare cases, a developer may take advantage of PAE technology to get around the usual Windows limits. For example, reader Alan Gorski reports that when he increased a computer to 8GB, the program AutoCAD was able to open large drawing files without generating the "out of memory" errors he previously had seen. As Gorski notes, "AutoCAD has long used special memory management techniques since the DOS days to maximize use of available RAM."

There's a good chance your system is already using PAE. That's because Windows relies on the technology to support the security feature known as Data Execution Prevention (DEP). For more information about Windows and DEP, see my Top Story in the May 3, 2007, issue.

If a computer supports hardware-enforced DEP, then PAE is enabled as well. Here's how to check for it in Windows XP:

  • Step 1. Choose Start, Run.
  • Step 2. Type sysdm.cpl and press Enter.
  • Step 3. Click the Advanced tab. In the Performance box, click Settings and choose the Data Execution Prevention tab.
  • Step 4. Look for a status message at the bottom of the dialog box. If it indicates that your hardware does not support DEP, chances are PAE is not enabled.

To check your system's PAE status in Vista, do the following:

  • Step 1. Press Win+R to open the Run dialog box.
  • Step 2. Type SystemPropertiesDataExecutionPrevention and press Enter.
  • Step 3. If prompted by User Account Control, click Continue.
  • Step 4. If the status message at the bottom of the dialog box says your system supports DEP and the "Turn on" button is selected, then PAE is enabled as well.

If PAE is not already enabled on your system, here's how to activate it in Windows XP:

  • Step 1. Choose Start, Run.
  • Step 2. Type notepad c:\boot.ini and press Enter.
  • Step 3. Under the [operating systems] heading, look for a line that contains the /noexecute switch, which turns software DEP. For example, it may be /noexecute=optin, /noexecute=optout, or /noexecute=always on. Place the cursor directly after that switch and type a space followed by /pae. Save the file and reboot.

If you don't have DEP enabled on Vista (or you don't want it enabled), you can still activate PAE by following these steps:

  • Step 1. Click Start, type cmd.exe and press Ctrl+Shift+Enter.
  • Step 2. If prompted by User Account Control, click Continue. This opens a command prompt window with administrator privileges.
  • Step 3. At the prompt, type BCDEdit /set PAE ForceEnable and press Enter.

You can read more about PAE in this post on Microsoft's TechNet site.

Microsoft warns in another TechNet article that some drivers will not load if PAE is enabled. After you make this change, keep an eye on your system. If you have problems with drivers or your system starts acting up, remove the /pae switch from boot.ini in XP, or enter the following command line in an administrator command prompt in Vista:

BCDEdit /set PAE ForceDisable

For more information on the switches and settings related to PAE, consult this MSDN paper, "Boot Parameters to Configure DEP and PAE."

Permalink • Print • Comment

Does the glitch in .NET patching put you at risk?

Susan Bradley By Susan Bradley

People using Windows XP Service Pack 3 may not be offered all the .NET security patches their applications require.

However, if none of your PC's programs requires a version of .NET Framework, this problem will have no impact on your system.

My Dec. 4 cialis how it works title=”http://windowssecrets.com/links/casamqr63t9zd/a9dbach/?url=www.windowssecrets.com%2F2008%2F12%2F04%2F03-XP-Service-Pack-3-blocks-.NET-security-patches”>Top Story stated that, due to a bug, Windows XP SP3 users aren't being offered security patches for Microsoft's .NET Framework 3.0. I'm publishing this special column today because several of you asked whether your XP SP3 systems are at risk as a result of this glitch.

First I'll give you some background on .NET Framework, and then I'll describe how to tell whether you need to be concerned about the matter.

Microsoft created .NET Framework to provide building blocks for applications. .NET is not a component of Windows itself. I strongly recommend that you avoid downloading .NET until you install an application that requires one, at which time the program will likely install the necessary version for you.

To determine whether you have any versions of .NET Framework installed on an XP PC, open the Add or Remove Programs applet in Control Panel and look for entries reading Microsoft .NET Framework. If you don't see any such entries, you needn't worry about the update failure.

If you do see .NET Framework in the list of currently installed programs, you need to make sure you're receiving all the updates your system requires.

When you open the Microsoft Update service on Windows XP, you'll see buttons labeled Express and Custom on the Welcome screen. Click Custom to see three patching categories under Select by Type in the left pane: High Priority; Software, Optional; and Hardware, Optional.

Microsoft Update's list of optional updates
Figure 1. Clicking the Custom button on Microsoft Update's Welcome screen shows a list of high-priority and optional updates for your PC.

