dencorso

Tihiy, I've never noticed the issues decribed in Q227131 with the Win ME SYSMON, which I use on a daily basis for year already, and which is the one Dave-H is presently using.

Bear in mind that Norton Ghost 14 and Symantec Ghost 11 are different beasts altogether. Symantec Ghost 11.5.0.2141 (the latest, if I'm not misteken) should handle Win 7 without any issues. If it doesn't in the default mode, in forensic sound full disk image mode it ought to be bulletproof.

Now I'm begining to suspect your problem does not lie with the drivers, for 77.72 at least is known to work OK with even higher model cards. Do you perchance have more than 256 MiB RAM on your Geforce 6800 AGP? If so, your problem is too much RAM and has no known solution. Except for exchanging the card for one with less RAM, of course.

Have you all been reading this thread: "Bootable XP DVD above 4.7GB possible?"? Doesn't it help?

Perra, do try the nVidia drivers 77.72. But don't remove nVidia drivers with add/remove or unistall. Do it using the great freeware Driver Cleaner Pro Version 1.5 (*NOT* Driver Cleaner .NET !!!). The Add/Remove applet or nVidia's own uninstallers don't do quite a perfect job in removing previous nVidia drivers, only Driver Cleaner Pro is able to remove them completely.

None whatsoever, at least directly. Myself, I don't see how it'd be of any help. Try the 77.72. Multibooter says it's the latest bug-free driver for 9x/ME. And he uses it with a nVIDIA 7800 GS OC (256 MiB; AGP 8x). If you have time, read the full NVidia drivers 82.69, suddenly!. I'm sure you'll find it most instructive.

DC=Device Context See some info here: http://msdn.microsoft.com/en-us/library/aa925824.aspx http://www.mvps.org/user32/gditutorial.html Thanks a lot, RetroOS! You do rock!

That's not a bug. It means display DC got swapped and RP9 unswapped it. It's kinda debug rare thing; it'll be removed. Please, Tihiy, what's "display DC"?

Aw, come on, all that you need I know you know you've got in the_guy's Service Pack for Windows ME. What more do you want? An autographed mug-shot of old Bill?

I confirm that finding. The selfsame question mark also appears for me. But, then, if I drag a window over it and back, it disappears. Just to remind you, my configuration remains as described below:

Since we're now at the Malware sub-forum, I'll dwell somewhat offtopic. The default XP firewall is also designed to block incoming attacks only. Can the Tiny Personal Firewall (the Tiny User's Guide says: 98/2k/ME/NT) or Kerio be used in XP also? And, if so, is it needed or wise to deactivate the XP firewall once the third party is up and working? I ask this because it'd be nice to be able to port the configurations I'll be developping for 98SE to XP as they are, or just with minor adjustments. Please advise.

Good old SETK6, by Andreas Stiller! It's a BIOS issue.

Why not: "Wazzup M$" ?

Myself, I doubleboot Win 98SE with Win XP SP3, so I can always scan both OSes from XP... but I don't think it's a solution I can seriously advocate as a general one. On the other hand, it's great because I can use one OS to fix the other and vice-versa.

Well, let's see whether I can sum up where we've got so far... We can: 1) Set up a strong default deny system (by using, say, Tiny or Kerio, SSM, Proximonitron and perhaps a router firewall). Add to it web resources like Virus Total and HouseCall and a sensible backup/imaging strategy and we're independent from the resident AV scanner industry's whims; 2) Jump from resident AV scanner to resident AV scanner until the very last of them drops 9x/ME, and then we think about what to do...; 3) Burrow our heads in the sand and hope for the best?

I wasn't aware of this! Thanks a lot, Zoinkity! You rock! I wish to add that Win XP (and all NT family OSes) requires IconIndex even when the IconFile is a single-icon .ico file, whereas Win 9X/ME doesn't mind if it's not there, in this case. If the icon is in a file that contains multiple icons, of course, both families do require the IconIndex entry, so as to be able to find the intended icon.

Tiny Personal Firewall download links v2.0.14 and v2.0.15 and v2.0.15a (the last v2)... ...and the v2 Users Guide, in .pdf and a partial version history! ... and two alternative links for Kerio Personal Firewall v2.1.5: link1 or link2 BTW, do any of you have any experience with Spybot - Search and Destroy's "Tea Timer"? I have been using SSD for a long time now but never did install Tea Timer... It's a system integrity checker of some kind, isn't it? I think it's warranted to repost here a working link for direct download of the System Safety Monitor v2.0.8.583-free.

You're right. It's more useful to protect XP than Win 9x/ME, because it blocks incoming attacks and sniffing. To turn off either the machine or, at least, the internet connection, when the machine would otherwise be idle is also a good idea, when feasible. A software firewall to prevent and detect programs trying to call home is also very usefull. I'm intending to use one again, and I think the Tiny Personal Firewall, reccomnded by Multibooter, may be just what I was looking for. I've used the Norton Personal Firewall 2003 for some time in the past, but it hogged down the system too much for my taste, so I ended by dumping it. BTW, the good old usenet Firewall FAQ (last updated in 2001, the 2009 revision exists at this link) remains a fair introductory reference for anyone new to the subject, and provides a good demonstration of how little things changed since then, at least at the conceptual level: the hardware has had a lot of improvement, the software became more powerful (or more bloated, it depends on how you look at it), but almost no really new ideas have appeared in the last 8 years.

