herbalist

I am encountering problems with 9.6.4. When I have Virtual PC running, the browser (SeaMonkey) on the host system becomes erratic. Pages don't finish loading. Tabs aren't working properly. At times, the page doesn't completely refresh. Didn't get a screenshot of it, but on a few instances I could see my desktop through the browser window instead of the web page. Didn't see any heavy processor usage, low resources, or anything else that points to a specific problem. No error messages. The system just seems to stall. I've apparently been using 9.6.1, although I'm almost positive I installed 9.6.3. The above problem isn't there with the version I'm using now, just the TCPView issue. Can't find my copy of 9.6.3 either. Can someone send me a copy of it? Tihiy, Would it be possible for you to use the full version number for the file name instead of RP9.exe? It would make it easier to keep tract of which one is which. Would it be asking too much to keep the previous version available (9.6.3 in this case) until the latest version is found to be problem free? It would be appreciated.

9.6.4 appears to be working well here. TCPView works again. No problems with any other apps so far. I've also had the occasional flickering of the system tray. It hasn't been bad enough here to be a problem.

I wasn't using RP when 9.1 was available. Don't have copy to try. I've got a few possibilities I can work thru. In the last month, I had to replace the monitor. Went from a standard size CRT to a 22" LCD flat screen, using a 1600X900 resolution. I'm quite surprised that 98 is working with it as well as it does, especially when XP won't give me near the selection of resolutions on the same hardware. Not having Internet Explorer might have something to do with it too, 98lite unit. It's possible that there's other updates that I've missed that would help too.

There seems to be a problem with using TCPView with RP9.6.3. I'm not sure how far back this problem has existed. Apparently it's been a while since I've used it. The display of Sysinternals TCPView is not visible with RP9 installed. It appears to be empty. The info is there. I can highlight lines and copy them to the clipboard where they can be read. So far, I can confirm the problem exists with TCPView version 2.34, 2.4, and 2.51. Haven't tried any newer versions. If I uninstall RP9, TCPView becomes readable. I've tried most of the fonts available in TCPView and changed the system font and screen resolution. No difference.

My HP Pavilion uses the 440BX chipset. I've had no IRQ or device problems/conflicts on it. I don't know if my results are typical for other USB cards with NEC chips, but I wouldn't hesitate to buy another one. The Stratitec USB card works fine with all the HP's installed operating systems, 98FE, 98SE, DOS, 2K-SP4, Puppy Linux, and live Linux CDs. It has worked well with an external hard drive, flash drives, and a card reader. No problems with data loss or corruption with any of the OS. From 98FE with the external hard drive and 2 flash drives plugged into a hub.

The Stratitec USB card I added to my old HP has worked flawlessly for years. It has the NEC D720101GJ. I originally added it to get more USB ports on my 98FE unit. Didn't expect to get USB 2.0 to work on 98FE but the Orangeware drivers installed fine. With those and NUSB for 98FE, every USB device I've plugged into it has worked normally. The Orangeware drivers are available in quite a few places, including the Stratitec site.On my PC, version 2.3 works the best.

Twisting what I said into this is lame. If you had bothered to read it, you'll see I said the last time was about a year ago. Use the forum search. That's been addressed in several threads. I see no point in continuing this "discussion". You've made your choice and I've made mine.

Except for systems I have set up for malware testing, I haven't had any type of infection on any OS in over 6 years. My PCs are all default-deny secured. Unless I specifically allow it, they are almost impossible to infect. On the 98 test unit, the firewall has alerted me to outbound traffic initiated by malware on 3 or 4 occasions. Each time it was missed by the AVs. The last time this happened was about a year ago. IMO, how often it happens is not the issue. If it happened even once, the firewall has earned its keep. We're just not going to agree on this one. On any OS I use, the first thing I install is the firewall, then the rest of the security package. Except for test setups, all my Windows systems get the same security package, Kerio 2.1.5, SSM, and Proxomitron. I consider a security package necessary and have been using this one for the last 5 years. Security apps don't have to be heavy resource and memory loads. On mine, the combined package is using half of what the browser is with 2 open tabs on this forum. If you want to run your OS on the assumption that there's nothing left on the web to infect it, that's your choice. I won't take that risk, especially when there's no cost or performance loss for protecting it other than the initial setup time. Even though 98 itself isn't directly targeted anymore, the software running on it is, the browser, the media player, the PDF software, flash player, office software. Malicious code doesn't have to compromise the OS itself to be dangerous or costly. Most of 98's resource problems come from apps that don't use them properly or have memory leaks. Internet Explorer is one of the worst for draining a system. If you choose apps that manage their system usage well, 98 will run stable for a long time without rebooting, even with several background apps. 98 might not manage resources and memory as well as an NT system, but you make it sound like it's outright fragile. Once I stopped running an AV and got rid of Internet Explorer, my usable time on 98 between reboots went from hours to days. The improvements developed on this forum have improved that even more. If 98 is too unstable to run a few background apps, there'd be no point in using it, let alone improving it. But as long as the user makes efficient use of memory and resources one of the primary considerations when choosing software, 98 will run pretty much whatever you want it to.

