End Of Support For avast! 4.8

On 03/04/2010 12:04 AM, webster72n wrote:


"MEB" wrote in message
...
On 03/03/2010 07:12 PM, webster72n wrote:


"MEB" wrote in message
...
On 03/03/2010 01:14 PM, webster72n wrote:


"MEB" wrote in message
...
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software when I
inquired about the end of support for avast! v4.8 and the end of
support for Windows 98/ME. I'm not completely clear of the
statement
that support for Windows 98/ME ended at the end of 2009, but that
definition updates will be provide until the end of 2010. Should I
interpret this to mean that the avast! v4.8 program files will
not be
updated, but that definition update file that will work with
Windows
98/ME will be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter
must end for me by October or so -- & I must scramble then for
protection! What a pity! Can you ask that Vanous whether he's found
new
viruses that affect Win98 lately -- or is he just giving us stuff
for
XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.
Still, it would be interesting to know, though taken with a "grain of
salt". so to speak..

As for the updates, version 5 already exist and it is not compatible
with Win9X nor are, apparently, the updates used within it. There are
two SPECIFIC manual updates available, one for 5, one for 4.8:

http://www.avast.com/download-update

Thanks, we'll give it a whirl. H.

Let us know, "inquiring minds want to know" {gees can I say that... has
that been trademarked..grin}

MEB:

After it must have downloaded 3/4 of the 38.5 MB and in my absence IE6
crashed and somewhere in the potpouri it told me in broken letters that
it ran out of MER or MEB(?) I believe, which I concluded to be memory,
yet it shouldn't have been.
No problem getting it fixed, but I'll have to start from scratch and
then keep a closer eye on it.
Once done with it, you'll get to know.
Thanks for your concern.

Harry.


That's not good. IE shouldn't crash just because of a download. Are you
currently updated on AV and have you done a recent scan?
Or had you connected to somewhere else before you attempted the download?
Or are you using a phone-line ISP connection??

It seems as though it has updated itself to the latest version, without
me needing to download the whole thing.
BTW, the latest version for ME is 4.8.1386, not 4.8.0., isn't it?
IOW, I'm in good shape right now, with no problems - knock, knock on wood.
Thanks for your attention, MEB.

Harry.

Oh, I misinterpreted your intent, I had thought you were going the
v5.0. update to 4.8. test. Okay, good then, at least you are current.
That may be why your download attempt failed - during the auto-update

Yeah, as far as I know that is the present sub-version, maybe the last.
The 4.8.(0) signifies the MAJOR version not the sub-version [.1386]. V5
is also not just 5.0 but has at least 5.0.{sub-version} now.



Oh, and I hope you have a backup/image handy for your system before you
try the test "just in case".



[anyone care to test that theory]

Though there are similar versions, such as 4.7.4 or 3.0.1, for Linux,
BSD, Solaris [depending upon usage -server editions] or 1.3.0 [home
workstation], or MAC (2.74), it is doubtful those VPS files would
benefit Windows users.

Thanks,
Jerry

----------------------------------------------------------------------


----------

Hello,

support for Windows 98/ME has ended with year 2009, but we will be
releasing new virus definitions for avast! 4.8 till the end of this
year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

--
MEB

--
MEB

--
MEB
--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

Hello Again:

I have again contacted ALWIL support with my question and received this
second response below:

-----------------------------------------------------------------------
Hello:

Thank you for your reply.

However, I'm still not completely clear on ALWIL's policy in this matter.

Should I interpret this to mean that the avast! v4.8 program files will not
be updated, but that definition update file that will work with Windows
98/ME will be supplied until the end of 2010?

Thanks again,
Jerry

-----------------------------------------------------------------------

Hello,

exactly. We will be updating avast! 4.8 virus definitions till end of 2010,
but we do not plan to release any further program update for avast! 4.8.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

-----------------------------------------------------------------------

"Jerry Martin" wrote in message
...
Hello:

The following is the response I received from ALWIL Software when I
inquired about the end of support for avast! v4.8 and the end of support
for Windows 98/ME. I'm not completely clear of the statement that support
for Windows 98/ME ended at the end of 2009, but that definition updates
will be provide until the end of 2010. Should I interpret this to mean
that the avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will be supplied
until the end of 2010?

Thanks,
Jerry

--------------------------------------------------------------------------------

Hello,

support for Windows 98/ME has ended with year 2009, but we will be
releasing new virus definitions for avast! 4.8 till the end of this year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

I don't remember slapping you gmind you you must have deserved it if I did
eg

--
Joan Archer
http://crossstitcher.webs.com/

"Noel Paton" wrote in message
...
Careful Robear - Joan's got a vicious slap when she wants! eg
(Mow might oject to breach of trademark, also!)

--
Noel Paton
CrashFixPC

Nil Carborundum Illegitemi
www.crashfixpc.co.uk
"PA Bear [MS MVP]" wrote in message
...
Mow power to you...

Joan Archer wrote:
lol I know that feeling but mine are real babies I'm sitting for g

Babysitting duties...