While all three categories can be considered security-related, in reality only the top section lists critical patches. The second section shows optional patches for Windows and your apps; the third lists driver updates.

Always install patches listed in the upper section. You can selectively install patches from the Software, Optional section, but I recommend that you never install driver updates directly from the bottom section. In the past, drivers I've downloaded from Microsoft's update service have caused problems. Instead, go to the vendor's own site and download driver updates from there. And remember: if the device isn't causing any problems, refreshing its driver software may be more trouble than it's worth.

When I tested several XP SP3 systems, the upper section of the update window — which lists critical security patches — looked much the same as it did on XP SP2 machines. However, SP2 and SP3 showed many differences in the middle section listing optional software updates, including those for .NET Framework.

There's a very good reason the updates in the middle section are listed as "optional." Until an application on your system requires .NET Framework to function, don't install any .NET Framework patches.

Microsoft's update service will offer systems running XP SP2 an update to .NET Framework 3.0, but machines using XP SP3 won't see it listed among the optional patches.

Because of this difference — and the fact that .NET installs can fail, as I discussed last week — I urge you to regularly use a third-party software-update service such as Secunia's free online Software Inspector or the company's standalone program, Personal Software Inspector (obtain PSI from its download page), to check the vulnerability of your PC's software.

PSI scans for outdated and vulnerable versions of Sun's Java, Apple's QuickTime, Adobe's Flash and Acrobat, and other common programs that put your system and data at risk if they're not patched. After scanning 20,000 machines in a recent seven-day period, Secunia reported on Dec. 2 that fewer than 2% of the computers were fully patched.

By the way, several readers notified me that they had problems with the Secunia software scanner. I'll investigate these issues and report what I find in a future Patch Watch column.

Here's the bottom line: don't install any .NET Framework patches listed in Microsoft Update's "Software, Optional" section unless you're sure you have the corresponding .NET Framework installed on your system. Any application requiring a specific .NET Framework, such as Intuit's Quickbooks accounting program, will install the necessary version automatically.

Once the Framework is on your machine, install any offered security patches for it, but be prepared for potential installation glitches. Aaron Stebner's .NET Framework cleanup tool (download page) can help you out if a .NET update gets stuck. You may have to uninstall that version of .NET and reinstall it, as described by Alan Crawford in this week's Known Issues column.

Permalink • Print • Comment

A manual approach to reinstalling .NET Framework

Dennis O'Reilly By Dennis O'Reilly

The Dec. 4 Top Story in Windows Secrets described how to make sure your system has the Microsoft .NET that's needed by various applications, but doing so sometimes requires a brute-force approach.

When it's time to reinstall vital Windows components — or the entire operating system — you'd best have a plan in mind.

That's what reader Alan Crawford found out after stumbling through a reinstallation of Windows XP on one of his PCs:

  • "I recently had to reinstall a PC that uses a handful of .NET apps. After installing Windows [XP] from an SP2 image, I used Microsoft Update to reinstall all necessary patches and updates, including the three .NET versions and their various service packs and other patches. Having already encountered problems with .NET patches on other machines, I wasn't surprised when .NET 1.1 SP1 wouldn't install.

    "In the past, I was able to uninstall all .NET versions and then proceed, one at a time, to get them all reinstalled. No such luck this time. After several rounds and many visits to the Microsoft Knowledge Base — even using the .NET cleanup tool — I still could not get this package to install.

    "My last-gasp effort was to try the whole exercise 'manually,' and it worked! Despite the extra time involved — and having to validate the PC on each download — had I started on this tack to begin with, I would have saved hours of frustration (seemed like hours, anyway, even if it wasn't).

    "Here's the procedure I used:

    • Step 1: I had previously downloaded the .NET cleanup tool.

    • Step 2: I removed all traces of existing .NET installations and then ran the .NET cleanup tool.

    • Step 3: I rebooted.

    • Step 4: I manually downloaded .NET 1.1, 1.1 SP1, 1.1 SP1 Hotfix, and 2.0 installers — individually — from the Microsoft download site.

    • Step 5: I installed them in the order downloaded, with reboots as required.

    I picked up at this point with downloads from Microsoft Update — installing the 2.0 Hotfix, then 3.0, then the 3.0 Hotfix in separate runs — and all now seems to be just fine.

    "Thanks, as always, for the best newsletter out there."

