herbalist

Instead of emptying the autoexec.bat, make it work for you. I added 2 lines that call other batch files. The first deletes the contents of several temp folders and index.dat files. It does add a few seconds to the bootup time but makes up for it by keeping the temp files, browser cache. etc. cleaned up, which helps performance during usage. The 2nd replaces the registry, several core system files, and the user startup folders with clean copies. This one adds over a minute to the bootup on my box (replacing a lot of files) but solves and helps prevent several other problems, including: Eliminates registry stored MRUs and the bloat they cause. Prevents malware from adding autostart entries. Keeps registry from becoming fragmented. Prevents changes in user startup folders. Protects your core system files from unwanted modification. Protects against unauthorized users changing settings. The only performance cost is in boot time. Once Windows is running, it helps keep your system at peak performance, which is the performance that counts. It also helps protect against malware without the need of extra running processes. IMO, it's well worth a little extra boot time. Rick

It really depends on what and/or how much is infecting the system. At times, using an online AV or installing a free AV will do the job. Sometimes the AV will identify the malware but can't remove it. Knowing what exactly it is that you're trying to remove is half the battle. After that, it's looking up the removal procedure and downloading any specialized tools that may be needed. Many of the AV vendors and malware removal sites make the tools and removal procedures freely available. Sysinfo is another site with very useful info, including a large list of startup entries, much of it for malware. With some malware, removal is as simple as killing the process and deleting the file and its autostart entry. At other times, you can have a major fight on your hands, like a CWS infection. Some malware is very good at defending itself, to the point of attacking the removal tools. Windows has several tools built in that can make the job much easier. Windows files that are missing or corrupted can be replaced with new copies from the cabinet files. The System File Checker can fix many such problems. So can the system restore. There's a few sites with a big selection of DLLs, drivers, etc to download if the one you need isn't in the cabinet files. The tools at Sysinternals are lifesavers when dealing with system problems. There's so many utilities, tools and resources available for repairing, troubleshooting, and malware removal, I couldn't begin to list them, but this one is very useful and links to much more. Rick

The problem with this method would be the things that don't get saved. Files in My Documents or My Pictures are easy enough, but what about things that may be saved elsewhere or under an unexpected name? Their address book? Their passwords? A password program? Their settings (color, cursor, sound, etc)? Purchased or ISP supplied software? Records stored by financial software? Printer drivers? Internet settings? Unless you're very thorough and know what to look for, a lot of hard to replace data could be lost. I'd rather not take that chance. So far, I've had to reformat a clients PC only once. Initially, they named just a couple of things they needed saved. The more I questioned them, the more things they remembered that I couldn't have replaced. When you need to go this route, question the customer extensively and name specific items they might not think of. In addition to saving their data and reinstalling an OS, there's all the patches and updates that have to be installed, both Microsofts and ones from the vendor. If it's an older system, there's a lot of updating. IMO, it's more work and more time consuming to reformat than it is to clean the PC. Besides, it's good for business when the customer sees that preserving his data is important to you. On those rare occasions that I have to wipe a drive, D-ban is my tool of choice. Rick

