Jump to content

BS_RAM9X.EXE


ragnargd

Recommended Posts

Sirs,

today, while reinstalling my W98SE for the umphteens time, i googled around for fun, and found a link to a tool from 2008, programmed by a user Bernd "lamp2222" Stu., who claims to enable Windows to boot with > 512 MB Ram (even 4 GB).

It is called

BS_RAM9X.EXE

Descriptions are in german only, as far as i can see.

Does anyone have any experience with it?

The user was active on the internet for the last time at January this year, so perhaps, if the tool is any good, we might contact him directly...

Cheers,

Ragnar G.D.

Link to comment
Share on other sites


Sirs,

today, while reinstalling my W98SE for the umphteens time, i googled around for fun, and found a link to a tool from 2008, programmed by a user Bernd "lamp2222" Stu., who claims to enable Windows to boot with > 512 MB Ram (even 4 GB).

It is called

BS_RAM9X.EXE

Descriptions are in german only, as far as i can see.

Does anyone have any experience with it?

The user was active on the internet for the last time at January this year, so perhaps, if the tool is any good, we might contact him directly...

Cheers,

Ragnar G.D.

After running the documentation through Google translate, it appears that the program limits the available RAM that Windows can detect. The result is similar to what you get with MaxPhysPage.

Lamp2222 is a known pirate so I wouldn't trust a program like this.

He previously published a copy of BHDD31 is his own name using a Hacked Copy of my High Capacity Disk Patch instead of LLXX's Version.

I was able to get many websites to remove it but not all.

Although run from AUTOEXEC.BAT, it has a large Windows payload, and there are references to Polymorphism embedded in the Executable.

This would suggest a possible Virus.

Edited by rloew
Link to comment
Share on other sites

After running the documentation through Google translate, it appears that the program limits the available RAM that Windows can detect. The result is similar to what you get with MaxPhysPage.

That's what i read and understand also. I use himemx.exe, which does this via a commandline parameter - this way my W98SE sees 1 GB of 4GB RAM only, as well.

Lamp2222 is a known pirate so I wouldn't trust a program like this.

He previously published a copy of BHDD31 is his own name using a Hacked Copy of my High Capacity Disk Patch instead of LLXX's Version.

I was able to get many websites to remove it but not all.

This is interesting to know. So he hurt your commercial interest by pirating your software, you say. If he did so, and you can proove it, you are able to report him to the german police, as his name and location is easy to find out.

Although run from AUTOEXEC.BAT, it has a large Windows payload, and there are references to Polymorphism embedded in the Executable.

This would suggest a possible Virus.

This is a strong accusation, which suggests that you can identify malicious assembler code by looking at it, and have been training this skill for some time already.

...

So, then, you wouldn't mind if i cite you at www.heise.de/security forums, so that some colleagues of mine check the exe, just to make sure?

Link to comment
Share on other sites

After running the documentation through Google translate, it appears that the program limits the available RAM that Windows can detect. The result is similar to what you get with MaxPhysPage.

That's what i read and understand also. I use himemx.exe, which does this via a commandline parameter - this way my W98SE sees 1 GB of 4GB RAM only, as well.

This is why the program is of little value.

Lamp2222 is a known pirate so I wouldn't trust a program like this.

He previously published a copy of BHDD31 is his own name using a Hacked Copy of my High Capacity Disk Patch instead of LLXX's Version.

I was able to get many websites to remove it but not all.

This is interesting to know. So he hurt your commercial interest by pirating your software, you say. If he did so, and you can proove it, you are able to report him to the german police, as his name and location is easy to find out.

It's easy to prove, in the case of BHDD31 he left an obvious gap in the code that no one would have intentionally put there. I don't speak German and am not familiar with their Law Enforcement System, so I have yet to contact them.

Although run from AUTOEXEC.BAT, it has a large Windows payload, and there are references to Polymorphism embedded in the Executable.

This would suggest a possible Virus.

This is a strong accusation, which suggests that you can identify malicious assembler code by looking at it, and have been training this skill for some time already.

At this point, I am only suggesting the possibility. The large size and odd text strings are only suggestive.

...

So, then, you wouldn't mind if i cite you at www.heise.de/security forums, so that some colleagues of mine check the exe, just to make sure?

Good idea.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...