Free option for controlling kids' Net access

Becky Waring's Dec. 4 parental-control software review (paid content) led reader Rob de Santos to tell us about a new way to use an old, reliable — and free — Internet security service:

  • "I highly recommend an option usually overlooked by most parents (and unknown to them): control access via your router. If you utilize Open DNS and follow their instructions to change your router's DNS settings, you can then use the easy-to-configure OpenDNS settings pages to block any category of sites you choose, be it … porn, chat, or advertising.

    "This is an excellent supplement to any PC-based software and much harder for any child to override or avoid. It can also be remotely changed if necessary. Best of all, it's free!"

Free is good. Difficult for a clever child to overcome is even better. And I know a lot of Internet users who'd be interested in a free, effective way to block Web ads.

Note that in her July 24, 2008, Patch Watch column (paid content), Susan Bradley described how to use the OpenDNS forwarding service to improve the security of routers and Web servers.

Speaking of Susan, since her lead story about problems patching Microsoft's .NET Framework appeared on cialis herbal alternative color=”#000099″>Dec. 4, she's dug up additional information. Although she usually writes for Windows Secrets' paid content, her follow-up on .NET appears today as a free column.

Permalink • Print • Comment

Microsoft DHCP bugs make Windows lose networking

Scott Spanbauer By Scott Spanbauer

Numerous perplexed Windows users have discovered that attempting to connect their PCs (especially Vista) to their existing networks or Wi-Fi hotspots results in flaky or nonexistent connections.

One reason: a change by Microsoft in Vista's Dynamic Host Control Protocol (DHCP) is causing conflicts with some networking hardware, which can require a Registry edit to fix.

The many reports of Vista networking snafus range from the gravest of symptoms — no Internet connectivity at all — to occasional connection drops:

  • No-Fi when in power-saving mode. Microsoft acknowledged last year that wireless connections on portable computers running Windows Vista would slow down or disconnect completely when battery management kicks in.

    The culprit is that, unlike Windows XP, Vista assumes that all wireless routers correctly implement Wi-Fi's power-save protocol. Unfortunately, many access points don't support this spec. The solution? Plug your laptop into an AC outlet or modify the notebook's power-saving plan, as described in Knowledge Base article 928152.

  • Vista insists on the "broadcast flag." The same skewed reasoning led the wizards of Redmond to another infuriating decision, which Microsoft only belatedly explained. You bring home your new Vista computer, or you upgrade your XP system to Vista, only to discover that the machine won't connect to your local network or the Internet.

    You try everything to fix the problem. You waste hours — days, even — tweaking settings, plugging and unplugging, resetting, rebooting, and rehashing, but to no avail.

    The problem? Windows Vista assumes that your router's DHCP server — the one that hands out dynamic IP addresses to computers and other devices on the network — supports the DHCP broadcast flag. Again, many routers don't support this flag.

    The solution requires a Registry edit to toggle off Vista's broadcast-flag expectations. Refer to the Resolution section of KB article cialis generica color=”#000099″>928233 for step-by-step instructions.

  • Two network adapters spell trouble. Yet another kind of network malfunction afflicts PCs running Vista or Windows Server 2008 that have more than one network adapter installed. The multiple adapters befuddle the Network Location Awareness service in those OSes. This causes the service to disable Internet access to both adapters and label them as Local only.

    KB article 947041 explains the problem but provides no solution. The only cure at this time may be to disable one of the network adapters. Thanks, Microsoft.

How to troubleshoot XP and Vista network woes

Network-connection problems are infuriating. Finding their source requires a step-by-step approach. Before editing your Registry for the umpteenth time or tossing your router into the trash, run through this network-troubleshooting checklist:

  • Temporarily disable your software firewall. It sounds dumb, but often it's your firewall that's blocking your network connection. Even if the firewall has worked flawlessly for months, a small configuration change or automatic update could have caused a problem.

    At least twice this year, Windows XP users of Check Point Software's ZoneAlarm personal firewall have lost their ability to connect to the Internet due to a Windows update. Windows Secrets contribtuing editor Susan Bradley described this problem in her Oct. 16 Patch Watch column (paid content).

    This alone is not a good reason to stop updating, though. It's true that patches can introduce problems with firewalls, but subsequent fixes that remedy the issue will often appear within 24 hours.

  • Check the physical connection. Make sure the router, modem, and other network devices are plugged in and powered on. Are the network cables between PC and router still connected firmly? With a device's power switch off, it doesn't hurt to unplug the component and then plug it back in again to make sure the contact is solid. If weak power-cable connections are ruled out, simply powering the devices off and back on can sometimes be all the resetting your network link needs.