I'm not a PC technician per se, but I've been servicing PCs out of my home for several years. I can't say for certain if the problems I'm brought are typical of what others get or not, but the majority of my first time clients bring me badly infected PCs. The most common complaints are crashing, constant popups, and generally slow or unresponsive PCs. The most common infections are adware/malware and trojans. I'd estimate that this is 75% of my business or more. The typical PC I see has an outdated AV and has been infected for some time. More than half the time, the owner doesn't have or can't find the restore CDs that came with the PC. It's a family PC in a home where the kids have installed some P2P app, often Kazaa and all the garbage that comes with it. Porn software turns up on many of them. About half the time, the parents have no idea what's been installed. When that situation arises, your people skills will matter more than your technical skills, especially when the "who installed it?" question gets asked. I've found that the kids will clear the browsers history and sometimes the cookies to hide the evidence, but they almost never think of the index.dat files or internet explorer's hidden folders. The typical user or client doesn't realize that they (or someone else in their house) is usually the cause of the problem. It's amazing how many still think spyware only exists in the movies. About 3 years ago, I was asked to look at a PC with a bad popup problem. I expected the usual adware, which was present. In addition, I found a keylogger that had just been installed that day. This person had just started doing their banking online. The bank used a single password login back then. To make the story short, we contacted the bank at the same time the owner of the keylogger was accessing their account. The typical user is not going to realize that installing a certain music sharing program, a toolbar, or some animated cursor is where the problem started. Most have the attitude that these things won't happen to them because they have nothing on their PC that someone else would want. They also don't understand that their PC is valuable to a botnet herder or their address book is valuable to a spammer, not to mention identity theft. "Common sense" is about 5 years behind reality when it comes to PCs. Classroom studies and courses are good for understanding the PCs themselves and the operating systems, but they're rarely up to date with the threats and malware presently circulating or the newer security-ware. Malware removal and prevention is a big part of PC servicing, especially if your clients are typical home users. I'd suggest spending some time at a forum that specializes in malware removal or taking one of the malware removal classes available at different forums, then consider volunteering there for a while. It'll help you to become proficient with the tools, using them against modern malware on real systems. You'll get to know the enemy that will be responsible for a lot of your business and be better able to deal with it without resorting to reformatting and losing the customers data. In the process, you'll get to know the newest security-ware. Many of the new security apps like sandboxes, HIPS, etc. are very effective, but not in the hands of the average user. You'll be better able equip them with more effective security packages than the average big-name security suite and do it for much less than the suite would cost. In addition to having more satisfied customers, the next time you see that PC, it will be much easier to deal with. This may sound overly simplified, but modern malware can be very difficult to deal with. I've always tried to make reformatting a last resort so that the customer or myself doesn't have to install everything over again and their data is preserved. Windows comes with many useful tools already installed. Most everything else you'd need is available online, usually for little or no cost. Sysinternals was already mentioned. For serious malware removal, Hijack This is invaluable. There's also specialized tools for specific infections. If you're going to work for a company on their own PCs, a knowledge of basic networking and system policy configuration will also be needed. A smaller percentage of your work will be harware related. Unless you're upgrading a lot of PCs for a business, it'll be a small percentage in comparison. Viruses, trojans, adware, and malware, most of it a direct result of the users decisions, will be responsible for the majority of the PCs you service, at least that's how it's been for me. Rick

I wasn't referring to using a scheduler for the task. Just thought that the window watcher feature and its method of recognizing windows/applications might give you some ideas. Definitely not the scheduling part of it, though that might be a useful parental control addition. As far as defeating it, it's quite easy to defeat the free version if the user figures it out that it's the scheduler that's doing it. I believe the pro version uses a password. I installed it on a friends PC not that long ago. It was comical watching her daughter trying to find the parental control software. A scheduler never occurred to her. The "general consensus" is that 98 is obsolete and should be replaced. I don't accept that and I doubt most of the regulars here do either. Win98 isn't a lot of things. Isn't that what the unofficial service packs, kernel EX and a few other projects are about, making it better than it was, making it able to do things it couldn't before, etc? Why not add better control over the user profiles as well? It can be done. SSM proves that quite conclusively. If a full blown HIPS can be made that works on 98, something less complicated and more user friendly for controlling user access is just as achievable and would be much more valuable to most users. Isn't that reason enough to try? Instead of looking at what 98 is or isn't, why don't we look towards what it could be? Rick

It's not a waste of time. Control over users access to applications and the file system is an improvement that's badly needed in 98. So far SSM is the only app I've found that can do both effectively, but it's beyond what the average user would want to learn. There's definitely a need for something that's more user friendly that works. Protect It is user friendly enough from what I've seen of it, but ineffective against anyone but a novice. There is another app you might want to look at for ideas about controlling user access to specific files, folders etc. It's not a parental or user control app as such but will function like one to an extent. It's Splinterware's system scheduler, specifically the window watcher. I've set it up on a couple of clients PCs to kick the kids offline after a certain time by having it watch for * - Microsoft Internet Explorer (works with wildcards). I've found it effective with folder names, webpage names containing specific terms, document titles, the control panel, and others. It won't check at intervals of less than a minute, but having the browser slammed closed each minute is enough to get the point across to most kids. A possible source of ideas if you're interested. If nothing else, it's an excellent scheduler that beats 98s scheduler on all points. Rick