Are you serious when you say this ?Very. I've had a bitnet account back in 1991, before we had real internet here. As soon as there was internet available I've moved over to it. I've participated in listservs, then usenet newsgroups, then forums, so I was as current about what was happening abroad as possible from here. But, in all this time, I've had only four virus episodes (I mean really getting the machine infected, not caching viruses and deleting them without the machine getting infected): ping-pong, stoned, brasil and jerusalem. The first three were boot sector infectors, being easy to remove by hand, by using debug or symdeb or NU (the good old Norton hexeditor). Jerusalem cost me a reinstall from scratch, and taught me viruses were a serious matter. Some time later the McAfee ViruScan arrived in Brazil, and I've used it continuously up to 2002 or 2003, when I switched to AVG, which I use up to the present. Incidentally, note that all those four viruses were cached through 5 1/4 floppies! When I began using fast internet at home (July 2003) I installed a FreeBSD firewall that latter I've changed for a Linux one that I use today. My scanner cached numerous viruses along all this time, but I've managed to avoid infection up to now. I've seen much damage due to viruses along this time, but not on my machines. And, anyway, I do backup obsessively.

Not so. I have a Windows XP system that got infected with WIN32:Vitro. It infects every executable that gets opened. It even infected an executable on one of my Windows 98SE Computers whn I tried to copy a program into the XP machine. Fortunately the virus crashed when I used the program in Windows 98SE. This led me to discover the Virus. I ended up having to write a disinfector since the Anti-Virus programs I found could not disinfect the executables but would just delete them, leaving a useless system.WIN32:Vitro, a.k.a. Win32/Virut, is a good case-in-point. It's a polymorphic virus that uses process injection technology to proliferate. It doesn't work on Win 9x/ME because it depends on NTDLL.DLL functions NTCreate*, NTOpenFile and NtQueryInformationProcess, as far as I was able to gather by googling around. It's quite nasty. But, then again, it doesn't use stealth techniques. It could be even worse...

Please, Queue, do take my comments as constructive. However your post is very assertive, so I feel bound to comment some of what you said, and disagree with some points. I do have more to say also, but here are my first thoughts about what you said: I write this from the perspective of one running Win 9x/ME. While keeping to this perspective, I remain in the DOS era, and so do you. To put it simply: no, they are not. If you don't believe me, do read Mark A. Ludwig's books, particularly "The Giant Black Book of Computer Viruses". You can perfectly have a virus hide in an alternate data stream of a Win32 executable on NTFS. ...And even a Vista machine is as vulnerable to a boot-sector virus as your average garden-variety of 386 of times past... The fact that we hear less about them may even mean those who write them became better at hiding them... I do agree with you here. My own security measures have been scanning and a router firewall for a long time now, and, AFAIK, my machine has been virus-free since 2001 (although I've added the router firewall only when I switched to DSL). We're talking Win 9x/ME here: this is becoming less and less of an option, no matter how much we strive at keeping up to date. In the long run, no, it's not an option. Are you serious? Don't you ever? Why not scan it with multiple scan engines? If you don't want a live scan engine in your machine, you may still use, say, VirusTotal? Avoiding scanning completely out of a dislike simply is not understandable, although all the other measures you reccommend do have their merits, especially if used together, and complemented by scanning.You've also not mentioned the main shortcoming of a AV scanner program: it does not protect one against zero-day threats. And while you're quite right that security through obscurity is an option (although not a perfect one), security through being at the periphery also has its merits... Simply by being in Brazil, I've, up to now, avoided zero-days, but, obviously, that can change at any moment. Moreover, the performance cost of a real-time AV scanner is dependent on how you configure it and also on what hardware you do have. So, here, YMMV. Now, I think the real problem is that, some months from now, no one using Win 9x/ME will have the option to use an up-to-date AV scanner to fully scan one's machine, say, once a day, because no compatible such software will have been left being updated. And that's the main new scary reality on Win 9x/ME users horizon I feel we need to address right now. I think this thread is very timely, and hope it can help all of us (those who do and those who don't like scanners) keep computing safely in a time where most of the scanning programs are dropping Win 9x/ME, or have already dropped it.

LAST-FREE-AVG 7.5 (last virus database version 270.12.11/2089, released 04/30/2009).

I'm sorry but I do have to disagree. Used original retail Win 9x can be bought quite cheap from eBay and the like, if you're patient. And garage sales, here in Brazil at least, still yield fruits (got two Win 98SE for clients last year, at US$5 each). But this won't last, of course.

Thanks den. I've downloaded and installed it. Is there any reason to use the ME version instead of the 98SE version? To have the most up-to-date code-base available. I think it's worth it, but that's just my opinion.

Fair enough, but I never got permanent 100% CPU usage indications anywhere until the thumbnail viewer was installed. Neither do I. BTW, my patched SYSMON may interest you, although it'll not solve your issue. Note that the Win ME version works OK on 98SE, and that's the one I'm presently using.