Solved

Physical ram drops to less than 8mb within minutes of starting system, Virtual ram remains constant at 208mb

Posted on 2003-10-31
16
874 Views
Last Modified: 2013-12-28
I have a client's system that within minutes of starting up and without opening any applications the physical ram drops from around 50MB free to just under 8mb. The system is an Athlon 1.113 CPU, Giga-byte GA-7VXTE Motherboard with 128 MB RAM, running Windows 98. Normal Windows startup items, plus Norton Anti-virus corporate edition client, InCD, Wireless MS Mouse & Keyboard. Video Drivers are ATI Catalyst,  the latest version. Graphics chipset is Radeon VE (7000).

I have done the following: Upgraded Bios to current version, changed processor to Athlon XP 220+. applied all current updates to Windows 98. Applied Via drivers 4.48, Updated the Virus definitions, scanned for virus's, scandisk, defragged and applied updates to Office XP, SP1 & SP2. The client did have the W32.Galil virus, but i have removed it using Norton and have scanned with both Nortons online scanner & Mcaffe's online scanner, but
no virus's were found.

I Still the same problem, I increased the ram to 384 MB and now it drops down to about 25% of that. I am using a free memory program called freemem to free up the ram every now and then.

Has anyone got any ideas, I am fresh out, I have never seen this large a drop in physical ram 15 years of PC tech work.
0
Comment
Question by:Boycer
  • 6
  • 5
  • 5
16 Comments
 
LVL 44

Assisted Solution

by:CrazyOne
CrazyOne earned 250 total points
Comment Utility
Check for adware and sypware

spybot here
http://spybot.safer-networking.de/
Download
http://spybot.safer-networking.de/index.php?lang=en&page=download

AdAware
http://www.lavasoftusa.com/

Spycop:
http://www.spycop.com/

BHODemon and Hijack This and Browser Hijack Blaster
http://www.spywareinfo.com/downloads.php?cat=sp#det
BHODemon | Think of BHODemon as a guardian for your Internet browser: it protects you from unknown Browser Helper Objects (BHOs), by letting you enable/disable them individually. This program is my choice for BHO detection and is highly recommended.

Browser Hijack Blaster | Running silently in the background, Browser Hijack Blaster only springs into action when an attempt is made. It watches and protects the following items: IE Homepage, IE Default Page, IE Search Page, BHOs. Whenver one of the above items is changed, or a BHO is added, you are immediately provided with information on the item, along with the option to keep the change, or revert to your previous settings.

Hijack This | Written by a member of our support forums and based on our Hijacked! article, this program scans the locations in your computer system that may be modified by browser hijackers and fixes any problems found. An easy-to-understand tutorial is available at TomCoyote.org.

General and overall information about Spy/Adware
http://www.cexx.org/adware.htm
0
 
LVL 44

Accepted Solution

by:
CrazyOne earned 250 total points
Comment Utility
Test the RAM

If you can swap out the RAM with known good modules for testing first if you can't do that then test the machine with one RAM module at a time until you tested every module. Other wise run the the following RAM testers.
--------------------------------------------

NOTE IF THIS DOESN'T FIND ANYTHING WRONG WITH THE RAM THIS DOESN'T MEAN THE RAM IS GOOD you would need to swap out the RAM with known good modules for testing. However if it does find something wrong then chances are the RAM is bad.

DocMemory PC RAM
Diagnostic Software
http://www.simmtester.com/PAGE/products/doc/docinfo.asp

or

http://www.memtest86.com/

or

GoldMemory
http://www.goldmemory.cz/
0
 
LVL 44

Assisted Solution

by:CrazyOne
CrazyOne earned 250 total points
Comment Utility
Now this free utility doesn't give you memory usuage but it does give you CPU usage and that might help you find something.

Note when you open the program go to the menu View and make sure there is a check mark next to View DLL's if there isn't then click on it.