I finally finished fixing that WinME box, now a 98SE unit and got the loaner box back. It was a 95 box converted to 98SE, a real patience tester with a 166mhz processor. Fortunately it works better with Sea Monkey. Am using it now. Protect It! does function once I replaced the autostart entry in registry, but it's not particularly effective. I added 2 extra user profiles with different permissions set for each. The default profile has access to everything while the others are limited. On this particular user profile, I disallowed access to SeaMonkey. Protect It did block my access to Sea Monkey but allowed it when I renamed the executable to something else that's allowed. I renamed Sea Monkey to Iexplore.exe and am using it now. I also set the "prevent opening anything not on the desktop or start menu" option for this user. It works by removing the icons and tabs the user would normally use. When I click on My Computer, no drives are visible, but the user can still access the entire file system via any available folder, or the properties-find target. Protect It did keep me out of a few control panel applets, but most were accessible via the system folder. The internet ratings only work on Internet Explorer. Except for the password option, Protect It isn't much different than poledit on the 98CD. It has the same problems and is only effective enough to keep a novice honest. Easily defeated. I haven't tried changing passwords or uninstalling. I'd have to make an image first as I don't have the installer to replace it. It's not listed in Add/Remove programs and I haven't spotted an uninstaller for it yet. It definitely made a mess out of the start menu. Everything in programs is in one column, no folders. IMO, Protect It is too buggy and ineffective to try to improve. The first thing it would need added is integrity checking so it doesn't just use the executables name. It needs a more effective method of denying access than hiding icons and tabs. It would be easier to start over. Rick

What you're describing sounds like a more powerful system policy editor. That would be very useful. I have an old PC, a Gateway I believe that was a 95 box but has been upgraded to 98SE before I got it. I did see Protect It in the control panel but didn't have a chance to try it. It's presently loaned out to a friend while I try to get their tempramental WinME box to work decently. As soon as I get it back, I'll let you know how or if Protect It works on 98SE. Many of the features you're describing, controlling what individual users can run and access, are also part of System Safety Monitor, free version. Separate application rules can be set up for each user profile, allowing very detailed control over what processes each user can run and what other processes each of these is allowed to launch. One of SSMs modules is a windows filter. The module reads the captions in the title bars and checks them against a user defined list. If they match, SSM closes the window. It works with partial matches. I've tested it with partial names such as "sex" or "cracks" from websites, document names, specific applet names, the control panel, internet explorer, etc, checking its effectiveness as a parental control. It's quite effective. I realize that HIPS software like SSM isn't something many would want to use, but it might be worth checking just to get some more ideas. AFAIK, SSM is the only program of its kind that will run on Win98. Rick

I missed that in the title. That's more RAM than I was expecting it to have. Having 160MB will definitely expand the list of what you can run. Available RAM matters much more than processor speed. I have several apps that supposedly want a minimum processor speed of 500 or 550mhz and run fine on 366mhz. Proxomitron also gives the user the ability to change the user agent, referrer settings, limit connection times, and much more. The more a user dives in, the more they can do with it. For someone who likes working with rule based apps, Proxomitron is a tweakers dream. It also has the advantage of working with all browsers, not just FF and Sea Monkey. It's good protection for IE users. I didn't know if AVG still supported 98 or not, or how much longer that support will last. Haven't used them in a long time. Never really cared for it. I stopped running a resident AV shortly after testing SSM and deciding it was more than sufficient as a primary defense. About the only time I use an AV is when I scan new incoming files. VirusTotal works as well as any installed AV for this. Either way, that's up to the individual user to decide what works for them. Rick

Your OS choices with a 233mhz are definitely limited. You never mentioned how much RAM this laptop has. It will run a basic 98 box but don't expect to run anything particularly heavy on it. For standard internet usage, it will work. Check the vendors site for new drivers and software/firmware updates. With such a low power system, your software choices are critical. The priority is efficient code and use of resources. Avoid using Microsoft products like Internet Explorer or WMP. Avoid Adobe Acrobat and combined security suites like Norton. Stay with single purpose programs, especially those related to security and privacy. Most AVs will be too heavy for that unit. Foxit PDF reader replaces Adobe quite well. For music, an old version of WinAmp is a good choice. I use 2.81. SeaMonkey is a lifesaver, especially with the available extensions. The combination of Kerio 2.1.5, SSM free, and Proxomitron makes a formidable security package that uses far less resources than most AVs. I stopped using a resident AV 2 years ago and have never missed it. Properly configured, Kerio and Proxomitron will speed up the internet for you by blocking bandwidth wasting content. Eraser is worth getting just for its erasing scheduler. Keeps the buildup of temp files from happening, which always helps. Use version 5.7, not the latest one with a 98 box. As long as you don't expect to multi-task, that laptop should get you by. Rick

