login
Search
On Thursday (August 06, 2009), my colleague called me up saying that an important PC at the client site for having external communications got a problem with the Windows XP mechanism to detect whether a particular Windows XP is an authorized or unauthorized copy (http://www.gnu.org/philosophy/words-to-avoid.html#Piracy). Specifically, althought the Windows XP installed on the PC is an authorized copy, the mechanism insisted that it was not. Since I don't deal with a proprietary system, I have no idea on that kind of matter, and so, my colleague called Microsoft up. On the following day, the computer couldn't be logged in because everytime Windows XP started, the following error message appeared just before the login screen was displayed:
The instruction at "0x0060024D" referenced memory at "0x0060024D". The memory could not be "written". Click on OK to terminate the program. Click on Cancel to debug the program.
Since the staff really needed the PC to be up and running as quickly as possible, I decided to investigate this problem. Of course, the first step is to image the whole partition containing the Windows XP installation by using `dd' run on a GNU/Linux Live CD. This way I don't have to worry to break something. The second step is to start the investigation from the lowest part of the PC: the BIOS settings. Here I found an interesting feature under `Advanced BIOS Features' as follows:
No-Execute Memory Protect
When disabled, forces the NX feature flag to always return 0
Since the error message was related to this feature by the words "instruction" and "could not be written", I switched the BIOS option to `Disabled'. That solved the problem within an hour. The backup process took the longest time, of course.
Googling for the error message by removing all the quotes and the addresses, I found many articles, one of which is: http://www.geekstogo.com/forum/memory-could-not-written-t4911.html that says that DEP may also be the cause of the problem.
To conclude, when encountering a high-level error, it is best to start your investigation from the lowest one: checking your BIOS setting.
Culprit: Virus
I thought this problem was caused by a faulty Windows update. Yesterday when I got another shift to help the IT support department, I discovered another computer encountering the same problem. Since the previous fix worked, I just applied the same fix. But, I got the hunch that the cause of the error message was a virus. Today another PC got the same problem, but this time the fix didn't work. However, the caption of the error message showed an alien program name (hmicb.exe, a system back door program according to http://www.prevx.com/filenames/X3349608311065816566-X1/HMICB.EXE.html). Booting the PC into Windows Safe Mode and firing `msconfig' showed that under tab `Startup', there were several unknown programs loaded during start up. Unchecking all of them fixes the problem. So, the cause of the error message is a virus, and disabling BIOS No-Execute Memory Protect feature is a wrong move.
--
Best regards,
Eus (FSF member #4445)
In this digital era, where computing technology is pervasive, your
freedom depends on the software controlling those computing devices.
Join free software movement today! It is free as in freedom, not as in
free beer!
Join: http://www.fsf.org/jf?referrer=4445
I had been perusing the sexsearch
As previously noted, I've been playing with XtraDB a bit at work. Over a week ago I decided to test compression on one of our larger tables and it took a bit longer than I expected. (root@db_server) [db_name]> ALTER TABLE table_name \ ROW_FORMAT=COMPRESSED KEY_BLOCK_SIZE=4; Query OK, 825994826 rows affected (8 days 14 hours 23 min 47.08 sec) Records: 825994826 Duplicates: 0 Warnings: 0 Zoiks! It's too bad we couldn't use all the cores on the machine for the ALTER TABLE,...
http://www.patel.net