Jump to content

SP 2.0 RC3


Recommended Posts

Does anyone know how to get the original Windows 98 logo that is inside IO.SYS? I'd like to modify it for Czech localization of SP 2.0 but I don't know how to extract it. I googled only the message:

One thing you can do Ben, is edit IO.SYS and embed your own logo file in there. Some people will probably not advise it, but the bitmap data is easy to recognize, rip out and replace.

I can remove standard logo from IO.SYS, not add. It is packed with some proprietary algorithm, i'm not so good in compression.

Link to comment
Share on other sites


Hi Gape,

I think it is not very good idea to put into the registry the information that the patch was appied even if it was not. Just an example. If I install Windows without Hyperterminal, SP 2.0 will not copy the files from Hyperterminal 5.0 update, but will write into the registry

HKLM,"%InstalledComp%\{89c3e20c-abeb-445b-a617-cd73f847d1ef}",,,"Windows 98 Q274548 Update"

HKLM,"%InstalledComp%\{89c3e20c-abeb-445b-a617-cd73f847d1ef}","IsInstalled",0x10001,01,00,00,00

HKLM,"%InstalledComp%\{89c3e20c-abeb-445b-a617-cd73f847d1ef}","Locale",,"%LANG%"

HKLM,"%InstalledComp%\{89c3e20c-abeb-445b-a617-cd73f847d1ef}","Version",,"%VERSION%"

So if I install Hyperterminal later, Windoes Update will think that the update is already installed - but I will have old vulnerable files on the disk.

Or no?

I'd also think again about qfe check, it would be good to see if all updated files are still in the place and correct versions. It is possible either to add all entries and ignore all missing files, or selectively add only entries for existing files. But it si the same problem as with entries for MSINFO32/Windows Update.

And question not related to SP 2.0 - does anybody knows, why in localized (at least Czech) Windows the font in QFECheck is too wide? Is there any way how to correct this problem? Here is the comparison: http://www.code.cz/x/qfecheck.html

Petr

Link to comment
Share on other sites

Hi Gape, some hotfixes seems to be questionable - Microsoft removed them from the Knowledgebase. Do you have any idea what could be the reason? Isn't possible that there was discovered some problem with them? This is the list:

Q243320

Q268064

Q269601

Q272621

Q280448

Q288550

It wouldn't be good to have unreliable hotfixes in SESP2.0.

Petr

Link to comment
Share on other sites

Some files are changed for the next version:

Files from Windows 2000 SP4
REGSVR32.EXE

Files from Windows XP SP2
EXTRAC32.EXE
RICHED20.DLL

Files from Microsoft Installer 2.0

CABINET32.DLL 5.00.2147.1

SHFOLDER.DLL  5.00.2919.200

They seems to be installed twice, as a part of INSTMSIA.EXE and also separately.

I keep them in the SP2.CAB for semi-slipstreaming support. But maybe installing twice is not necessary.
BTW, what is the right version of EXPLORER.EXE? Both IE 5.5 SP2 and IE 6.0 SP1 contain version 4.72.3612.1700, but I still have original 4.72.3110.1 version on my system, even though I have IE 6.0 SP1 installed? And SP 2.0 contains this patched version only.

The latest version is 4.72.3612.1700, and IE 6.0 SP1 doesn't contain it. But IE 5.01 SP2, and Office 2000 has it, and installs it.

Any other change?
No. you've listed all changes properly for EXPLORER.EXE, SHELL32.DLL and NOTEPAD.EXE.
Maybe I'd add Ctrl-W for for "Word Wrap" and Ctrl-Q for "Exit".

Nice idea.

But why to have this patch in this SP for SE?
Regedit fix was strongly recommended by MGDx. But because of your examination, it looks like it is not necessary.
One question to changed icons. Is it OK to change the order of size within one ICON?

IMHO, the order is not important.