Process Explorer
http://www.sysinternals.com/ntw2k/freeware/procexp.shtml
0
 
LVL 38

Assisted Solution

by:Insignificant Volunteer
Insignificant Volunteer earned 250 total points
Comment Utility
Sounds to me like an excessive number of startup programs and too many processes running in the background including, but not limited to, some of the following:

LoadQM.exe - (MS Messenger indexer type thing that's never been properly accounted for)
(HKLM\Software\Microsoft\Windows\CurrentVersion\Run)

Office FindFast Indexer
Run Add/Remove Progs > Office > Remove Momponents > uncheck Find Fast)

MS Messenger
(HKLM or CU\Software\Microsoft\Windows\CurrentVersion\Run)

AntiVirus application in "Autoprotect" mode
(HKLM\Software\Microsoft\Windows\CurrentVersion\RunServices)

A Trojan that may not be detected by AntiVirus program.

Browser Helper Objects.

----------------------------------------------
Download, install and run the freeware personal version of "Adaware" from Lavasoft.  It will identify any rogue Advertising Software or components on your system and allow you to get rid of them.

http://www.lavasoft.de/software/adaware/

Download, unzip, and run (no need to install) the freeware "BHO Demon".  Browser Helper Objects (or BHO's) are small programs that run automatically when you start your Internet Browser, come in many forms including the legitimate Adobe Acrobat Reader, and Norton AntiVirus, but also can be malicious or just a plain nuisance.  This program allows you to enable or disable them.  Take for example Go!Zilla, the downloading utility, which installs a BHO created by Radiate (formerly Aureate Media).  This BHO tracks which advertisements you see as you surf the Web, which may not bother you too much, but it is using up resources.

That said, there is no restriction on what a BHO can do your system.  It can do anything any other program can do ie. read or write (or delete) anything on your system.  Usually, software is installed on your system explicitly by you, but BHO's have a history of being installed without the users knowledge.

With BHO Demon, BHO's are disabled by simply renaming the DLL that houses them.  By renaming the DLL, instead of deleting it, you have the option of enabling it later if you wish.

Info:
http://www.definitivesolutions.com/bhodemon.htm

Download (v. 1.0.0.3 25 June 2002)
http://www.definitivesolutions.com/files/bhodmon1.zip
or
http://www.spywareinfo.com/downloads/bhod/bhodmn.zip

It would be helpful if we could inspect what processes are running on your system when this occurs.

1. Start > Run > and type MSINFO32
2. In the left pane, find "Software Environment"
3. For each of the following sections, click on it and then use the menu as follows:
  Edit > Select All > Edit Copy
4. Paste each into NotePad and save by the name of the section in MSINFO32
5. Copy and paste the details here if they are brief enough

Software Environment\
                                  Running Tasks
                                  Startup Programs
                                  System Hooks

Your list of startup programs will indicate what you need and don't need to run automatically when Windows boots.  You could disable them using "Start > Run"  > and typing MSCONFIG.  The checkboxes are in the "startup" tab, and the only one you usually require is the System Tray.  You could restore them again one at a time again, rebooting between, and test until you find the culprit.

A helpful page to assist you in identifying Startup items is:
http://www.answersthatwork.com/Tasklist_pages/tasklist.htm

Another useful program for finding things that take over your system is "HiJack This" from:

http://www.spywareinfo.com/downloads.php#det
http://www.spywareinfo.com/~merijn/files/hijackthis.zip

It will run from any folder without needing installation.  Just unzip it, launch Hijack This.  To create a "startup list" press "Config" > "Miscellaneous Tools", and press "Generate Startuplist Log"

This will generate a text file that will list all running processes, all applications that are loaded automatically when you start Windows, and more.  Maybe this would be better to post here.

0
 
LVL 38

Expert Comment

by:Insignificant Volunteer
Comment Utility
That was quick, CrazyOne :-)
0
 
LVL 4

Author Comment

by:Boycer
Comment Utility
Thanks Crazyone for responding.

