Queue

El zilcho, rather, that website still makes me freeze. Going to see if I can find an alternative heavy-load situation that makes me reliably freeze. I have a few games that bring this old system to its knees that should give me testing options. Queue

Flash 9.0.159 Shockwave 8.5.1 I think I got the numbers right. I'm not using KernelEx so don't have Flash 10. The version of Flash I'm using with Opera is slightly older and the same problem occurs. Queue

Alrighty, I gave this a whirl, for over 10 minutes. My idle temperature tends to be around 45C and CPUBurn got me up to a toasty 60C, but at no point did performance dip in the way caused by the website; namely, the mouse cursor remained 100% responsive (it moves jerkily before freezing when that website is loading, assuming it doesn't freeze immediately). My CPU is an Athlon 1.3 GHz, and has a critical temperature of 90-95C, part of why I've never been concerned over the CPU itself overheating. I also ran Memtest86 earlier and it had zero errors after running through two full passes, so I'm fairly confident RAM isn't the issue (I have seen errors before on other computers using Memtest86 so am familiar with what RAM errors do look like). I am ''glad'' to hear that website causes the same weird spike in CPU load for you as it does me, as it may be pointing to a software error that your computer is managing to cope with while mine isn't. Any thoughts on what causes a computer to freeze completely rather than have program crashes or a blue screen? I've only associated freezes, really, with hardware failure, particularly overheating, but that really doesn't seem to be the case here. Edit - More, potentially relevant information: checking RAM and swap file usage when loading the website showed nothing weird. Something like 3 months ago when the freezes started, I had replaced a failing IDE drive with a SATA drive (plus SATA PCI card). Like I mentioned, both hard drives (one IDE, one SATA) are fully accessible when the freezing starts which is quite different from when a hard drive is failing, so I've been ruling out them as the problem, but I suppose there's potential for the new card and drive to be somehow related to my trouble (though I'm less inclined to think that since you get a CPU load spike from the website). Queue

Within the past 3 or so months my computer (running Win98SE) has suffered hard freezes on me a few times. I didn't really think anything of it; I figured something was overheating (a little unlikely considering the hardware, but that isn't particularly important). Fast forward to this afternoon when I found (by pure accident) an easily reproduced situation that causes my computer to hard freeze and proceeded to test a whole bunch of possibilities. Right off the bat I was able to determine, fairly conclusively, that it isn't an overheating issue nor is one of my hard drives failing on me. The issue isn't caused by RP9, Tiny Personal Firewall or Winamp 2.23 (the only abnormal things I have running in the background); I tested with and without all three. Malware isn't the culprit. Now, to the test situation... it's unfortunately NSFW. I read a news article about controversy over a cinematic viewing of pornography at the University of Maryland, and curiosity got the better of me; I checked the Wikipedia entry about the movie and followed a link from there to the movie's homepage. Upon loading said webpage, my computer froze (completely, no mouse movement, ctrl+alt+delete wasn't functional, etc.). To avoid posting links that violate forum rules, here's a link to a TIME magazine article over the controversy: http://www.time.com/time/nation/article/0,...-inline-sidebar I was able to use this webpage to test a whole host of suspicions, all which came up negative. Sometimes my system responsiveness plummeted before totally freezing, giving me time to check hardware temperatures, hard drive responsiveness, GDI/user resources, CPU usage, etc. - Browser didn't matter, both IE and Opera led to me totally freezing. - RP9, Tiny Personal Firewall and Winamp being running or not all had no impact. - Both hard drives were responsive (a past experience with a failing drive showed similar symptoms). - GDI/user resources were largely free (over 60%). The only real clue I have is CPU usage was at essentially 100% for whichever browser was in use leading up to the freeze. Simply putting a heavy load on my CPU (or video card for that matter) doesn't cause me to freeze. What's perplexing is a few times I've had the computer freeze (in the past 3 months) when under very different circumstances (as examples, playing Rockman7-FC and cheating at it using TSearch, playing Stick Ranger at dan-ball.jp, playing Warcraft 3). It's worth mentioning that of those 3 examples, they've each caused me to freeze only once out of quite a few uses. This system is 8 years old and has been running near 24/7, and I'm wondering if electron carry could have just taken its toll on my CPU, or if there's some means of diagnosing this situation. Queue

Old ZA Firewalls seem to be dying due to a certificate they used expiring yesterday (July 15th). Kinda sucks. Queue

That would be a reasonable guess (it being a font issue); that down arrow looks correct for me on 98SE IE6. Queue