  • Renew your connection. Changes elsewhere on the network can sometimes knock out your connection. To reconnect quickly, click Start, Run in XP (or press the Windows key in Vista), type ipconfig /renew, and press Enter.

  • Update your firmware and drivers. Makers of routers and network adapters may be caught unawares by patches to operating systems (such as the ones in Vista noted above). But the vendors often issue firmware or driver updates that fix the problems. Check the support pages of your router and adapter manufacturers' sites for downloadable updates.

  • Return to default settings. Often, we are our own worst enemies as we poke around the configuration settings of our routers and network connections. You may not remember that you turned on your router's MAC filtering, but doing so could have blocked all of your devices from connecting, just the same.

    In general, it's best to change settings one at a time and observe the results of the change before making any other alterations to your system. If you don't see an obvious way to return your hardware and software to their default settings, you may have to uninstall and reinstall the device or program to regain its original settings.

In all fairness, Vista isn't the only version of Windows that experiences network glitches. XP has its own series of connectivity aggravations, as you can see by a search-engine query of Microsoft's support center.

If your connectivity problems aren't resolved by using the points discussed above, you may be suffering from an even more obscure issue. If so, ruling out the tricky configuration problems I describe here may at least help you isolate the real problem and restore your network link.

Permalink • Print • Comment

The warning signs of a PC infected with malware

Dennis O'Reilly By Dennis O'Reilly

Last week's news alert by Woody Leonhard described the high level of sophistication behind the Sinowal/Mebroot Trojan and described tools that attempt to remove the malware.

Many readers asked for more information on symptoms they should look for if they fear for their machines' security.

Subscriber Leslie Kight asks the following question:

  • "Great article. I'm curious, though: what makes Woody suspect his XP machine is infected by Mebroot? What symptoms did he see to raise that question?"

Here's Woody's reply:

  • "I kept getting weird virus warnings from AVG — viruses would appear, I would remove them, then they would reappear in different locations, or entirely different viruses would show up. AVG reported that the MBR [Master Boot Record] was being changed every time I rebooted, even when I did nothing.

    "I did a deep scan — first with AVG, then with NOD32 — to remove all the reported malware, but the viruses kept reappearing. Antirootkit scans turned up nothing. Then I couldn't connect to F-Secure's Web site, so I pulled the plug.

    "As I said in the article, I have no idea at all if it was Mebroot. But I couldn't find any reports of similar collections of problems and decided to err on the safe side.

    "Periodically reinstalling Windows is something I recommend anyway: once a year is ideal, in my experience. I'm happy to report that I've reinstalled XP Pro (SP3, of course), reactivated [Windows], and brought back the data files; everything appears to be working just fine. The machine's snappier than ever."

Double up to remove a virus from a hard drive

In deference to animal lovers, I will avoid the cat-skinning analogy, but as reader Bob Biegon points out, there's more than one way to return an infected hard drive to a healthy state:

  • "One of the easiest and, by my experience, most effective ways to remove many serious virus-spyware-rootkit infections is to remove the PC's hard drive, put it in another PC (or connect to another PC via a USB-to-IDE/SATA adaptor), and scan the drive with the second PC's anti-malware software.

    "This method ought to work well for the Mebroot virus without compromising the host PC's drive. My favorite products to use in this endeavor are AVG 8 and Sunbelt Software's Vipre."

Since when did mice start hunting cats?

The best analogies have a basis in reality (not the one I mentioned above relating to feline pelts, thank goodness). But another kind of cat reference in Woody's column from last week gave reader John Walsh pause:

  • "I do enjoy Woody Leonard's cialis generic vs brand articles and have been a fan of his for many years. However, in his latest article, Woody notes 'Detecting and preventing Mebroot is a cat-and-mouse game, and the black cats are winning.'

    "In my mind, the cats are actually the good guys trying to help eradicate the vermin (malware) represented by the mice. Therefore, I would suggest it is actually the black mice who are winning and proliferating, much to the consternation of the white cats."

Indeed, the bad guys are scavenging for your data and your money while the good guys hunt them down. However, Woody's use of "black cats" in this sense plays off the term "black hat" to describe a hacker with evil intent.

Mixing puns and analogies is dangerous business, but that's the kind of adventurous, risk-taking writer Woody is. That's only one reason why his readers love him so.

Permalink • Print • Comment
« Previous PageNext Page »
Made with WordPress and an easy to use WordPress theme • Sky Gold skin by Denis de Bernardy