[erpdude8]

Quote

KB891711:
http://www.mdgx.com/web.htm#W98
* Unofficial Windows 98/98 SP1 Animated Cursor (.ANI) + Icon Handling USER32.DLL + USER.EXE 4.10.2003 Security Vulnerability Fix:
http://www.mdgx.com/files/q891711.php
Direct download [419 KB]:
http://www.mdgx.com/files/KB891711.EXE
This Fix replaces ALL PREVIOUS Microsoft MS07-017 (Q925902):
http://www.microsoft...n/ms07-017.mspx
MS05-002 (Q891711):
http://www.microsoft...n/ms05-002.mspx
+ unofficial (U891711) Animated Cursor (.ANI) + Icon Handling Security Vulnerabilities Fixes, which are now OBSOLETE!
Q891711 + U891711 MSFN forum:
http://www.msfn.org/...showtopic=58780
STRONGLY RECOMMENDED: KB891711 provides the BEST Fix!

I may consider dropping the user.exe/user32.dll v4.10.2003 files from the next release of the unofficial Win98 FE SP since it can cause problems with Tihiy's RP pack. And I'll restore the kb891711.exe & q8917111.dll files as well.

Quote

I see the inf has the infamous ,,,4 parameter for the included files. Incidentally I have (better said, had) USP10.dll v1.0471.4030.0 installed prior to this upgrade and I had noticed no visible issues. After the upgrade I forcibly got the lower-versioned file.

Where the heck did you get v1.0471.4030.0 of the usp10.dll file, Drugwash? That's what I'm more worried about.

This post has been edited by erpdude8: 05 October 2007 - 04:50 PM

[erpdude8]

Drugwash, on Sep 28 2007, 09:07 AM, said:

Also, as reported some time ago in some other thread around, this version of riched20.dll has issues with bad words underlining in Miranda IM's spellchecker (based on Hunspell), reason why I had been using riched20.dll v5.30.23.1221. Is there still no better version that'd be worth using instead of this one?[/size][/font][/size][/font]

Version 5.40.11.2220 of riched20.dll is featured in the Office XP post-SP3 MS07-013 security update.
Version 5.30.23.1221 of riched20.dll is prone to security flaws mentioned in security bulletin MS07-013. Replace it with version 5.30.23.1227 which I have for my Office 2000 suite.

Newer Root Certificates update (revised August 23, 2007); file size 281kb:
http://www.msfn.org/board/ipb_seo.php?url=...%2Frootsupd.exe

This post has been edited by erpdude8: 05 October 2007 - 04:49 PM

[Drugwash]

To be honest, I can't remember where I got that usp10.dll version from. I don't quite keep an evidence on sources; all I'm interested in is the final result.
Here's the full info on it:

C:\WINDOWS\SYSTEM\usp10.dll
on Microsoft Windows 98 SE version 4.10

File Version Information : 
Version language : English (United States)
CompanyName : Microsoft Corporation
FileDescription : Uniscribe Unicode script processor
FileVersion : 1.0471.4030.0 (main.030626-1414)
InternalName : Uniscribe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Uniscribe
ProductName : Microsoft(R) Uniscribe Unicode script processor
ProductVersion : 1.0471.4030.0
Last Modif. Date : 06/27/2003 08:18:32 
Last Access Date : 10/06/2007 00:00:00 
FileSize : 413184 bytes ( 403.500 KB, 0.394 MB ) 
FileVersionInfoSize : 940 bytes 
File type : Dynamic Link Library (0x2) 
Target OS : Win32 API (Windows NT) (0x40004) 
File/Product version : 1.471.4030.0 / 1.471.4030.0
Language : English (United States) (0x409) 
Character Set : 1200 (ANSI - Unicode (BMP of ISO 10646)) (0x4B0) 
Build Information : 
Debug Version : no 
Patched Version : no 
Prerelease Version : no 
Private Version : no 
Special Build : no

I'm positive I don't have riched20.dll 5.30.23.1227 around, otherwise I would've already had it installed. Frankly, I'd rather use one of the 5.50 versions - because of the link color fix - but those seem to have some issues of their own. This has been discussed at large some time ago.