Hello Robear not often we see you in the WinME ng g

Ask such questions he http://forum.avast.com/index.php?board=2.0

MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software when
I inquired about the end of support for avast! v4.8 and the end of
support for Windows 98/ME. I'm not completely clear of the
statement that support for Windows 98/ME ended at the end of
2009, but that definition updates will be provide until the end
of 2010. Should I interpret this to mean that the avast! v4.8
program files will not be updated, but that definition update
file that will work with Windows 98/ME will be supplied until the
end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just giving
us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being done
maliciously, what MAY have the defs and malware activities associated
with Win9X virus and other exploits, at any specific previous time,
may not be now... seems entirely plausible that is likely occurring.
And it really doesn't take much to change an old hack or virus for
Win9X into a new one that could slip by, nor to just use a 9X system
in just a control or distribution capacity; not much there to stop it
or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.


Still, it would be interesting to know, though taken with a "grain
of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question that I
wish to be passed along to Vanous.


As for the updates, version 5 already exist and it is not
compatible with Win9X nor are, apparently, the updates used within
it. There are two SPECIFIC manual updates available, one for 5, one
for 4.8:

http://www.avast.com/download-update
[anyone care to test that theory]

I'll look into it tomorrow. Today -- & the last time I've tried
downloading from that avast! site you keep posting-- I get told my
security settings won't allow it. And I run into a snag trying to
play with them. Looks like avast! prevents it while it's updating
its virus definitions. There are things I can't do while that is
going on -- like using Explorer or much of the Taskbar!

Uhm, are you updating FROM the site, like running from there??

No! It wouldn't let me take the dowwnload to a folder -- but changing
the security setting did the trick. But I've stopped the download -- it
wanted another 2 hrs. 15 mins. to complete! This won't be the answer for
me (if it takes that long) to get new defs when avast! stops providing
them automatically.

Was I supposed to be just getting manual def updates from there or the
whole program plus all the defs -- even the ones I've already got?

Now, I've changed my Internet Zone security level back to high. It
worked instantaneously with avast! all done with its defs update. There
are things that can't be done quick with that going on!

But now I've got my security settings back to medium (instead of
high) for the Internet Zone (it didn't help to have avast! in the
Trusted Zone with medium settings, though!) -- & I'll try the
download tomorrow. It better work! Maybe Webster72n will have
reported by then, anyhow. That seems like a massive download!

Yeah, both of them were... one 30 the other 35 IIRC.

That takes too long to update virus defs that way. I'm still on dial-up!


Though there are similar versions, such as 4.7.4 or 3.0.1, for
Linux, BSD, Solaris [depending upon usage -server editions] or
1.3.0 [home workstation], or MAC (2.74), it is doubtful those VPS
files would benefit Windows users.

Yea -- I wouldn't trust that.


Not something I'd suggest, though "push comes to shove"...

I see what you're saying. I expect to begin a mad scramble in October or
so.


Thanks,
Jerry

------------------------------------------------------------------
--
--
----------

Hello,

support for Windows 98/ME has ended with year 2009, but we will be
releasing new virus definitions for avast! 4.8 till the end of
this year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR

Jerry Martin wrote:
Hello Again:

I have again contacted ALWIL support with my question and received
this second response below:

----------------------------------------------------------------------
-
Hello:

Thank you for your reply.

However, I'm still not completely clear on ALWIL's policy in this
matter.

Should I interpret this to mean that the avast! v4.8 program files
will not be updated, but that definition update file that will work
with Windows 98/ME will be supplied until the end of 2010?

It still sounds to me your interpretation is sadly correct. Did you ask
him whether he thought any new or modified old viruses were affecting
Win98? Me & MEB want to know!

Thanks again,
Jerry

----------------------------------------------------------------------
-

Hello,

exactly. We will be updating avast! 4.8 virus definitions till end of
2010, but we do not plan to release any further program update for
avast! 4.8.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

----------------------------------------------------------------------
-

"Jerry Martin" wrote in message
...
Hello:

The following is the response I received from ALWIL Software when I
inquired about the end of support for avast! v4.8 and the end of
support for Windows 98/ME. I'm not completely clear of the statement
that support for Windows 98/ME ended at the end of 2009, but that
definition updates will be provide until the end of 2010. Should I
interpret this to mean that the avast! v4.8 program files will not
be updated, but that definition update file that will work with
Windows 98/ME will be supplied until the end of 2010?

Thanks,
Jerry

---------------------------------------------------------------------
-----------

Hello,

support for Windows 98/ME has ended with year 2009, but we will be
releasing new virus definitions for avast! 4.8 till the end of this
year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR

On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software when
I inquired about the end of support for avast! v4.8 and the end of
support for Windows 98/ME. I'm not completely clear of the
statement that support for Windows 98/ME ended at the end of
2009, but that definition updates will be provide until the end
of 2010. Should I interpret this to mean that the avast! v4.8
program files will not be updated, but that definition update
file that will work with Windows 98/ME will be supplied until the
end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just giving
us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being done
maliciously, what MAY have the defs and malware activities associated
with Win9X virus and other exploits, at any specific previous time,
may not be now... seems entirely plausible that is likely occurring.
And it really doesn't take much to change an old hack or virus for
Win9X into a new one that could slip by, nor to just use a 9X system
in just a control or distribution capacity; not much there to stop it
or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.



