A Windows 98 & ME forum. Win98banter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » Win98banter forum » Windows ME » General
Site Map Home Authors List Search Today's Posts Mark Forums Read Web Partners

End Of Support For avast! 4.8



 
 
Thread Tools Display Modes
  #1  
Old March 6th 10, 09:06 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
MEB[_17_]
External Usenet User
 
Posts: 1,830
Default End Of Support For avast! 4.8

On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.


Right.


OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.


Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.


I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).


Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!


Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
  #2  
Old March 6th 10, 05:58 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
webster72n
External Usenet User
 
Posts: 1,526
Default End Of Support For avast! 4.8

Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.


OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.


I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).


Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!


Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---


  #3  
Old March 6th 10, 06:42 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
MEB[_17_]
External Usenet User
 
Posts: 1,830
Default End Of Support For avast! 4.8

On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?
Do you run packet sniffing software EVERY TIME you connect to the Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?

OH, and yeah, that IS why I became infected by LOOKING for this
activity; that WAS the point; how do you think most of these things are
discovered, monitored, traced, tracked, and the parties involved brought
to justice or some protection erected against these things?
What? Is it magic, speculation, pure guess???



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).


Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!


Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
  #4  
Old March 6th 10, 08:14 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
webster72n
External Usenet User
 
Posts: 1,526
Default End Of Support For avast! 4.8



"MEB" wrote in message
...
On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?


Wouldn't you be talking about 'spyware' then?
If so, I am fine, as my 'detectives' are telling me.
But any other 'malware' is also well taken care of.

Do you run packet sniffing software EVERY TIME you connect to the
Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?


may be not skilled enough in your sense, but nevertheless enough for my
needs. My Windows ME and Vista are doing just grand, thank you.
H.


OH, and yeah, that IS why I became infected by LOOKING for this
activity; that WAS the point; how do you think most of these things are
discovered, monitored, traced, tracked, and the parties involved brought
to justice or some protection erected against these things?
What? Is it magic, speculation, pure guess???



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention
of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---


  #5  
Old March 6th 10, 08:55 PM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
MEB[_17_]
External Usenet User
 
Posts: 1,830
Default End Of Support For avast! 4.8

On 03/06/2010 02:14 PM, webster72n wrote:


"MEB" wrote in message
...
On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?


Wouldn't you be talking about 'spyware' then?
If so, I am fine, as my 'detectives' are telling me.
But any other 'malware' is also well taken care of.

Do you run packet sniffing software EVERY TIME you connect to the
Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?


may be not skilled enough in your sense, but nevertheless enough for my
needs. My Windows ME and Vista are doing just grand, thank you. H.


Happy to hear that. Do the best you can, that's really all you can do
presently; stay informed and try...



OH, and yeah, that IS why I became infected by LOOKING for this
activity; that WAS the point; how do you think most of these things are
discovered, monitored, traced, tracked, and the parties involved brought
to justice or some protection erected against these things?
What? Is it magic, speculation, pure guess???



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble
then
for protection! What a pity! Can you ask that Vanous whether
he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently
been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put
mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7
million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a
repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there
would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and
hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity
with
Win9X as my primary OS and Internet connection. I *was* using AVAST
with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be
worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the
same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB

--
MEB


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---
  #6  
Old March 7th 10, 08:04 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
PCR
External Usenet User
 
Posts: 4,396
Default End Of Support For avast! 4.8

MEB wrote:
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in
this matter must end for me by October or so -- & I must
scramble then for protection! What a pity! Can you ask that
Vanous whether he's found new viruses that affect Win98 lately
-- or is he just giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP
types? I'm hoping Vanous might know whether anything new has
recently been detected for Win98 & been put into the avast!
definitions.

Ah no I'm not actually "saying" anything. Just observing that
with the application of polymorphic changes to almost everything
being done maliciously, what MAY have the defs and malware
activities associated with Win9X virus and other exploits, at any
specific previous time, may not be now... seems entirely
plausible that is likely occurring. And it really doesn't take
much to change an old hack or virus for Win9X into a new one that
could slip by, nor to just use a 9X system in just a control or
distribution capacity; not much there to stop it or even notice
it.