The last question - why two files are distributed already patched, and for two files there is a patch only?
I haven't found a good and free patching tool.
I think it is not very good idea to put into the registry the information that the patch was appied even if it was not.

So if I install Hyperterminal later, Windoes Update will think that the update is already installed - but I will have old vulnerable files on the disk.

Or no?

Because of preserving mechanism, it's not a bad idea. Search the forum for more information about the preserving.

I have kept some (not ALL) msinfo32 registry information for the Windows Update. Maybe to add ALL msinfo32/qfecheck information is better, but I can add them only for the next future version (2.1).

Q269601

It wouldn't be good to have unreliable hotfixes in SESP2.0.

No, generally they're very important updates. For example, 269601 is necessary for supporting AC3/DTS properly.

We have found them from other sources (for example, IBM, Toshiba, HP.. etc.) I think Microsoft doesn't want to support them directly.

Link to comment
Share on other sites

@Tihiy, Petr:

It looks like to create ResPatcher with Restorator is free for non-commercial products. But the trial version doesn't contain ResPatcher function. Do you know anything about this problem?

Link to comment
Share on other sites

@Tihiy, Petr:

It looks like to create ResPatcher with Restorator is free for non-commercial products. But the trial version doesn't contain ResPatcher function. Do you know anything about this problem?

I have purchased full version, so I can make ResPatcher files.

But what's wrong with Win32FilePatcher - http://www.skybound.nl/products/apps/ - that is used at present?

Petr

Link to comment
Share on other sites

@simon109s

I'm almost sure that it is a driver issue.

Boot in safe mode. Go to the Control Panel, delete all listed Nvidia Drivers.

Also look for any device which is listed twice. If you find any twice listed device, delete one of them. Reboot, and let the Windows detect your Nvidia card.

Areyou installed your AGP drivers properly?

@all

I want to ask that what do you think about 891711? We have two different fixes, Tihiy's and Microsoft's. As a programmer I think Tihiy's work is better. I didn't understand that why Microsoft did solve it with additional files, and an additional background file (KB891711.EXE).

BUT DO NOT INCLUDE TIHIY'S VERSION IN YOUR SP, GAPE!!!

Besides, Tihiy's solution to me is just a temporary solution until Microsoft finally posted a revision to the 891711 fixes.

Installing both 891711 fixes (both Tihiy's and MS's) is a VERY BAD IDEA! Microsoft had posted an updated version of their 891711 security patches at Windows Update earlier this month. So before installing the revised 891711 update for Win98, UNINSTALL Tihiy's unofficial 891711 fix first. Then apply the newly revised 891711 fix from MS.

Hey, maybe MS could not implement the 891711 fixes in the user.exe/user32.dll files for Win98/ME and that's why the fixes require additional files.

BTW, note to MDGx, if you have not received the Q270063 ndis.vxd from Gape yet, forget it. I will ask MS for the Q329128 hotfixes for Win98 and WinME which have newer ndis.vxd, pppmac.vxd & vip.386 files and will send you & gape Q329128 when I get them.

Link to comment
Share on other sites

BUT DO NOT INCLUDE TIHIY'S VERSION IN YOUR SP, GAPE!!!
Don't include any.
Tihiy's solution to me is just a temporary solution
Installing both 891711 fixes (both Tihiy's and MS's) is a VERY BAD IDEA!

Hm... Why?

Link to comment
Share on other sites

BUT DO NOT INCLUDE TIHIY'S VERSION IN YOUR SP, GAPE!!!

Installing both 891711 fixes (both Tihiy's and MS's) is a VERY BAD IDEA!

Hey, maybe MS could not implement the 891711 fixes in the user.exe/user32.dll files for Win98/ME and that's why the fixes require additional files.

They have lost Win98 code. :D

erpdude8, maybe you're right. (There's no need to scream). But coders like Tihiy should be encouraged. Microsoft are not supporting Win98 well now, they will also stop Win98 support totally someday, and we always need coders like Tihiy and Petr.