Honestly, that's exactly what I do as well. I use Bear to check on GDI usage when using Opera. http://www.geocities.com/the_real_sz/misc/bear_.htm I also have an ancient 16-bit application that came with MSVC++ 6.0 called Stress Test, but it has issues (mainly, it doesn't comprehend my HD being larger than 2GB). Queue

I saved copies of a few different versions and happen to also have 9.1.0.0 from the 25th. Two of the contained files have differing checksums: on.reg and RPSetup.exe. The difference in on.reg is the removal of "TaskbarSizeMove"=- I'm not sure what the difference in RPSetup.exe is. Queue

How would I identify version number? RPConfig.exe identifies its version as 9.1.0.0 in the version I have (which I downloaded April 26th). Anyhow, I've uploaded it: Link removed since Tihiy's site is back. Also, I've had no significant trouble with IE6 and its heap usage (in the 8-ish years I've had the same install of Win98SE on this computer), with the exception that poorly made Flash dealies can easily exhaust the heap (but the same is true with Flash in Opera). Edit: Removed link; don't want people confused over the proper place to download from when Tihiy's site is operational. Queue

Here's a .reg file that should set all the killbits. When I say should, I mean it sets the ActiveX killbit for all CLSIDs listed in the Microsoft article, so I'm assuming their list is accurate and complete. EDIT - Scroll down and get whatever420's .reg file, it has 8 more entires than mine did (which were found by directly extracting the contents of Microsoft's patch). Queue

There are also some SATA PCI cards that have 98SE drivers (I bought such a card just a few months ago). Queue

This wasn't a critical factor; because any executable code run on Win9x essentially counts as privileged, any successful remote execution exploit allowed a compromise of the OS. IE remote execution exploits are no more (or less) dangerous than those of any other application on Win9x. Good post otherwise. =D Queue

Obviously I'm not dencorso, but I think I can do a good job of explaining this one. Let's start with a diagram: Computer---\ Computer----\ 65.7.34.120 Computer-----Router/Firewall---Modem---Internet Computer----/ Computer---/ Even if you only have one computer, just ignore the extra 4 in the diagram, the layout would still be the same. Now, when your computer makes a connection to another computer out on the internet, the router keeps track of which computer made the connection, and when a reply comes, sends it back to the computer that made the request. There is no interference with outbound connections. When an incoming connection is attempted, let's say someone makes a connection to the (fake) IP address listed above (65.7.34.120) at port 135, the connection is refused. This occurs for two reasons: the first is that the router doesn't know which computer on the network would even want the connection request, the second is because it's not been told to accept connections on port 135 and forward them to a certain computer. This is the primary security benefit of a hardware firewall: denying incoming connections. As an example, on my Win9x machine, the following ports are open: 137, 138, 139 (all NetBIOS related) and 1033 (related to modifying web content before it reaches my browser). Without a hardware or software firewall, remote users could, theorhetically, try and establish connections to my NetBIOS ports. Closing those ports isn't an options: they're related to proper network functionality of Windows. WinXP usually also has port 445 open. Many early remote exploits on WinXP are services listening on given ports; a fresh install of WinXP without any updates is very vulnerable to automated attack if directly connected to the internet. If I want to be able to receive an incoming connection on a given port, there are at least two options: I can change my router's settings to explicitly forward incoming connection requests on a given port to a specific computer on my network, or a program can use a system called Universal Plug 'n' Play (UPnP) to ask the router to forward a certain port (so I won't have to configure it manually). Hardware firewalls can be configured to affect outgoing connections as well, but it typically can just control things at the port number level; only advanced firewalls analyze the data being sent and filters it according to what type of data it is. A software firewall has more information available, such as which program is trying to make an outbound connection or wants to start listening on a given port. Queue

I have tons of CHM files on my computer, most do not try and connect to the internet. Every Sysinternals CHM file I tried, did. I'm not a paranoid person and I don't believe there's anything malicious about what the Sysinternals help files are doing; if you don't trust them, delete the CHM files. Queue

