ms said:
Bob, I've run SafeXP in W98Se several times in past, no problem. Now, something in
registry is reacting to it. The latest version actually crashed my machine.
I tested SafeXP tonight. (On w98. Claim of compatibility at its website.)
[TEST ONE. LAUNCH AND CLOSE ONLY]
I launched it, then closed it. I took no action at all. If it were safely
behaved, there should have been zero effect on my registry at that point.
Outside of writing to its own preferences key. However, its behavior proved
otherwise; completely irresponsible.
From this mere act of launch, without my having clicked a single button,
it wrote all over my registry.
It created a bunch of keys (empty keys) in weird places. Some 33 total
new keys on my system (outside of the legit ones of its own HKCU).
It created a bunch of new keys for software that is not on my machine.
For instance:
HKCU\Software\Microsoft\Office\10.0
HKLM\Software\Microsoft\Office\10.0\Outlook
HKLM\Software\Microsoft\Outlook Express
HKLM\Software\Microsoft\PCHealth
HKLM\Software\Policies\Microsoft\Messenger
It created a bunch of new keys for services that are also not applicable
to my system. For instance:
HKLM\System\CurrentControlSet\Control\LSA
HKLM\System\CurrentControlSet\Services\helpsvc
HKLM\System\CurrentControlSet\Services\LanmanWorkStation
HKLM\System\CurrentControlSet\Services\Messenger
HKLM\System\CurrentControlSet\Services\NetBT
HKLM\System\CurrentControlSet\Services\RDSessMgr
HKLM\System\CurrentControlSet\Services\W32Time
It even went in and deleted a value in my registry.
HKCU\Software\Microsoft\MediaPlayer\Preferences "SilentAcquisition"
Sure, by the looks of that value, it is something I'd want deleted.
However, the important point: no deletes at all in my registry should
not have happened without my request.
It had no business writing to my registry as it did, without request,
just upon launch, outside of its own keys.
[TEST TWO. RESTORAL ABILITIES]
I cleaned the slate, reverted my registry, started over. This time I
took one action. I chose the comand "Save Settings to File." This would
seem to serve the purpose of making a backup of one's settings prior to
it making any changes. The confirmation said:
"System state is saved for later possible restoration by creating
the file: \<path>\SafeXP.dat"
After that one save action, I closed it. It automatically created again
that same slew of wrong keys, consequence of merely launching it. Next
I opened it again. I chose the action "Restore Settings from File."
I pointed it at the SafeXP.dat file it had created at the beginning.
The message said:
"The checked values are restored from the file. Please Apply button
to take effect. \<path>\SafeXPdat."
I hit the Apply button. Then closed.
!!EXTREME CHANGES
Total of 39 new keys spewed all over my registry during this second test.
This time with 117 new values, and 27 changed values.
Some of these were total garbage, as before, applying to software and
services that are not part of my system.
Other values it created did apply to my system, with immediate consequence.
It went and changed things in major ways for MSIE, and for various internet
protocols; and for the explorer, including rewriting all my settings for
the menu items on my startmenu. In addition to it writing a number of new
values to revamp all my settings, there were a number of changes to existing
values.
This second area of change was heavily targeted within my internet zones.
Taking a quick glance of what it had done, the most striking thing I
noticed was how it had gone in and trashed my security settings for the
MSIE internet zone.
It had turned on Active Scripting. It had changed "download unsigned ActiveX
controls" from Disable to Prompt. It had changed "Script ActiveX controls"
from Disable to Enable. It did the same thing with "Run ActiveX controls
and plug-ins," hurled open that door. These were only a few of its many
unpleasant changes throughout my zone settings...
Then there was the matter of the subkeys and values it created under
services. Items such as these:
HKLM\System\CurrentControlSet\Services\NetBT\Parameters "SMBDeviceEnabled"
HKLM\System\CurrentControlSet\Services\RDSessMgr "Start"
HKLM\System\CurrentControlSet\Services\VxD\MSTCP "DeadGWDetect"
While it created those things out of its own brain, most of which do not
apply to my OS, their entry in that registry section concerned me. There
are many parts of the registry where I myself take action with comfort and
ease, editing and deleting, sections where experience has shown me there
will not be real harm. One major exception is in that \Services\ section.
Here I am very cautious, and rarely touch things. Particularly I get nervous
when VxDs or other unfamiliar low level device drivers are involved. I have
the overall feeling that Windows is extremely picky during bootup, about what
it reads there, and will have great trouble loading if you have certain types
of bad entries there....
This part of the test, I am not in the mood to take all the way. I am not
going to see if SafeXP's horrible garbage writes under my Services keys
have a damaging effect to the extent of Windows giving error messages (or
even failure), when it next tries to boot up.
So it is time to immediately restore. Save myself from the risk of problems
in booting up. That decision gives me the bonus now, as well, of not having
to deal with the other effects.
Such as my startmenu items totally changed (judging by the registry entries,
which would take effect upon next boot, it made significant change there.
It added in things that I don't use (example, "msie favorites on startmenu").
And it removed other things which I do need (example, "show logged-in user").
And there were other things that it wrote under the explorer restrictions
policies key, for which I do not even know the consequence; but do know I
don't want the hassle of hassling out dealing with whatever it may have
tried to disable in my interface.
Further bonus in immediate restoral from its damage. It will mean that
I can have my proper security zone settings back in place. Without all
the doors flung open, as it had done, to things like Active Scripting.
[TEST THREE. RECOMMENDED SETTINGS]
Test three would be this. "What happens when I run SafeXP and tell it to
make changes to my settings?"
How much does that even matter at this point? It has already very much
burned my system. Already proved that it cannot have a restore point of
original setttings. All this before I could even get to the single stage
of testing that /should/ been the only one with reportable results. That
stage of logging what happens when one does actually say to it,
"OK, yes, do your so-called tweaking."
Merely launching it had created wrong keys all over my registry.
And next, simply telling it to save my system settings, then restore those
same settings, that resulted in the most horrific disaster.
No test three from me. Time for TUN to save my computer from this hell, and
time for the "tweaker" program to go into the nuclear disposal bin.