This post has been edited by Drugwash: 05 October 2007 - 06:59 PM

[dencorso]

Drugwash, on Sep 28 2007, 11:07 AM, said:

I see the inf has the infamous ,,,4 parameter for the included files. Incidentally I have (better said, had) USP10.dll v1.0471.4030.0[/b] installed prior to this upgrade and I had noticed no visible issues. After the upgrade I forcibly got the lower-versioned file.
Question: is this version matching required? Otherwise, why is the ,,,4 parameter used for all files in the package?

Hi, Drugwash!
Since everybody here clearly understands .INFs better than I do, I'll just take this opportunity to ask, before I die of unsated curiousity: what do the ,,4 and ,,,4 flags mean, please? Thanks in advance and best wishes!

This post has been edited by dencorso: 05 October 2007 - 07:18 PM

[Drugwash]

Ah, I'm not a specialist either - just catching some things on the fly.
As far as I understand, that parameter is used to force installation even over an existing higher build number of a file.
It should be used - at least theoretically - only when certain files strictly depend on other certain versions and mismatching would lead to unpredictable results.

[Max_04]

@ Mdgx:

I sended you an email.

[dencorso]

Drugwash, on Oct 5 2007, 10:24 PM, said:

[...]As far as I understand, that parameter is used to force installation even over an existing higher build number of a file.[...]

Thanks, Drugwash. You rock!

Added text 9th October 2007 - 04:25 AM:
Thanks for the links in you post below this one, soporific! They sure help a lot. You do rock too!

This post has been edited by dencorso: 09 October 2007 - 01:29 AM

[soporific]

dencorso, on Oct 6 2007, 11:16 AM, said:

Since everybody here clearly understands .INFs better than I do, I'll just take this opportunity to ask, before I die of unsated curiousity: what do the ,,4 and ,,,4 flags mean, please? Thanks in advance and best wishes!

here's a link that explains all:
http://soporific.dsl...ds/copyfile.htm

i got it from the INF guide that MDGx keeps a copy of at this location:
http://www.mdgx.com/...web/INF_WEB.ZIP

[Fredledingue]

K891711 (or Q891711) IS EXTREMELY DANGEROUS: DO NOT USE IT

For the second time (same problem as with the previous version 2 months ago) my computer was unable to restart and I had to reinstall windows.
It said "unable to load user.exe" then shut down in 1/10th of a second. Clack! (You know, the sound when the PC power is turned off). I didn't have the possibility to restart it! ===> Boot Floppy time!

MDCx: Please remove it from your list!!

[Drugwash]

Dunno what your problem is, but I just installed it (twice: installed, uninstalled while trying to fix some unrelated problem and reinstalled) recently and I had/have absolutely no such issues. Well, there may be problems with resources dropping quite fast, but that's something else and could be caused by any other factors as well, such as gdi.exe/gdi32.dll (updated to 4.90.3003).

Please check any possible resident/BIOS anti-virus or other applications that may block operations on system files. Or maybe some strange boot-up configuraton...

You may ask MDGx to create a debug version that'd create a log of the operations performed during install, so you could find where (and possibly why) it breaks.

[RetroOS]

Fredledingue, on Oct 13 2007, 10:46 AM, said:

K891711 (or Q891711) IS EXTREMELY DANGEROUS: DO NOT USE IT

For the second time (same problem as with the previous version 2 months ago) my computer was unable to restart and I had to reinstall windows.
It said "unable to load user.exe" then shut down in 1/10th of a second. Clack! (You know, the sound when the PC power is turned off). I didn't have the possibility to restart it! ===> Boot Floppy time!

Fredledingue,
See this post.

[Fredledingue]

RetroOs,

I guarantee you that I installed the last september version because I remeber having read the "removed the ",,4" + ",,,4" strings " stuff before installing it: I always save all the notes posted by MDGx and save them in text files with the same name as that of the updates. Then I read each note before applying each update.

It has nothing to do with Revolution Pack because I never installed this pack on my computer.
There is a problem obviousely not related with RP.