I see -- you mean the virus signature may change & get by old
avast! defs. OK.

Right.


OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.


I think -- if the question will get to Vanous -- he might put
mention of heuristics in his answer -- if he's really any good.
Could be the heuristics as they relate to Win98 are actually
unchanged, i.e., there is only so much behavior that a thing can do
to look like a virus in Win98 (which is my understanding of what
heuristics is).


Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked -


It occurs to me from what you say that those Chinamen & Spaniards don't
need to attack me -- just my bank! But I'll be OK with the FDIC
insurance, then -- just as I am should the banks lose it in the normal
ways on derivatives & such. I have noticed bank interest is negligible
these days, but my balance is still there.

As far as my computer becoming part of a botnet, I'm hoping my Kerio PF
& avast! are preventing that. I see no evidence of botnet activity in
Kerio's displays or when looking at running tasks. But I really should
some day put another big effort into finalizing my Kerio rules. Don't
forget, too, I'm on dial-up & therefore am a poor candidate for that.

if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7
million hacked computers under its control INCLUDING many Fortune 500
companies here in the US].


Now/then there is in the news stories that financial institutions are
breached by hackers. That's right, but there's really nothing I can do
but to separate my millions into FDIC amounts -- NOT!

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have
these discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a
repeater for control codes, IP to use in DDoS attacks, whatever] is
what is occurring more often. Since these are constantly changing, it
is extremely hard to detect them, because use of the Internet
requires so many things go on JUST when viewing pages or normal
usage. Not even UDP packets [like DNS, streaming, etc.] are safe from
usage by hackers.


I'll do my best, but hopefully they won't view me as a candidate.

You have indicated that there must be some limit to what can be done
in a Win9X computer... whereas its mo WHY would you think there
would be some limit. The ability to install background hacks into the
9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility
- 32bit-16bit coding - the 17 year old vulnerability; that is
basically what Win9X/ME coding is. In those systems, this was used to
elevate privileges and install programs, in 9X/ME there are no
privileges to overcome, no real user account protections even.


Whenever I look at running tasks -- in MSInfo32, Wintop or EndItAll -- I
see only the old familiar names. I suppose it is possible for something
to run without showing up in those or for something to have replaced one
of them. But Kerio has that MD5 signature check. I'm fairly confident
none of them has ever changed without my more/less expecting it.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS
the OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits
as might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X
for issues and vulnerabilities about, what, around four months ago. I
did however advise of several things PRIOR to ending this last
activity with Win9X as my primary OS and Internet connection. I *was*
using AVAST with custom settings, and extra protections and
applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


OK. I really don't do a lot of internet travel. How did you discover you
were hacked? Is there something specific I could look for -- some file
or registry entry -- that might prove I had that hack?


Also, don't forget, avast! has other capabilities that might be
worth a try -- such as customizing the Standard Shield to block
opening, renaming, deleting of files & formatting of drives. I
haven't tried it yet because it may make things awkward to do. Looks
like, when a thing is blocked, a requestor will be put up whether to
allow it -- I really should try!


Yeah I tried several custom settings.. I also had mine set to show
ALL the activity it was doing. Yep, tried a lot of stuff that last
couple years of testing....
Try it out, would useful now.


What finally showed you the infection? What were the symptoms?

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the
same light as XP and other users using administrator accounts to
access the Internet because its inconvenient to use a
protected/limited account,
and those who won't get the updates because their OS is pirated or
they think Microsoft is "spying on them".


That's why I'm on high security now for the Internet Zone -- it turns a
lot of that off.

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR



  #7  
Old March 14th 10, 05:41 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
Hot-text
External Usenet User
 
Posts: 1,026
Default End Of Support For avast! 4.8

Now MEB that was good True Info you Giving us!