I'm writing this from the perspective as someone who does not like real-time virus scanners. I sincerely would like discussion in favor of and against them to follow. --- First off, computer virii are long dead. They existed in the DOS era and slowly died off as executable code that modified all executables on a system became easy to detect, repair and prevent. A true computer virus would be triggered when an infected executable was run; the viral code would search for other executables and modify them to contain said viral code to be executed when those programs are run. They often had a purpose besides replication, that would either occur arbitrarily or when certain criteria were met, and ranged from the benign to the ferociously malicious. Besides anti-virus programs being good at thwarting these virii, modern OS design protects against them. They are dead. What you have today is malware, typically tiny executables that are a program by themself. Rather than infecting all executables, they typically make use of mechnisms in the OS to run every time the computer is started up. Occasionally they exhibit virus-like infection of specific files to make sure they get executed. Malware is an amalgam of spyware, adware, trojan horse programs, and any other type of malicious program. A given malware program can be any of those things; they themselves are just more descriptive, but tend to operate in the same way as eachother. --- Why do I dislike real-time (active, resident, they have many names) virus scanners? They hurt computer performance. They don't protect you from new threats. They incorrectly detect programs as being ''infected'' when they're actually not. The three most common ways a computer gets infected with malware are: - a remotely exploitable software flaw that allows execution of code - a user downloading and executing a malicious application - a flaw in a browser (or internet multimedia program) that can be exploited to run executable code --- The first is 100% preventable. For a remote exploit to work, your computer has to be sent data that triggers an execution of code (that would, for example, download and run a malware executable). You have two standard options here: a hardware firewall (for example, a router between your comuter and your internet connection, with no ports being forwarded to your computer) or a software firewall (the best advantage here is explicit control over which programs can access the network/internet). There's no reason not to use both, except a software firewall will have some performance cost on your machine. To generalize, a hardware firewall protects you from incoming data, and a software firewall prevents programs from using the internet AND from incoming data. Keeping your software (especially your OS, browser and media players) up to date mitigates most remotely exploitable flaws, as security updates are released specifically to address these flaws, however, the patches come after the flaws are discovered, so simply keeping patched doesn't protect you from newly found exploits. Now, that said, you could initiate a connection to a remote entity that sends a malicious reply that triggers an execution of code. A hardware firewall won't protect you from this, and a software firewall can only help mitigate the damage done (as could a real-time virus scanner). --- The second is also 100% preventable. Don't download and run programs. Kinda like abstinence to avoid STDs, this isn't gonna be an option for most people. This is, theorhetically, where anti-virus programs are supposed to shine; but they don't. Malware goes out of its way to avoid detection: they modify themselves before transmission so that signature-based scanners don't detect them, they exploit flaws in the scanning routines to avoid detection or to outright crash the virus scanner, if they manage to run, they shut down the anti-virus or add themselves to the exceptions list. Signature-based scanning doesn't work. Behavioral-based scanning doesn't work. If they did, malware wouldn't work. They have a second critical problem that trains people to make mistakes: false positives. If a virus scanner says things that aren't infected, are infected, the user will eventually start ignoring the virus scanner. --- The third is the cause of the browser security wars, people claiming X is more secure than Y. Browsers have design flaws that let code be executed, no browser is exempt from this truth. So do media players (QuickTime has a particularly bad history for both the MacOS and Windows). This one is also preventable via abstinence: don't browse the internet. Obviously too extreme, so most take the risk. How do you avoid infection then? First off, know your partner before you sleep with them. Major websites aren't places for you to fear. Second, don't have sex with the back-alley prostitute: warez and p0rn sites can either be outright malicious or have been compromised because the site itself isn't secure. Unfortunately, any site that provides more than basic HTML can potentially have been compromised and be serving browser (and other) exploits to try and infect your computer. Major country's embassy websites, for example, are no stronger to being compromised. Ultimately, what browser you use doesn't matter as much as where on the internet you go. You might be thinking to yourself, but I use Firefox, don't have Flash or Java and have scripting (JavaScript) turned off: an exploit might target a flaw in Firefox's CSS handling, or its XML handling, or even in its basic HTML handling and be able to execute code. How quickly the browser is updated after a flaw is discovered doesn't matter if you went to a malicious website before the fix was released and you downloaded and applied it. Security through obscurity, exploits not targeting you because you use a program for a given thing (browsing the web) that not many people use, is neither reliable, nor totally ineffective. The larger the userbase for a given program, the more effort that's put into finding exploits for it. No browser is perfect, so security through obscurity IS an option, although not a perfect one; it worked for Firefox at first and earned it its reputation. --- Now, how does all this relate back to a real-time virus scanner? Well, a virus scanner is there to stop a malicious program from running, but malicious programs don't get detected. So, you're wasting processing power on something that interferes with data throughput and ultimately doesn't protect you. Never connect your computer directly to the internet, let a router (or a dedicated hardware firewall) sit between your machine and the internet. Keep your browser of choice patched up to date and any supporting software (Flash, Java, your media player). Don't download and run programs. If you do download a program, determine if it's from a trustable source, get independent feedback on it (ask someone else who has used it if it was legitimate), scrutinize it (manually unpack it if it's self-extracting, for example), the decide if it's worth the risk. --- My opinion isn't fully stated here, I'm hoping for some pro-anti-virus responses. The gist of my stance is that real-time anti-virus programs aren't worth the performance cost on a system and are ineffective. Queue