Hardware and software firewalls serve different but overlapping purposes. Hardware firewalls block inbound from the entire network behind them. They block or allow traffic on a per PC basis. Being separate from the PC, they're not vulnerable to infections of that PC (as long as UPnP is disabled). But as a result of being separate, hardware firewalls are not application aware. They can't tell if it's your browser or a trojan that's connecting out. Software firewalls control traffic in and out of individual PCs. On networks with more than one PC behind a router or hardware firewall, a software firewall can prevent one compromised PC from infecting another on the same network. Software firewalls are application aware and can block or restrict traffic from one application while allowing another to connect out freely. That makes a software firewall useful as a parental or employee control tool. Kerio 2 for instance lets you makes time sensitive rules, such as blocking the browsers access after 11:00PM while allowing updaters to work normally. I've done that for a few clients. Now their kids won't talk to me! That same software firewall stopped their P2P program from working. An installed software firewall gives you flexibility not possible with hardware firewalls. I have to disagree with that statement. Control and security are directly connected. A secure system is one you control. A compromised system is one someone else controls. That's the goal of most malware, to take partial or full control of your system. A software firewall controls the communication channel the malware would have to use. Only a small percentage of PCs are compromised by unsolicited inbound traffic. Most are compromised by the users, willingly or otherwise. It doesn't matter how good or careful you are. Unless you have 100% control over all who use that PC, friends, family, kids, and can guarantee that all of them will use the same level of care, things will happen. Other factors also need to be considered. AV support is all but done for 9X systems. We no longer have a semi-reliable way to detect malicious code in real time, not that they were very good at it to begin with. The conventional approach to security is not available to 9X users any more. This gives us 2 choices, default-deny, or trusting that 9X usn't popular enough to be targeted. IMO, the 2nd is not an option. It's trusting in blind luck. Kernel EX is making it possible to run more "modern" software on 9X systems. It's also likely that it is also making it possible for more malicious code to work as well. By making 9X more functional, we may be making it more vulnerable. This is uncharted territory for 9X that needs to be explored, or at the very least, to remain aware of the possibility. Legitimate sites get hacked and serve up malware. Financial institutions, facebook ads, etc. You don't have to go looking for it. The internet is much more dangerous than it ever has been before. Even the DNS system has proven to be vulnerable. There's no guarantee that where you want to go is where you'll end up. IMO, all of the web has to be treated as untrusted and potentially hostile. The common sense approach of "don't visit dangerous sites" isn't sufficient. The "enemy" has changed. It's not script kiddies any more. It's professional coders and thieves. Their agendas have changed. Instead of recognition or glory, it's profit and control. In todays political climate, it can even be your own government or authorities or those of another nation. It's not just your data or your desktop they want anymore. Often it's your PC to be used as a pawn in someone elses war. 98 itself might not be directly targeted as much as it used to be, but the applications running on it are, starting with PDFs and flash. If I remember correctly, Flash was used as the vector to target routers from the PC. Yes, it was fixed, but will you bet on it being a one time occurrence? Malware isn't strictly for 9X systems or NT systems. Much of it works on both. It's no different than any other user applications. I've got malware obtained from members here and elsewhere that behaves very much like a rootkit on a 9X system. It's one thing to claim that todays malware is written for NT systems. Who is even checking how much of it works on 9X, or with Kernel EX? Is anyone looking at all? IMO, that's an unverified assumption. I'll never understand why some dismiss apps or a system "calling home" as a problem. Most trojans do this. Would you allow people you barely know to use you phone whenever they want to without asking you? How is this different, especially when you consider the personal info the app calling home has access to and the fact that you don't know what it's sending? Resource usage is not an issue with a good software firewall. Even my old HP with a 366mhz Celeron experienced no slowdown with Kerio 2.1.5 and SSM. Yes, the combined security suites were resource hogs, but they were never designed for 9X systems to begin with. 9X compatibility was an afterthought. NIS for instance added over 90 seconds to the boot time of my old HP and reduced it's usable time to half of what it was without it. AVs are the real resource hogs, not firewalls. Can't agree. There is something of a learning curve involved but that same knowledge gained will also help with configuring hardware firewalls, setting up home networks, etc. Once the basics are learned, it's not that hard. We're working with an unsupported OS, which means we have to provide our own support. To one degree or another, all of it is a bit of a pain, whether it's fixing compatibility issues or testing newly found vulnerabilities. Learning the basics of the internet we want to use these 9X systems on should be part of that process. With firewall rules, when they're done, it's over. Unless you change your system, they don't change. Until recently, we've always had 2 options, pay someone to take care of our systems and security (system and AV updates) or do it ourselves. We now have one choice if we want to use 9X. If this place has proven anything, it's that we can make 9X better and safer than MS or any AV vendor ever has. I agree with many of the suggestions, but not necessarily with the way they're implemented. Getting rid of the old software is important. I'd add IE6 to that list if your setup allows it. It's always been the biggest weakness in 9X. Instead of NoScript, I'd use Proxomitron which works with all browsers and is much more powerful (and has a much steeper learning curve). I suggest a security policy based on default-deny and enforced with the system policy editor or SSM, free version. For registry protection, no need for real time protection. A batch file running at bootup can give you a clean, optimized registry at each reboot. The link in my signature explains how to write your own. The hosts file doesn't help much with protecting your system. It's not possible for them to keep up with malicious sites. They change way too fast. It is useful as a junk remover, such as the common ad sites, a lot of Google garbage, etc. It can also be useful for its intended purpose, a real address book for sites you need to be sure of, instead of relying on a potentially vulnerable DNS system.

