Aleksandar's computer workshop

Let's see what Aleksandar was fixing today.
My findings, tips & tricks related to computers, internet, programming and other stuff I was working with.

How to determine that hardware DEP is available and configured on your computer

To confirm that hardware DEP is working in Windows, use one of the following methods.

You can use the Wmic command-line tool to examine the DEP settings. To determine whether hardware-enforced DEP is available, follow these steps:

 

Click Start, click Run, type cmd in the Open box, and then click OK.

 

At the command prompt, type the following command, and then press ENTER:

wmic OS Get DataExecutionPrevention_Available

If the output is "TRUE," hardware-enforced DEP is available.

To determine the current DEP support policy, follow these steps.

 

Click Start, click Run, type cmd in the Open box, and then click OK.

 

At the command prompt, type the following command, and then press ENTER:

wmic OS Get DataExecutionPrevention_SupportPolicy

The value returned will be 0, 1, 2 or 3. This value corresponds to one of the DEP support policies that are described in the following table.

DataExecutionPrevention_SupportPolicy property value

Policy Level

Description

2

OptIn (default configuration)

Only Windows system components and services have DEP applied

3

OptOut

DEP is enabled for all processes. Administrators can manually create a list of specific applications which do not have DEP applied

1

AlwaysOn

DEP is enabled for all processes

0

AlwaysOff

DEP is not enabled for any processes

Note To verify that Windows is running with hardware DEP enabled, examine the DataExecutionPrevention_Drivers property of the Win32_OperatingSystem class. In some system configurations, hardware DEP may be disabled by using the /nopae or /execute switches in the Boot.ini file. To examine this property, type the following command at a command prompt:

wmic OS Get DataExecutionPrevention_Drivers

Output sample on my PC:

Boot Parameters to Configure DEP and PAE

DEP - Data Execution Prevention
PAE - Physical Address Extension

DEP is a highly effective security feature that should not be disabled unless you have no alternative. The default settings for DEP and PAE are optimal for most systems. Do not change the default settings unless they interfere with essential processing tasks. This section is included to show you how to configure these features, but it should not be interpreted as a recommendation to change the default settings.

DEP and PAE Boot Parameters

On operating systems prior to Windows Vista, DEP and PAE are enabled at boot time and are configured by using the following four boot parameters:

On Windows Vista, DEP and PAE are enabled at boot time and are configured by setting values for the nx and pae parameters using the BCDEdit /set command.

These boot parameters have conflicting effects. To configure DEP and PAE, use only the parameter combinations that are described in the documentation for each parameter and discussed in this topic. Do not experiment with conflicting parameters, especially on a production system.

The Interaction of DEP and PAE Boot Parameters

There are two types of DEP:

  • Hardware-enforced DEP enables DEP for both kernel-mode and user-mode processes. It must be supported by the processor and the operating system.
  • Software-enforced DEP enables DEP only on user-mode processes. It must be supported by the operating system.

DEP is supported by Windows XP with SP2, Windows Server 2003 with SP1, and Windows Vista, and later versions of Windows.

On 32-bit versions of Windows, hardware-enforced DEP requires PAE, which is supported by all Windows operating systems that support DEP. When DEP is enabled on a computer with a processor that supports hardware-enforced DEP, Windows automatically enables PAE and ignores the boot parameter values that disable it.

The parameter combinations for each Windows operating system are summarized in the following section.

DEP and PAE Parameter Combinations

The following list describes the boot parameter combinations that can be used to configure DEP and PAE.

 

Action

Prior to Windows Vista

Windows Vista

To enable DEP

(Select one parameter combination)

When DEP is enabled on computers that support hardware-enforced DEP, these parameter combinations also enable PAE.

/noexecute=alwayson
/noexecute=optin
/noexecute=optout

/set [{ID}] nx AlwaysOn

/set [{ID}] nx OptIn

/set [{ID}] nx OptOut

To enable DEP and PAE on systems with software-enforced DEP

(Select one parameter combination)

On computers that support hardware-enforced DEP, PAE is automatically enabled when you enable DEP.

/noexecute=alwayson /pae
/noexecute=optin /pae
/noexecute=optout /pae

/set [{ID}] nx AlwaysOn

/set [{ID}] pae default



/set [{ID}] nx OptIn

/set [{ID}] pae default



/set [{ID}] nx OptOut

/set [{ID}] pae default

To disable DEP, but enable PAE

/noexecute=alwaysoff /pae

(Windows XP with SP2)

/set [{ID}] nx AlwaysOff

/set [{ID}] pae ForceEnable


To disable DEP, but enable PAE

/noexecute=alwayoff
/noexecute=alwaysoff /pae

(Windows Server 2003 with SP1 only)

(These parameter combinations are equivalent.)

/set [{ID}] nx AlwaysOff

/set [{ID}] pae ForceEnable

To disable both DEP and PAE

/noexecute=alwaysoff
/noexecute=alwaysoff /nopae

(Windows XP with SP2)

(These parameter combinations are equivalent.)

/set [{ID}] nx AlwaysOff

/set [{ID}] pae ForceDisable

To disable both DEP and PAE

/execute

(Windows Server 2003 with SP1 only)

Mail Password Recovery moved to new site

Old Mail Password Recovery page has be moved to new location. Update your bookmarks. I have some plans to update the tool, so keep eyes on it.

Few words about program for people which are not familiar with it.

Mail Password Recovery allows you to recover your email password for any POP3 account, as long as it is stored in an email program on your computer.
You just need to temporarily change the settings in your email program, so that it connects to email password recovery instead, and your password will be revealed.

More information is available here:

http://gsmblog.com/page/Mail-Password-Recovery.aspx