In fact, SP 2.0 final will probably contain Microsoft's 891711 fix only, but the reasons to add Microsoft's revised fix are "working OK", "official", and "its compatibility of possible future updates from Microsoft" like ssmokee said.

Anyway, thanks so much for your efforts, Tihiy. :)

Link to comment
Share on other sites

I agree with Gape on this, more programmers = less probs because they look at it from diff angle & can see possibilities & prob. Tihiy keep it up your doin great :) Petr you too. I'm using Tihiy's 891711 and have no prob with it. I'm not a programmer, just an end user trying to learn something to better my puter, I understand hardware better than software :D

Link to comment
Share on other sites

I have tried the Microsoft's 891711 version 2.0, and it works fine(they finally fixed it), but it loads KB891711.exe at startup, and Tihiy's doesn't load any file at startup, so i decided to use his version, as I don't like having any extra services/programs running in the background using MY RESOURCES!!!!

This are the only things running in my system:

c:\windows\system\kernel32.dll

c:\windows\system\msgsrv32.exe

c:\windows\system\mprexe.exe

c:\windows\explorer.exe

c:\windows\system\systray.exe

c:\program files\xxxxxxxxxxxx\eset\nod32krn.exe

c:\program files\xxxxxxxxxxxx\kerio\personal firewall\persfw.exe

c:\program files\xxxxxxxxxxxx\eset\nod32kui.exe

Plus it seems that Tihiy's does the job!

The only problem is that it doesn't appear in Add/Remove programs(He should fix this, or provide manual intructions 4 removal)

Link to comment
Share on other sites

mamas6667

If you look at the Dlls that are now in your system you'll see that there is a new one Ti891711.dll. It is probably permanently loaded by the OS though invisible from a too simple process viewer. How can you know, as you haven't measured anything, that it consumes less ressources than the MS files ?

I would like to test the vulnerability myself. As you say that Tihy's does the job, I assume you know what to do to test it. Could you explain me what I must do ?

Link to comment
Share on other sites

mamas6667

I would like to test the vulnerability myself. As you say that Tihy's does the job, I assume you know what to do to test it. Could you explain me what I must do ?

To test if it works and you are protected:

download http://www.xfocus.net/flashsky/icoExp/loadimage.ico test exploit

(it can't damage anything; for educational purposes only)

rename it. rename it. rename it. every time you rename it you should hear a "click" or "beep" sound.

Link to comment
Share on other sites

They have lost Win98 code. :D

erpdude8, maybe you're right. (There's no need to scream). But coders like Tihiy should be encouraged. Microsoft are not supporting Win98 well now, they will also stop Win98 support totally someday, and we always need coders like Tihiy and Petr.

In fact, SP 2.0 final will probably contain Microsoft's 891711 fix only, but the reasons to add Microsoft's revised fix are "working OK", "official", and "its compatibility of possible future updates from Microsoft" like ssmokee said.

Anyway, thanks so much for your efforts, Tihiy. :)

Sorry for acting up last time. But let's get one thing straight. I do NOT hate Tihiy's solution to the 891711 security problems (in fact I like it). And it was a nice idea to modify the user.exe/user32.dll files 'til MS posted the newer security patches. I did not expect Microsoft to release V2 of the 891711 updates for Win98/ME so soon. But like I said before, Tihiy's way is unofficial while Microsoft's way is official and I prefer to stick with using official solutions to resolving ALL the security issues of Win98/ME. I will give Tihiy's solution a try sometime this week on an older PC with Win98.

perhaps we should ask the Microsoft QFE [quick fix engineering] team why they chose to use the kb891711.exe & q891711.dll files instead of patching the user.exe & user32.dll files for Win98 & WinME to fix the 891711 security bugs.

Hoping for big things in May such as Spybot S&D 1.4 (which is currently in RC2) and the final release of SP 2.0 for Win98 SE. I'll be occupied with beta testing Spybot 1.4 RC for a few weeks until it reaches the final stage.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...