Anyway, I don't want to hear about "explanation" or "cause that might be": What I see is that my PC crashed and destroyed my system twice already.
I have applied dozens of patches and upgrade packs, yet this is the only one which I have got troubles with.
I couldn't compare 100 computers on this patch, but I have compared 100 patches on this computer. And this patch has something realy scary in it. If it was a "very special boot up configuration", I would have had this problem more often than only when applying this patch, isn't it?

Given the seriouseness of the computer crash, it's safe to quarantine this update to the Dangerous category.
Despite the fact that others have installed it without problem. It's not like you get a temporary BSDO and then you go in safe mode:No, You just can't turn your computer on! Can you imagine that? Clack! Suddenly the machine is off as if someone pulled the power cable off the case. I NEVER have seen this effect on a PC ever.
Without a bootable floppy and some DOS knowledge I was toast. Imagine it's a newbie...

IMVHO, it should be removed from the list until it's packed into a decent installer.

[eidenk]

Fredledingue, on Oct 12 2007, 05:28 PM, said:

RetroOs,

I guarantee you that I installed the last september version because I remeber having read the "removed the ",,4" + ",,,4" strings " stuff before installing it: I always save all the notes posted by MDGx and save them in text files with the same name as that of the updates. Then I read each note before applying each update.

It has nothing to do with Revolution Pack because I never installed this pack on my computer.
There is a problem obviousely not related with RP.

Anyway, I don't want to hear about "explanation" or "cause that might be": What I see is that my PC crashed and destroyed my system twice already.
I have applied dozens of patches and upgrade packs, yet this is the only one which I have got troubles with.
I couldn't compare 100 computers on this patch, but I have compared 100 patches on this computer. And this patch has something realy scary in it. If it was a "very special boot up configuration", I would have had this problem more often than only when applying this patch, isn't it?

Given the seriouseness of the computer crash, it's safe to quarantine this update to the Dangerous category.
Despite the fact that others have installed it without problem. It's not like you get a temporary BSDO and then you go in safe mode:No, You just can't turn your computer on! Can you imagine that? Clack! Suddenly the machine is off as if someone pulled the power cable off the case. I NEVER have seen this effect on a PC ever.
Without a bootable floppy and some DOS knowledge I was toast. Imagine it's a newbie...

IMVHO, it should be removed from the list until it's packed into a decent installer.

I don't see how this patch could screw your system to the point you report. But maybe we are not speaking about the same thing as you haven't provided a link to the installer you claim creates such problems, if I am not mistaken.

This post has been edited by eidenk: 12 October 2007 - 06:01 PM

[Fredledingue]

Nor do I. But it did: user.exe was absent from my system at the time I rebooted with the floppy disk and user.dll probably too. Amd the computer turned itself the power off as i described above.
I didn't dream it (pinching myself to check ).

[Fredledingue]

Here is the link of the file in question:
- USER32.DLL + USER.EXE Fix [419 KB, English]:
http://www.mdgx.com/files/Q891711.EXE

Here are MDGx's comment on this patch:

"MDGx" said:

Q891711, Q891711F + Q891711I:
http://www.mdgx.com/web.htm#9SU
English Fix only:
Removed ",,,4" + ",,4" strings from INF CopyFiles + RenFiles sections.
Added warning to *not* install this Fix if already installed RP:
* Unofficial Windows 98 SE Animated Cursor (.ANI) + Icon Handling USER32.DLL + USER.EXE 4.10.2233 Security Vulnerability Fix

A few months ago MDGx wrote about previous versions of this patch:

"MCGx" said:

EXTREMELY IMPORTANT:
You MUST REBOOT at END of INSTALL for this Fix to complete properly!
Do NOT install this Fix MORE THAN ONCE WITHOUT REBOOTING AFTER FIRST INSTALL!
IF you ALREADY installed this Fix ONLY ONCE, BUT have NOT YET REBOOTED [which
would complete the install properly], you MUST REBOOT IMMEDIATELY, otherwise
Windows will LOCK UP!
IF you ALREADY installed this Fix MORE THAN ONCE, BUT have NOT REBOOTED AFTER
FIRST INSTALL OR BETWEEN INSTALLS [which would complete the install properly],
you MUST UNINSTALL it [see the "UNINSTALL" chapter below] BEFORE trying to
REinstall it again, otherwise Windows will LOCK UP!