I run 98 and 98SE on an old HP Pavilion with a 366mhz Celeron. 98 first edition does run slightly faster, but the difference isn't that much. With a little work, 98 can be more than functional enough for everyday usage. Regarding the disk space you can have a reasonably well equipped system on about 700mb. If you don't include all the cab files from the 98CD, you can get it down to 600mb or less. Regarding the browser, SeaMonkey is very good on both 98 and 98SE. It takes a bit longer than Internet Explorer to launch but it's much faster on the net, not to mention more stable and far less vulnerable. When I ran IE6, my resources would slowly drop until it forced me to reboot, or crash. With SeaMonkey, I can browse all day with no problems. Internet Explorer can be removed with IEradicator. It has worked quite well on the few 98 boxes I've used it on. Be aware that other software often uses Internet Explorer components and may fail to work without it. If that happens, you can always reinstall it. Regarding 98 vulnerabilities, much of todays malware doesn't affect 98, including most everything that uses rootkits. More often than not, vulnerabilities that affect 98 systems will be for specific applications, not for the OS itself. This can become a problem as more software vendors drop support for 98. Various 3rd parties release unofficial patches and updates. The big difference is that you have to look for them, decide what you need, and apply the fixes yourself. Fortunately, there isn't nearly as many as there is for an XP box, so patching won't be a weekly chore. 98 can be well secured with a default-deny security policy and a few freeware apps. If you're not one who installs new software regularly, which is difficult on a 98 box anyway with so many not supporting it, default-deny is a very effective strategy. I use a combination of the policy editor, System Safety Monitor free version, and Kerio 2.1.5 firewall to enforce a default-deny policy. To effectively set up such a policy, you do have to know your system, what processes are part of it, what's necessary and what isn't. It takes a little time and some study, but the results can be nearly bulletproof. Rick

Uploaded here. http://rapidshare.com/files/60815839/sesp30a2-en.exe

RetroOS, I'm using version 4.10.2222, extracted from driver14.cab. I haven't installed 98SE2ME, only the 98SE 3.0 alpha 1 and 2 service packs. Most likely, there's major differences between your system and mine. Earlier in its building, I used IEradicator to strip out Internet Explorer. Had to install IE6 in order to get VirtualPC to work at all. I need to go back to an earlier setup and check things more closely too. I'm finding things broken as well and I don't know exactly when they broke. My CD burning software (BurnAtOnce) doesn't recognize any of the CD drives. Rick

I recently installed Virtual PC 5.1 on my 98SE testbox. Last night I was building a 98FE guest system. When it finished installing drivers and restarted in normal mode for the first time, my host system, 98SE, suffered a BSOD with the following: 0028:C1849D04 in VXD PPPMAC(04) 0000C874 PPPMAC.VXD is version 4.10.2223, installed by the unofficial service pack sesp30a1-en. The present alpha 2 version uses the same file. Version 4.10.2223 of PPPMAC.VXD appears to the break shared networking on Virtual PC 5.1. When I replaced PPPMAC.VXD with an original copy , it fixed the problem and shared networking works normally. I don't know if this issue can be duplicated on another PC, if it's specific to mine, or if this is even useful to you. Other than this issue, the unofficial 98SE service pack works great on my PC. Rick