I have not scanned for spyware on this particular machine, normally I would use spybot but this is a business machine and I have not noticed any of the usual spyware. Lately, this has become a daily support issue for me with my non-business clients. I will however try this anyway, it can't hurt.

I have swapped out the ram for known good ones, ones out of one of my own systems. I also am a computer dealer/consultant and have access to parts to swap in & out.

I haven't checked CPU Usage, just resource usage. I will try this as well. I will post the results to-morrow getting late now, tired.

Thanks
0
 
LVL 44

Expert Comment

by:CrazyOne
Comment Utility
>>>That was quick, CrazyOne :-)

:)
0
 
LVL 44

Expert Comment

by:CrazyOne
Comment Utility
>>>I haven't checked CPU Usage,

It may give a clue to which proccesses that may be the culprit.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 38

Assisted Solution

by:Insignificant Volunteer
Insignificant Volunteer earned 250 total points
Comment Utility
Another thing, System Properties > Performance tab > Virtual Memory.  Has this been set to a limit?

Here's an interesting article, note in particular the "netstat" commands:

Checking for the existence of IRC Zombie/Bots

from Steve Gibson (grc.com)
http://grc.com/dos/grcdos.htm

Fortunately, it's quite easy to verify that your system is not
currently infected by one of these IRC Zombie/Bots.

All of the IRC Zombie/Bots open and maintain static connections
to remote IRC chat servers whenever the host PC is connected to
the Internet. Although it is possible for an IRC chat server to
be configured to run on a port other than "6667", every instance
I have seen has used the IRC default port of "6667".

Consequently, an active connection to an IRC server can be
detected with the following command:

      netstat -an | find ":6667"

Open an MS-DOS Prompt window and type the command line above, then
press the "Enter" key. If a line resembling the one shown below is
NOT displayed, your computer does not have an open connection to an
IRC server running on the standard IRC port.

If, however, you see something like this:

      TCP 192.168.1.101:1026 70.13.215.89:6667 ESTABLISHED

then the only question remaining is how quickly you can disconnect
your PC from the Internet!

A second and equally useful test can also be performed.
Since IRC servers generally require the presence of an "Ident" server
on the client machine, IRC clients almost always include a local
"Ident server" to keep the remote IRC server happy.
Every one of the Zombie/Bots I have examined does this. Therefore,
the detection of an Ident server running in your machine would be
another good cause for alarm.

To quickly check for an Ident server, type the following command at
an MS-DOS Prompt:

      netstat -an | find ":113 "

(Note the "space" after the 113 and before the closing doublequote).

As before, a blank line indicates that there is no Ident server
running on the default Ident port of "113".

If, however, you see something like this:

      TCP 0.0.0.0:113 0.0.0.0:0 LISTENING

then it's probably time to pull the plug on your cable-modem!

Note that a Windows IRC client program running in the PC will generate
falsepositive reports since these are tests for IRC client programs.
So be sure to completely exit from any known IRC client programs
BEFORE performing the tests above.

C:\WINDOWS>netstat /?

Displays protocol statistics and current TCP/IP network connections.

NETSTAT [-a] [-e] [-n] [-s] [-p proto] [-r] [interval]

  -a            Displays all connections and listening ports.
  -e            Displays Ethernet statistics. This may be combined with the -s
                option.
  -n            Displays addresses and port numbers in numerical form.
  -p proto      Shows connections for the protocol specified by proto; proto
                may be TCP or UDP.  If used with the -s option to display
                per-protocol statistics, proto may be TCP, UDP, or IP.
  -r            Displays the routing table.
  -s            Displays per-protocol statistics.  By default, statistics are
                shown for TCP, UDP and IP; the -p option may be used to specify
                a subset of the default.
  interval      Redisplays selected statistics, pausing interval seconds
                between each display.  Press CTRL+C to stop redisplaying
                statistics.  If omitted, netstat will print the current
                configuration information once.