I went ahead and cracked open the CHM file. It was made using Adobe RoboHelp. The first page (Autoruns_Help.htm) loads a JavaScript file (ehlpdhtm.js) that appears to provide compatibility for all major browsers that existed at the time of its creation (it's a big script at 123 KB) for some sort of popup display support (possibly unused in the Autoruns help file, but included since it was made with a help authoring tool). However, I haven't actually located what within the help file (presumably somewhere in the JavaScript file) is making a remote internet connection. Queue

@Fredledingue: A folder being set as read-only has no bearing to Windows (as far as write/delete-abiltiy goes). It probably means, under DOS, a rmdir won't work on that folder, but I'm not positive. In the case of Flash Drives, being able to defragment or not doesn't matter. There are likely third party defragmenters that don't care about the folder's attributes for defragmenting purposes. @Zoinkitty: Are you positive read-only needs to be set for the icon to work? When you say NT, do you mean literally Windows NT, or the NT line (2000, XP, Vista) in general? As far as I know I haven't been setting my folders as read-only (intentionally) on my Flash Drive, and have never seen the folder icons not work, but I've never used it on a Windows NT machine (only 98SE, ME, XP and Vista). Queue

People who like placebos.

This is silly, Flash players can and do buffer the video they play, meaning no matter how little bandwidth you have, if you simply start then pause the video and wait for a sufficient portion of it to download you can eventually watch it just fine. My only gripe is the lack of hardware acceleration in Flash players (which became less relevant as CPU power increased). PDFs are acceptable: there's nothing wrong with having a secure means of data storage that you can safely share. Of course it's not perfect (one can unlock a PDF file as long as it lacks a password to simply view it). They don't replace all other forms of documents, they just provide a secure one when it's needed. Flash itself has just been a vehicle to make websites more interactive and give an OPTION for the designers. Again, plenty of the internet DOESN'T use Flash; it's just another option, along with various iterations of HTML and... UGH Java. There's also Silverlight now; I guess ActiveX is there too for all its horribleness. Queue

Version 11.11 was the last version of ProcExp that worked, without modification, on Win9x. ExeVersion is capable of making all following versions work on Win9x. I don't have a download location for 11.11 since redistribution is against its EULA. Newer versions have at last some minor functionality additions that do work on Win9x, so a newer patched executable is my recommendation. Queue

Simply having a location that will automatically run an executable (or executable code of some sort) does not count as a vulnerability. By that definition, the fact that Windows can run arbitrary executables whatsoever would constitute a vulnerability. Yes, it is convenient that fewer such locations exist in Win9x, but that doesn't automatically count as an advantage or disadvantage, it's simply a difference. It's only convenient from the human perspective of knowing all those locations off the top of your head. On the computer's end, enumerating four or a dozen different locations is a negligible difference. A vulnerability would be a remotely triggerable execution of code, or execution of privileged code in a non-privileged environment. The latter isn't really an issue in Win9x since everything is privileged (some consider this a vulnerability, but it's simply by design), the former has occured in many iterations of all significant OSes. Queue

I've had great luck using http://www.steelbytes.com/?mid=47 to force newer versions of Sysinternals stuff work on Win9x. Newer versions of ProcExp even have more doodads that are functional on Win9x (namely a third graphed display). Queue

When you have to press the power button, has Windows totally locked up? Like you try and open the Start Menu but it never opens? Honestly, that sounds like what happens when a hard drive Windows is trying to read from loses power / spins down. Windows expects to eventually get the data it asked for so it waits until it does (which never happens) so it's effectively frozen. Anyhow, all I'm saying is you might want to check if you have a dying hard drive; that would explain slowness during file writes (installers extracting files to prepare for the installation) and Windows freezing. Queue

I grabbed the ''ExeVersion'' utility from here: http://www.msfn.org/board/index.php?s=&amp...st&p=791707 and used it on the newest version of AutoRuns and it seemed to restore functionality on Win9x. I mean, I haven't tested it thoroughly, but it starts up and lists stuff. I'm still holding on to my last official versions that work on Win9x anyway, but hot darnn, I wish I'd noticed ExeVersion sooner. Erm, obviously the OP knows of this utility, but I think it's still a viable comment. Queue

When making program interfaces, accouting for different font DPI settings is a headache/nightmare. An achemare if you will. =/ Honestly, accounting for any non-default window settings is very tough; any software I've made in the past decade's titlebar got shot to hell by Vista's titlebar changes. The wide buttons give far less space for the window's title text at the very least. Queue