The author of this fix prefers to remain anonymous.

===> But this was not my case: I launched the patch only once.

[noguru]

Fredledingue, what language version Win98 do you use? I had the same. At least you're not alone.

I rebooted immediatly after install but still. No RP installed, no exotic boot-config.
This has happened with my system with the gdi.exe/gdi32.dll update too! I blew another win98se machine with the shell32.dll fix.Somewhere the installer is going very wrong, because there are no files copied. But the originals are renamed to .98o and there you go...
Both these machines have a Dutch win98se and all these files have in common that they are kernel-system files.
I always install English fixes on my Dutch system without serious issues except for these cases. But nobody ever recommended this, I blame myself.

The blown systems can easily be fixed by extracting the files manually from the installer (the files themselves work fine) and copy them to \windir\system\ in real DOS. I learnt my lesson and will have them ready before trying to install the normal way.

Sure it would be great if this could be solved in future fixes, but we can't expect the creator of the fixes to test lots of different system-configurations let alone all.

[soporific]

OK, i've been on the receiving end of some USER.EXE, USER32.DLL and EXPLORER.EXE muckups quite a few times and it really is the simplest thing to fix if you know what's going on when this happens. Yes it p***es me off no end when it happens, but, again, it is the easiest thing to fix. For me. But what about others?

I think its high time the "keep Windows 98 alive" crew, which is most of us regular posters in the "Unofficial Win98 SE Service Pack" section of MSFN, create an automatic hotfix solution to fix all those caught up in the maelstrom of our system patching activities. I'm specifically talking about the USER*.* issues. Not everyone who takes a punt by installing these updates knows what to do when it all stops working, especially the problem that stops the OS from even loading. If this is your only connection to the internet, its highly inconvenient to get a fix for the problem by the usual way of asking for help online.

I know the REAL solution would be to create hotfixes that don't muck a system up, but the real world shows us its still possible. And when the solution is so easy i think its high time we provided one for the community.

So who wants the kudos for getting this fix together? I have some ideas if someone wants to help out...

[RetroOS]

I think an easy fix option is a great idea.
Exactly how this would be assembled is something to discuss.
Perhaps a separate thread?

However, I think there may be some issue that is some times appearing with the update installers.
I had a problem some weeks ago with the OLEUP update where it did not replace the files on reboot and left them missing.
See my post here. Also this post.
Maybe a recent update has caused problems with IExpress installers in some cases?
Something to look into.

MDGx: Any comments?

[eidenk]

Fredledingue, on Oct 12 2007, 06:13 PM, said:

Here is the link of the file in question:
- USER32.DLL + USER.EXE Fix [419 KB, English]:
http://www.mdgx.com/files/Q891711.EXE

Well I have installed this patch in a virtual machine and there is nothing wrong with it. According to me it CANNOT do what you claim it does (the computer turned itself the power off).

Here is the inf file of this patch :

; Unofficial Windows 98/98 SE/ME U891711 Fix
[Version]
Signature=$CHICAGO$
AdvancedINF=2.0
[DefaultInstall]
AddReg=2R
CopyFiles=2I,2S
RunPostSetupCommands=2N
Reboot=1
[2N]
"NOTEPAD.EXE %11%\KB891711\U891711.TXT"
[DefaultUninstall]
DelReg=2R
DelFiles=2I,2S
DelDirs=2D
UpdateInis=2X
Reboot=1
[DestinationDirs]
2X=10
2I=17
2S=11,KB891711
[2I]
U891711.INF
[2S]
Q891711.DLL
KB891711.EXE
U891711.TXT
[2R]
HKLM,"Software\Microsoft\Windows\CurrentVersion\RunServices","U891711",,%11%\KB891711\KB891711.EXE"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Uninstall\U891711",,,
HKLM,"Software\Microsoft\Windows\CurrentVersion\Uninstall\U891711",DisplayName,,"· Uninstall Unofficial Windows 98/98 SE/ME U891711 Fix"
HKLM,"Software\Microsoft\Windows\CurrentVersion\Uninstall\U891711",UninstallString,,"RUNDLL32.EXE %11%\ADVPACK.DLL,LaunchINFSection %17%\U891711.INF,DefaultUninstall"
[2D]
"%11%\KB891711"
[2X]
WININIT.INI,Rename,,"DIRNUL=%11%\KB891711"
[SourceDisksNames]
1=,,0