No problems here using PDFXchange viewer 2.0.51 with RP-9.6.1 and KEX on 98SE. It's opening all the files that were problems before, both in the browser and separately.

It's not the same motherboard, but my Dell has Sound Max integrated digital audio. It's working fine with 98. The driver can be downloaded here.

I haven't checked it thoroughly yet, but the problem with PDFxchange crashing when using themes appears to be fixed. So far, it's looking and running good. Thanks.

I've never seen a taskbar like that. Almost looks like Linux. I have no idea what would alter that, or if the change would have to be made to Windows or the software you're using. Sorry.

I'm having a hard time picturing what you want. A screenshot would help. Does what you want look anything like these? I used the normal toolbars and added shortcuts to system and data folders to them. Using RP9, KEX and normal system components.

I was using Foxit but got tired of the resource problems with newer versions. PDFxchange works well with KernelEX and doesn't have that problem. It seems to integrate well with SeaMonkey if you want it to work that way. The only problems I've had with it is conflicting with themes in RP9, and it comes with the ask toolbar installer. You're supposed to be able to opt out of that if desired. I blocked the toolbar install with SSM instead. It seems very well behaved, lots of features, almost to the point of being cluttered. So far, no problems or conflicts with KernelEX on lite98SE. Working very well. No stability issues. It would be easy to forget it's even installed. Excellent work!

If I got results like that at VT scanning a file, I'd get rid of that file. IMO, 20 AVs missing a detection is more believable than 20 false positives. There could be exceptions to this, such as utilities that are used maliciously as much as they are for legitimate purposes or software that big money industries would have issues with. Even then, if you need to keep a file where the scans give mixed results, open it on a test system that's isolated from all the others and set up to detect malicious and unusual activities. With the problem you've had, the first tool I'd put on that test system is an integrity checker. Better yet, put the integrity checker and other investigative tools on read-only media so they can't be compromised and check the system before and after opening each suspicious file. I'd also use a flash drive or small hard drive to transfer the files to the test unit and overwrite/erase the whole thing after each transfer.

No need to roll back from 2K. Dual boot and have the best of both worlds. When Tihiy has the time to address the few remaining bugs in RP9, 98 will look as good as it performs with this and the other unofficial updates available here. It's a better OS now than it's ever been!