The BIOS on my old hardware is limiting me to 8GB drives or smaller. That's after reflashing with an update from the vendor, HP. Haven't checked into whether it's the BIOS or motherboard that's limiting me as I use external drives for data storage. I installed a 10GB, which the BIOS reports to be 8455MB. Windows reports the correct drive size, as does fdisk. Partitioned it into 2, and installed 98 on the primary. Seems to work OK but it's sluggish. I doubt there's enough demand for drives 20GB and smaller to justify making them. Who besides those of us using older hardware and operating systems would need them? Most users want as much storage as they can get. When I first got this old box, I didn't see how I'd ever need more space than the original 5.1GB drive. I wasn't interested in gaming, movies or videos. To make a long story short, the 80GB external drive I added since then is 75% full and doesn't contain any games, movies or videos. I'm considering a 500GB. Hard drive space is like any other storage. The more you have, the more you need. Start with the maximum amount of storage you can imagine needing, then multiply it by at least 4! As far as preparing for future breakdowns, the best you can do is pick up used ones in the size range you need. I have 6 of them, 8GB and under for use as my primary master. Move everything but the OS and installed apps to an external drive, which isn't limited by your BIOS. As far as brands for 98 are concerned, most of mine are Maxtors, but my best one is a 5.1GB Quantum Fireball. It's always been the fastest on my box, even when compared to newer drives of other brands. Rick

I pick up used small hard drives ranging from 4 to 20GB at the local computer shop on a regular basis. Been paying from $5 to $20, depending on the size. Many of my clients have old PCs so I keep a few on hand. Some are slow and worn, but some are quite good. My "C" drive is a used 5.1GB and is quite fast. Old doesn't always mean worn out. Rick

Two questions. 1, Is it necessary for IE6 to be installed in order to use SP 3.0? 2, Can it be used when Internet Explorer has been removed by IEradicator? I have a 98SE test unit nearly completed as far as applications are concerned. I've installed no patches save what was necessary to get the other apps to work. IE, WMP, etc have not been updated as I haven't decided if I want Internet Explorer at all. Rick

I just tried it on both my 98 and 98SE boxes. The escape key didn't bypass it on either box, no matter how many times I used it. I've found it quite effective. It might behave differently if Microsoft Family Logon isn't the Primary Network Client. Rick

This will prevent the escape key from bypassing the password dialog. REGEDIT4 [HKEY_LOCAL_MACHINE\Network\Logon] "MustBeValidated"=hex:01,00,00,00 More info here. Rick

It was on the box and in the manual. System Requirements Windows 98SE/Me/2000/XP Mac OS v9.2.2 or Mac OS X v10.2.8+ Unless it's the software that was bundled with the USB drivers that isn't 98FE compatible, I don't see why they specified 98SE. The CD wants to install some hard drive backup software I didn't need plus an old version of Adobe Acrobat. The external drive itself works great with just the drivers. Had no trouble repartitioning it in a DOS window. I've noticed that too with both software and hardware. Ran into the same thing with a USB modem, a webcam, and the previous DSL modem my ISP supplied. Supposedly, the USB drivers weren't compatible. Been seeing the same kind of thing with the performance specs. I've got a couple of apps that supposedly need a minimum 550mhz processor or at least 128MB RAM but ran fine on 366mhz and 64MB RAM. If 98 wasn't mentioned at all, I'd accept it as an oversight or omission. When they specifically list 98SE instead of just 98, which would cover both, IMO it's an attempt to coerce people into replacing their system by making it appear more obsolete than it actually is. I pretty much expect that SE/ME will get most of the attention. Even so, 98FE isn't that different and much of what applies to one works with the others. Actually, this is one of very few places I've found that has a separate 9X section that isn't completely dead or full of problems caused by dead hardware or corrupted files. The material here I can use. I'd love to learn to do some of this stuff, like modifying system files. This old box sees a lot of experimenting, most of it privacy and security oriented. Projects like the kernel upgrade and defeating the 2GB copy limit and the 137GB hard drive limit, that's the stuff that's fascinating. Hopefully this weekend I'll get the basic 98SE system done. Having both systems available and accessible on the same box will make things much easier. After that, the hardest part will be figuring out what I want to try first. Not enough time in a day. Rick