ZoneAlarm v2.6 (Free)

The last of my testing was to see whether the firewall I keep telling
everyone to use:

ZoneAlarm either FREE or Pro would be effective in stopping the IRC
Zombie/Bot and the Sub7 Servers that had taken up residence in my poor
"Sitting Duck" laptop.

I downloaded the current, completely free, version of ZoneAlarm 2.6
from the ZoneLabs web site and installed it on the "Sitting Duck" laptop.
Upon restarting the machine I was gratified to receive immediate notification
that the Zombie/Bot was attempting to make an outbound connection to its IRC
chat server.

Meanwhile, the Sub7 Trojan was sitting quietly waiting for someone to connect
to it. So I used another machine to "Telnet" to the port the Sub7Server Trojan
was listening on. Up popped ZoneAlarm asking whether the nonsense-looking
random character name the Sub7Server had chosen for itself should be allowed
to accept a connection from the Internet.

Perfect performance from ZoneAlarm.
0
 
LVL 4

Author Comment

by:Boycer
Comment Utility
I forgot one other thing I did, ran msconfig and unchecked all startup items, rebooted and re-selected each one at a time and rebooted each time to see if I could eliminate or find the problem that way.

No luck.

The closest solution I have found is that with just plain vga driver loaded, and 128 MB of ram installed the physical ram stayed around 45 - 50MB.

The video card was made by giga-byte, powered by ATI. I have tried both Giga-byte drivers and reference drivers from ATI.

I might end up swapping out the video card.

Just ran spybot with latest detection rules, found 27 components, all were tracking cookies.
0
 
LVL 4

Author Comment

by:Boycer
Comment Utility


Logfile of HijackThis v1.97.3
Scan saved at 12:16:47 AM, on 11/1/03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\RTVSCN95.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\DEFWATCH.EXE
C:\WINDOWS\SYSTEM\ATI2EVXX.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\NORTON ANTIVIRUS\VPTRAY.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\KEYBOARD\TYPE32.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MICROSOFT HARDWARE\MOUSE\POINT32.EXE
C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI CONTROL PANEL\ATIPTAXX.EXE
C:\WINDOWS\RunDLL.exe
C:\PVSW\BIN\BTRBOX95.EXE
C:\PROGRAM FILES\ANALOGX\MAXMEM\MAXMEM.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\BB\HIJACKTHIS\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid={SUB_CLSID}&pver={SUB_PVER}&ar=home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CriticalUpdate] C:\WINDOWS\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\NORTON~1\vptray.exe
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [IntelliType] "C:\Program Files\Microsoft Hardware\Keyboard\type32.exe"
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [POINTER] point32.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [rtvscn95] C:\PROGRA~1\NORTON~1\rtvscn95.exe
O4 - HKLM\..\RunServices: [defwatch] C:\PROGRA~1\NORTON~1\defwatch.exe
O4 - HKLM\..\RunServices: [ATIPOLL] ati2evxx.exe
O4 - HKLM\..\RunServices: [ATISmart] C:\WINDOWS\SYSTEM\ati2s9ag.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: Btrbox95.lnk = C:\PVSW\Bin\BTRBOX95.EXE
O4 - Startup: Outlook Backup Batch File.pif = C:\OUTLOOK.BAT
O4 - Startup: MaxMem.lnk = C:\Program Files\AnalogX\MaxMem\maxmem.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37599.5166203704
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4301/mcfscan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 207.236.176.9,198.235.216.111

I am running behind a hardware firewall with a static Private IP address.

I like the ideas though, keep them coming.

Boycer
0
 
LVL 44

Expert Comment

by:CrazyOne
Comment Utility
Hmmm I like your idea of the video. Does it use System RAM or VRAM?
0
 
LVL 4

Author Comment

by:Boycer
Comment Utility
32 MB VRAM

I have tested the video ram using PC-Check and everything passed. Also ran motherboard, processor and ram tests - burn in tests.