It is meant to backup (used for uninstall) and replace user.exe and user32.dll and it works as expected :

First stage of the install copies the patched versions of user.exe (as user.001) and user32.dll (as user32.001) to the system dir :



And creates a wininit.ini file in which we can see that on the next reboot the original files are going to be backed up as user.098 and user32.098 before being replaced by the new versions :



And thist is exactly what it does. System check after reboot :



You can see that the original files have appeared and have been replaced by the patched ones.

No can you please tell me what in this installer, if it would fail for a reason or another, would yeld the symptoms you report ?

According to me it CANNOT yeld all the symptoms you report. It is impossible.

Quote

Here are MDGx's comment on this patch:

Quote

"MDGx" said:

Q891711, Q891711F + Q891711I:
http://www.mdgx.com/web.htm#9SU
English Fix only:
Removed ",,,4" + ",,4" strings from INF CopyFiles + RenFiles sections.
Added warning to *not* install this Fix if already installed RP:
* Unofficial Windows 98 SE Animated Cursor (.ANI) + Icon Handling USER32.DLL + USER.EXE 4.10.2233 Security Vulnerability Fix

OK there is a warning it is incompatible with RP.

A few months ago MDGx wrote about previous versions of this patch:

"MCGx" said:

EXTREMELY IMPORTANT:
You MUST REBOOT at END of INSTALL for this Fix to complete properly!
Do NOT install this Fix MORE THAN ONCE WITHOUT REBOOTING AFTER FIRST INSTALL!
IF you ALREADY installed this Fix ONLY ONCE, BUT have NOT YET REBOOTED [which
would complete the install properly], you MUST REBOOT IMMEDIATELY, otherwise
Windows will LOCK UP!
IF you ALREADY installed this Fix MORE THAN ONCE, BUT have NOT REBOOTED AFTER
FIRST INSTALL OR BETWEEN INSTALLS [which would complete the install properly],
you MUST UNINSTALL it [see the "UNINSTALL" chapter below] BEFORE trying to
REinstall it again, otherwise Windows will LOCK UP!

With all respect due to MDGx, most of those warnings are plain nonsense IMO, especially the first one :

Indeed, the first phase of install consist only into copying two files (+ an inf file to the inf folder) and creating a wininit.ini file so that user.exe and user32.dll can be backed up and replaced on reboot. There is no risk of any lock up whatsoever here.

The second warning makes more sense as reinstalling the patch without having uninstalled it first will lead to have back up files for uninstall that are not the original ones but the patched ones as well. No risks of lockup either here.

Quote

===> But this was not my case: I launched the patch only once.

Frankly, with no pun intended, your apparent lack of grasp of the most basic mechanisms of Windows is sometimes appaling.

Especially when considering the fact that you appear to be an experienced user who even writes complex VB scripts for checking system integrity.

[Fredledingue]

From what I have read above the problem is with the wininit.ini file.

Either wininit.ini is not executed at all
Either wininit.ini execute at a later stage when user.exe is already needed by the system
Either wininit.ini wasn't written correctly by the installer.

Eidenk
It's not because a code is written, as simple as it can be, that it will always be executed as intended. There is only a relatevely high probability that the code will be executed and this probability is never 100%. Not because of the coder but because of computer imprecision, unpredictability and unknowns.
The only reason why you think that it's impossible that it's not executed properly as verified in your test, is that you ignore these concepts.

I didn't mean to offend the anonimous. I imagine that he has tested his patch before and didn't see any possible error.
Now the goal is find out the unkown and the unpredictable in order to fix it.

noguru
Thanks for sharing your experience with us. My version is english.
So I don't think it's language version issue.

RetroOs,
I also had an issue with OLEUP in the past but thanks to MDGx's infos, I could solve the problem.
The effect of the wrong install with OLEUP was not even remotely as scary as with *891711.