I didn't find out that the BIOS flash hadn't addressed that 8GB limit until some time later. At the time, my largest drive was a 5.1GB. I'd picked up a 10GB drive out of a dead PC and wanted to see if it was still good. The BIOS gave me 2 different sizes for it, 10,005 vs 8455. The drive seems to work decently anyway. Windows detects it properly, as does DOS. I partitioned it and cloned my existing 98FE system to it last week and have been using it since with no problems. I've decided not to try a BIOS upgrade from anywhere else. I don't have a spare and other than drive size limitations, it works quite well. I picked up DOS USB drivers some time ago for my external drive, which work very well. The drive works well with 98FE in spite of the Western Digitals claim that 98SE or newer is needed. The drivers for the external drive were bundled with their software in one installer. Once I got the drivers separated out and installed, the external drive ran decently, but slow. I installed a better USB card as the built in USB was very slow and only had 2 ports. The USB card came with 2.0 drivers, which also claimed to require 98SE or newer. I figured that the newer hardware would improve USB performance even if the 2.0 drivers didn't work, which it did. The big suprise came when I tried to install the drivers. The install appeared to work and the external drive became almost as fast as the internal ones. I've probably got the wrong disk for trying to upgrade. Instead of trying to figure out what type disk I need, I'll start with a new system. It might take a little longer but it also saves me a lot of uninstalling of older versions. It'll also give me a chance to try out a few other ideas that would be hard to implement on an existing system. This way, I can work on it whenever I feel like it and keep using my existing system until it's finished. Rick

I don't actually "need" to do this as an upgrade. 98FE is going to remain my primary OS for a while. I'd have to double check to be sure, but I believe 256MB is the limit for RAM on this hardware. The BIOS is my big limiter. I reflashed it once with an update from HPs support site. The performance improved quite a bit but it still limits me to small hard drives, 8GB or less. As for software upgrading and tweaking, there isn't that much more I can do to it. Been doing that for years. Other than the hard drive limitations, my only issues are compatibility problems, apps and drivers that won't work on 98FE. Performance hasn't been an issue. It runs faster than its specs would suggest and I couldn't ask for better stability. I'll probably get better results if I start with a clean install of SE and leave the existing 98FE system intact. If I can't move or copy those specific apps from my existing system to the SE install, I can always look for alternatives. For that matter, I can go back to having both 98 and 98SE in the same box on separate HDs and switch which one I boot from at the BIOS. I wish I had such an option. 2 or 3 more PCs would be sweet, if they were a bit more powerful than what I have. At present, this old relic serves as my primary PC and test boxes, depending on which hard drive or image I install at the time. It would be so much easier. Rick

The original 98FE system was installed by the HP recovery disk, which also contains a bunch of other stuff. The 98SE disk is a standard new system install disk, not an HP disk. Prior to trying the 98SE setup again, I shut down the external drive and removed the 2nd internal drive. I used a selective start and disabled all the startup items. This is all that was running, minus Process Explorer. Still getting the same error message. The hard drive is the original for this box and isn't partitioned. There's nothing else on it except for windows and my installed apps. Rick

I've managed to find a couple of upgrade disks for 3.1/95 to 98SE at ebay but no 98 to 98SE upgrade disks. Even if they'd work, I'll still have to open both ebay and pay pal accounts to get one, then wait at least a week for the bidding to close and for them to ship it. I'll pass on ebay. I installed 98SE on another hard drive and swapped out the drive with my 98FE finished system, mainly to see if it solves the compatibility and upgrade limitations. Even as a clean install with very little other software added, it seems very sluggish. My original 98FE system runs circles around it with 25 running processes vs 14 on SE. Is SE that much more demanding on the hardware than FE was? The SE install regularly puts the processor at 100% for several seconds at a time, something my original setup only does when launching a new app, then for much less time. This is a low power system, 366mhz, 160mb RAM with little room for improvement. The MB can't handle a processor faster than 550mhz. I realize that this probably not a fair comparison as my FE box has years of optimizing and upgrading on it, but it doesn't seem right that it should be twice as fast as a fresh 98SE install. The 2 are comparable on things like download speeds, but it feels like I've gone back to dialup the way web pages load. The bootup time is almost doubled. Apps take forever to launch in comparison. If I can't get the SE install to run closer to the speed my FE system does, I won't upgrade. Too much of a performance loss just to use a few new apps. Rick

That's what I had in mind. If I can find a way to copy a couple of the other apps on the HP 98FE disk to a 98SE install, that would work as well. There's several items I'd like to update but can't go any farther on 98FE. Rick