I use w32dasm to disassemble the kernel32.dll of win98, and see this:

Exported fn(): BackupRead - Ord:007Fh
Exported fn(): BackupWrite - Ord:0081h
Exported fn(): CallNamedPipeW - Ord:008Ah
Exported fn(): CreateFileW - Ord:00BCh
Exported fn(): CreateRemoteThread - Ord:00C8h
Exported fn(): FormatMessageW - Ord:012Eh
Exported fn(): GetNamedPipeHandleStateW - Ord:0190h
:BFFA9B8D 33C0 xor eax, eax
:BFFA9B8F B107 mov cl, 07
* Reference To: KERNEL32.Ordinal:0011
|
:BFFA9B91 E98377FCFF jmp BFF71319

I don't believe these export functions are the same, but why their address
are all 0xBFFA9B8D?
//thanks

Well, it could easily be an ugly hack. Note, that the function performs a jump, not a ret. Hence, it might later determine what function was actually called, without doing it straight away.
Don't think that's the case, tho. If it's kernel32 from 98, it shouldn't be using the xxxW api's unless memory serves me wrong. If they are not implemented, pointing them to the same dummy api wouldn't be out of the ordinary. That might be the same case with the other api's.

Fake

ye, that is our W9x.
that all functions are grouped togather because of same count of stack-params.
& that functions not works on w9x, so kernel32 will just restore stack
& jump back to caller.(also SetError mode)

but why i am all this writing
& why you are not researching yourself
& why not in newbie forum??

>but why i am all this writing
You want to help him

Now it's in the newbie forum.

Regards,