I have both FE and SE CDs, several versions of each. On my old HP, both are installed, but no matter how much tweaking, stripping, and modifying I do, the 98FE system has always been faster while being equally reliable and functional. I had FE installed on the Dell for a short time, until I learned that the 98 drivers I had were for 98SE only. In that short time, I had an OS that was booting in under 15 seconds and was reacting so fast it seemed like the apps were open and ready before I let go of the mouse button! Except for drivers for this hardware, everything I use works as well or better on FE as it does on SE. As light as SE is, it's bloated when compared to FE. Instead of stripping out the excess with 98-lite, I'd prefer that it wasn't there to begin with. I would like to duplicate the HPs 98FE system on the Dell. Transferring or cloning the existing FE system is not possible without major alterations. It's also got junk in it from 5 years ago that I don't need on a new system. None of the other operating systems I use have come close to the long term reliability that 98FE system has given me. The install is 5 years old and was my default system for all but the last few months. Yes, I very much like my 98FE system. Regarding the drivers, I have found chipset drivers that I think will work. Might have display drivers too. I have another sound card I want to install, with 98 drivers. The network card shouldn't be a problem. More than anything else, I need to find the time to do it. Another hard drive or 2 would help too.

On the Dell PC, 2 OS, 98SE (default) XP On the HP PC, 5 OS, 98FE (default) 98SE Win2K Puppy Linux Knoppix (poor mans install) On the gateway PC 1 OS Win2K

Last winter, I obtained a Dell Optiplex GX260 that came with XP-SP3. I originally wanted to make it dual boot with XP and 98FE, only to find that the chipset and other drivers were for 98SE. I settled for SE and XP, but now I want to try installing 98FE again. The details regarding the hardware are in this thread. How difficult would it be to modify the drivers to work on 98FE or to deceive the installers that the OS is 98SE? Is the incompatibility of these drivers and 98FE real or artificially added to the installers?

As far as I can tell, it's working fine. Maybe it was just down when you tried it.

I'm pretty sure the user data folder is installed by IE6 and windows update. Depending on your system configuration, it can be in several places. Check these folder: local settings, application data, and after any named user profiles. My FE unit has this folder. This lite SE unit does not. On my FE unit, subfolders in user data contain windows update 1kb xml files. I see no problem with deleting them. Regarding index.dat files, a simple batch file that runs at bootup will delete them. Windows will then create new ones with sizes that are multiples of 16kb. Most are 32kb. There can be a couple dozen of them, depending on your setup. Some have default entries when created, usually the default items in links, channels etc. The 32kb files are empty. This recreation of the index.dat files at bootup gives the appearance that the batch file didn't work. The originals containing your usage records are gone. Verify with the file dates. The swap file can be wiped when in DOS mode. Eraser 5.7 has a DOS component "eraserd.exe that does this well. As was suggested, read up on the swap file first. Depending on your hardware and the type of setup you have, there's all kinds of possibilities. My PCs are all dual or multiboot setups. On all of them, the operating systems all share a common swap file or swap partition. Do back up your system before experimenting.

I'm sorry if I keep coming back to the same point, but given that your AV isn't detecting the malicious process, I don't see you defeating it until you work from an environment in which the infection process can't run. This can be Linux, DOS, or a default-deny controlled Windows environment, built from a known clean source. The first 2 will work for finding and cleaning infected files, but to find the source, you need to catch it trying to start the first time and every time thereafter. Every time it starts, you're losing ground and files. By the time you notice the hard drive light, damage is done. Regardless of whether it's part of a compromised legitimate process or uses its own, the process of altering files requires a running process that can be detected and intercepted.

A couple more possibilities. Scan from a live CD. A windows virus shouldn't be able to execute under Linux. Scan from DOS. I still have a copy of F-prot for DOS, signatures dated 5/25/2007. If it'll help, I'll send it.

I don't know how much extra hardware you have. If you have enough to build the system I mentioned above plus another one, I'd setup the one I described above for scanning. The next one I'd set up as a receiver for cleaned files. The receiver system should be protected by an anti-executable that alerts whenever something new tries to start. Add a new copy of your AV that hasn't been in contact with your systems, in case it's been infected. It wouldn't be the first time an AV was directly attacked. Check groups of files with the online scan. Whatever shows clean, transfer to the receiver system and check it again. Checking and transferring all your files will be a long process, but if the AV is missing the infection source or its scan is triggering the infection process, I don't know any other way to be sure that you'll catch it.