Explorer Error Page fault

[Adock]

Hello,
I'm running Windows 98se, and Seamonkey Browser.

Sometimes when I right-click;I receive an Explorer error.
An example would be, a right-click to make a folder, also
cut and paste. When I close the error message box,
then the action is initiated.

When I click on the details, the following is displayed:

EXPLORER caused an invalid page fault in
module PSAPI.DLL at 0167:76bf10ea.
Registers:
EAX=00000103 CS=0167 EIP=76bf10ea EFLGS=00010206
EBX=8211c888 SS=016f ESP=0059e490 EBP=0059e654
ECX=82140248 DS=016f ESI=76bf0000 FS=23bf
EDX=76bf0000 ES=016f EDI=00000000 GS=0000
Bytes at CS:EIP:
f6 40 08 02 0f 85 33 09 00 00 b0 01 c2 0c 00 64
Stack dump:
bff7ddd6 76bf0000 00000001 00000000 00000000 76bf0000 8211c888 82156a6c 82156a48 82156a5c f340d4a0 00000000 0059e660 ffecbad7 0059e4f4 0059e4d8

Could you help me resolve this problem?

Thank you.

[Mario F.]

Well, psapi.dll is not part of windows 95/98. It's a windows NT file. psapi.dll - psapi.dll - DLL Information

Since this is a system file, I don't know how it was possible for it to get in there. It's almost certainly the indication of some malware that uses this file name as a disguise.

[MK27]

Hello,
I'm running Windows 98se, and Seamonkey Browser.

I'm assuming this problem has existed from the beginning; if it just started Mario F. is probably right, something got corrupted!!!!!

I used to use Seamonkey (under linux), it's a nice, simple, functional browser. But when I got a 64-bit system the build was broken and I gave it up. Although it's open source, the source does not have a stable release and trying to compile it yourself may require a degree

In my experience, most of the mozilla spinoffs seem to have issues. A web browser is one of the most complex pieces of software (if not the most complex) on a normal desktop, which is why there are only a few truly stable ones in widespread use.

So unfortunately, you are probably going to have to join the crowd and use firefox or (shudder) IE.

You could try:
http://www.seamonkey-project.org/community#groups
if this is some common bug or virus related they may already know.

[Sebastiani]

>> I'm running Windows 98se, and Seamonkey Browser.

FYI Windows 98 is a very insecure and unstable operating system. If I were you I would find a new one ASAP.

[Mario F.]

It's possible that they may be running a VM. I do have Win98 too and use it to test my code compatibility.

Ironically I find Windows 98 SE with the Unofficial Service Pack quite stable. It's also very secure provided one maintains a strict safe browsing routine. Most malware content doesn't target windows 9x for a long time and is likely to crash.

[brewbuck]

Stack dump:
bff7ddd6 76bf0000 00000001 00000000 00000000 76bf0000 8211c888 82156a6c 82156a48 82156a5c f340d4a0 00000000 0059e660 ffecbad7 0059e4f4 0059e4d8

That's a really weird looking stack dump. The second value, 76bf0000, seems to be a return address inside the psapi.dll module (compare it with the value of EIP -- same general area). The value immediately before it is clearly a stack base pointer. But if you look further up the stack, you find 76bf0000 again -- recursive call? That just happens to be on a page boundary? And the value before the second instance of 76bf0000 is 00000000 -- if the base pointer was valid for the recursive invocation, why is it 00000000 in the parent invocation?

Weird.

[Mario F.]

Could it be the other way around? Return address followed by frame pointer?

[Sebastiani]

>> Ironically I find Windows 98 SE with the Unofficial Service Pack quite stable. It's also very secure provided one maintains a strict safe browsing routine. Most malware content doesn't target windows 9x for a long time and is likely to crash.

It may seem to be on the surface but (like Win95) the address space of a process is completely exposed and quite simply cannot be secured. Likewise, direct access to hardware is allowed so there is no way to control access to the file system, modems, and so forth. And that's just the tip of the iceberg. Service pack or no, it's unsecure. Period. Not to mention it runs DOS at it's core. Need I say more?

[MK27]

IIt's also very secure provided one maintains a strict safe browsing routine.

I think that must be some kind of joke.

[Mario F.]

Nope. It's not. You may see it as you want, but we actually used to have this operating system in our machines and the world didn't end. We played games, we did our work, we surfed the web, and... we discussed how to keep windows 98 safe.

Certainly it's not as secure as more modern OSes. I'd be surprised if it was and I'm not going to argue over it. But in addition to the before mentioned unofficial service pack, a good firewall configured at port level (I personally use the excellent defunct TPF), accompanied by a passable anti-virus like ClamWin (which is the one I found to give me the least of troubles under windows 98), followed by a nice browser and responsible surfing habits makes Windows 98 pretty much a stable and secure operating system.

I'm yet to find a virus or have a crash (yes, I don't have a crash or have had to reinstall windows 98 for over an year) on my VM. Certainly I don't use it as a productive tool. It is mostly used just to test compiled executables or libraries. But you bet it has a lot of other software I keep and occasionally use for reasons of nostalgia. Particularly games.

[MK27]

Good points (you forgot "wear a condom"), but what made me laugh out loud in both cases was this idea:

responsible surfing habits

MS gets targeted, I think you kind of have to live with that.

[brewbuck]

Could it be the other way around? Return address followed by frame pointer?

Actually now that I look at it, bff7ddd6 is not 4-byte aligned, so it can't be a frame pointer. It is probably a pointer to an automatic variable somewhere on the stack. Not so weird-looking anymore.

[Sebastiani]

>> Certainly it's not as secure as more modern OSes. I'd be surprised if it was and I'm not going to argue over it. But in addition to the before mentioned unofficial service pack, a good firewall configured at port level (I personally use the excellent defunct TPF), accompanied by a passable anti-virus like ClamWin (which is the one I found to give me the least of troubles under windows 98), followed by a nice browser and responsible surfing habits makes Windows 98 pretty much a stable and secure operating system.

Well, to be sure, IE was probably one of the weakest links in the chain and accounted for a major portion of system compromises, so (coupled with a good firewall) using a different browser helps a *lot*. I just wanted to make it clear to the OP that the system they are using is DANGEROUS and has serious flaws that make it an undesirable system altogether. Hell, just opening an image file might install a rootkit on Windows 98! Furthermore, it doesn't even protect it's own system files, so a virus could easily install itself without detection. Starting with Windows 2000 (which all current Microsoft OS's are based on) the situation has changed quite dramatically (thanks in no small part to Dave Cutler, who insisted on redesigning the system from the ground up, and personally oversaw the implementation of virtually every major component) and now security (at it's core, at least) is not a major issue.