"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.


OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.


I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).


Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!


Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---


  #8  
Old March 14th 10, 05:49 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
Hot-text
External Usenet User
 
Posts: 1,026
Default End Of Support For avast! 4.8

That why I do not hack a hacker with Win98

"MEB" wrote in message
...
On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?
Do you run packet sniffing software EVERY TIME you connect to the
Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?


///////////////////////////////////////////////// hack a hacker
///////////////////////////////////////////////////////////
/// OH, and yeah, that IS why I became infected by LOOKING for this
///
/// activity; that WAS the point; how do you think most of these things are
///
/// discovered, monitored, traced, tracked, and the parties involved brought
///
/// to justice or some protection erected against these things?
///
/// What? Is it magic, speculation, pure guess???
///
///////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention
of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---


  #9  
Old March 14th 10, 06:25 AM posted to microsoft.public.win98.gen_discussion,microsoft.public.windowsme.general
Hot-text
External Usenet User
 
Posts: 1,026
Default End Of Support For avast! 4.8

For a week now I have someone working on a hacking my GuestBook
SpyWare is a WebSide Log ... The Hacker Reverse resolved =
unknown.altushost.com
But his IP address 91.214.44.182 I ping this to see if he have open Ports
He have to open ports = ftp 21 Please login with User and Pass
and http 80 403 Forbidden
Hmm time to send a FTP 530 message to him LOOL

User = microsoft.public.win98.gen_discussion Not Mask Password =
came_here_and_see_minpin@re_End_Of_Support_For_ava st_4.8

He Get the message on the FTP S Log
Connecting to 91.214.44.182 , 13 Mar 2010 23:23:58
220 (vsFTPd 2.0.5)
USER microsoft.public.win98.gen_discussion

331 Please specify the password.
PASS (hidden)

530 Login incorrect.
530 Login incorrect.
Connection closed
LOOL HMM


"MEB" wrote in message
...
On 03/06/2010 02:14 PM, webster72n wrote:


"MEB" wrote in message
...
On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?


Wouldn't you be talking about 'spyware' then?
If so, I am fine, as my 'detectives' are telling me.
But any other 'malware' is also well taken care of.

Do you run packet sniffing software EVERY TIME you connect to the
Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?


may be not skilled enough in your sense, but nevertheless enough for my
needs. My Windows ME and Vista are doing just grand, thank you. H.


Happy to hear that. Do the best you can, that's really all you can do
presently; stay informed and try...



OH, and yeah, that IS why I became infected by LOOKING for this
activity; that WAS the point; how do you think most of these things are
discovered, monitored, traced, tracked, and the parties involved brought
to justice or some protection erected against these things?
What? Is it magic, speculation, pure guess???



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in
this
matter must end for me by October or so -- & I must scramble
then
for protection! What a pity! Can you ask that Vanous whether
he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP
types?
I'm hoping Vanous might know whether anything new has recently
been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that
with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old
avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put
mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e.,
there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7
million
hacked computers under its control INCLUDING many Fortune 500
companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have
these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a
repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even
UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done
in
a Win9X computer... whereas its mo WHY would you think there
would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward
compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS
the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and
hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X
for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity
with
Win9X as my primary OS and Internet connection. I *was* using AVAST
with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be
worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried
it
yet because it may make things awkward to do. Looks like, when a
thing
is blocked, a requestor will be put up whether to allow it -- I
really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the
same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or
they
think Microsoft is "spying on them".

--
MEB

--
MEB


--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---


 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Avast Pro Corday[_3_] General 43 December 22nd 09 12:26 PM
Avast! to Stop Support End of 2009 dlsayremn General 34 September 23rd 09 12:24 AM
About Avast! Angel General 11 October 15th 06 04:01 PM
Any avast! users here? Justin Thyme General 8 April 14th 06 02:29 AM


All times are GMT +1. The time now is 01:16 PM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 Win98banter.
The comments are property of their posters.