I think I will try swapping out the video card in the morning. I am sitting here right now and the ram has dropped to 127MB free and I have only IE open and windows explorer open.

I justed did an aggressive free up of memory and am back at 269MB free now.

getting late time for sleep :-)

I will let you know regarding the video card. just a note though, this is one of two identical systems. Same motherboard, same video card, same processor, same OS etc..

I will re-post results in the morning.

Thanks to CrazyOne and BillDL for the feedback.

Boycer
0
 
LVL 38

Expert Comment

by:Insignificant Volunteer
Comment Utility
Thanks for the list.  The only thing I can see that would have any consequence is the Norton AntiVirus Definition Update monitoring file DEFWATCH.EXE, but that certainly wouldn't be chewing up resources to any noticeable extent.

Incidentally, while I was checking Symantec's site for possible conflicts with this file, I found the following extremely annoying script on their page:

http://service1.symantec.com/SUPPORT/ent-security.nsf/pfdocs/2000051209340948?OpenDocument&ExpandSection=4

Place in "Head" tag.

<script language="JavaScript" type="text/javascript">
<!--
<!--
function printPage() {

var da = (document.all) ? 1 : 0;
var pr = (window.print) ? 1 : 0;
var mac = (navigator.userAgent.indexOf("Mac") != -1);

 if (pr) { window.print(); }  // NS4, IE5
 else if (da && !mac) {vbPrintPage();}  // IE4 (Windows)
 else {  } // other browsers

 
if (da && !pr && !mac) with (document) {
  writeln('<OBJECT ID="WB" WIDTH="0" HEIGHT="0" CLASSID="clsid:8856F961-340A-11D0-A96B-00C04FD705A2"></OBJECT>');
  writeln('<' + 'SCRIPT LANGUAGE="VBScript">');
  writeln('Sub window_onunload');
  writeln('  On Error Resume Next');
  writeln('  Set WB = nothing');
  writeln('End Sub');
  writeln('Sub vbPrintPage');
  writeln('  OLECMDID_PRINT = 6');
  writeln('  OLECMDEXECOPT_DONTPROMPTUSER = 2');
  writeln('  OLECMDEXECOPT_PROMPTUSER = 1');
  writeln('  On Error Resume Next');
  writeln('  WB.ExecWB OLECMDID_PRINT, OLECMDEXECOPT_DONTPROMPTUSER');
  writeln('End Sub');
  writeln('<' + '/SCRIPT>');
}

}
//-->
// -->
</script>

The damned page fires up your printer without prompting you.  The swines, that's verging on malicious intrusion !!
0
 
LVL 4

Author Comment

by:Boycer
Comment Utility
I agree,  it is presumptious of them to assume we would want to print the page without prompting us. Talk about
taking control of a situation eh!

Oh by the way I am canadian eh!

I think I narrowed the problem down to either faulty video ram or buggy drivers, or a combination of both. I suspect the ram, myself, as I have heard nothing but fairly good things regarding ATI Catalyst Ref Drivers. Also,
I tried Giga-bytes ATI Drivers and V-tuner program with the same results.

I swapped out the Radeon Ve card for an old ATI Rage IIC AGP card, loaded the drivers and was able to run
Microsoft Word, Excel, Windows Explorer, Internet Explorer and play a Daredevil DVD using PowerDVD and still had almost 200MB of physical ram free and it did not drop below this.

So, I'am going to run with that as the solution.
0
 
LVL 38

Expert Comment

by:Insignificant Volunteer
Comment Utility
Thank you, Boycer
0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

Several part series to implement Internet Explorer 11 Enterprise Mode
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
As developers, we are not limited to the functions provided by the VBA language. In addition, we can call the functions that are part of the Windows operating system. These functions are part of the Windows API (Application Programming Interface). U…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now