Still, it would be interesting to know, though taken with a "grain
of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question that I
wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This what
the major issue appears to be now with even the supported/updated AV,
they aren't catching what they should; hacker methods and exploits are
changing faster than they can keep up, way faster.



As for the updates, version 5 already exist and it is not
compatible with Win9X nor are, apparently, the updates used within
it. There are two SPECIFIC manual updates available, one for 5, one
for 4.8:

http://www.avast.com/download-update
[anyone care to test that theory]

I'll look into it tomorrow. Today -- & the last time I've tried
downloading from that avast! site you keep posting-- I get told my
security settings won't allow it. And I run into a snag trying to
play with them. Looks like avast! prevents it while it's updating
its virus definitions. There are things I can't do while that is
going on -- like using Explorer or much of the Taskbar!

Uhm, are you updating FROM the site, like running from there??

No! It wouldn't let me take the dowwnload to a folder -- but changing
the security setting did the trick. But I've stopped the download -- it
wanted another 2 hrs. 15 mins. to complete! This won't be the answer for
me (if it takes that long) to get new defs when avast! stops providing
them automatically.

Was I supposed to be just getting manual def updates from there or the
whole program plus all the defs -- even the ones I've already got?

Oh no, it was just to show there were 2 different update packages for
defs... and see if someone felt like trying the 5 version updates in 4
or rather, just the files expanded rather than using the installer...
for compatibility issues and potential usage in 4.


Now, I've changed my Internet Zone security level back to high. It
worked instantaneously with avast! all done with its defs update. There
are things that can't be done quick with that going on!

High is definitely the recommendation...


But now I've got my security settings back to medium (instead of
high) for the Internet Zone (it didn't help to have avast! in the
Trusted Zone with medium settings, though!) -- & I'll try the
download tomorrow. It better work! Maybe Webster72n will have
reported by then, anyhow. That seems like a massive download!

Yeah, both of them were... one 30 the other 35 IIRC.

That takes too long to update virus defs that way. I'm still on dial-up!


Yeah, I know, waaaayy toooooo lllloooooonnnnngggg.


Though there are similar versions, such as 4.7.4 or 3.0.1, for
Linux, BSD, Solaris [depending upon usage -server editions] or
1.3.0 [home workstation], or MAC (2.74), it is doubtful those VPS
files would benefit Windows users.

Yea -- I wouldn't trust that.


Not something I'd suggest, though "push comes to shove"...

I see what you're saying. I expect to begin a mad scramble in October or
so.

Good luck, I'm not finding many left with support for 9X/ME.

Anyway, suppose we should kill some of this material and drop the
cross-post if we continue for some reason.



Thanks,
Jerry

------------------------------------------------------------------
--
--
----------

Hello,

support for Windows 98/ME has ended with year 2009, but we will be
releasing new virus definitions for avast! 4.8 till the end of
this year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!


As for the updates, version 5 already exist and it is not
compatible with Win9X nor are, apparently, the updates used within
it. There are two SPECIFIC manual updates available, one for 5,
one for 4.8:

http://www.avast.com/download-update
[anyone care to test that theory]

I'll look into it tomorrow. Today -- & the last time I've tried
downloading from that avast! site you keep posting-- I get told my
security settings won't allow it. And I run into a snag trying to
play with them. Looks like avast! prevents it while it's updating
its virus definitions. There are things I can't do while that is
going on -- like using Explorer or much of the Taskbar!

Uhm, are you updating FROM the site, like running from there??

No! It wouldn't let me take the dowwnload to a folder -- but changing
the security setting did the trick. But I've stopped the download --
it wanted another 2 hrs. 15 mins. to complete! This won't be the
answer for me (if it takes that long) to get new defs when avast!
stops providing them automatically.

Was I supposed to be just getting manual def updates from there or
the whole program plus all the defs -- even the ones I've already
got?

Oh no, it was just to show there were 2 different update packages for
defs... and see if someone felt like trying the 5 version updates in 4
or rather, just the files expanded rather than using the installer...
for compatibility issues and potential usage in 4.


I get it now. Nevertheless, it would be overly time-consuming to do on a
regular basis. Interesting thought for someone a lot quicker, though!


Now, I've changed my Internet Zone security level back to high. It
worked instantaneously with avast! all done with its defs update.
There are things that can't be done quick with that going on!

High is definitely the recommendation...

It seems to prevent a download from that site when the Internet Zone is
high security, even after putting it into Trusted Sites with medium
security. IE6 then described the site as trusted in the Status Bar-- but
refused to start the download! I don't know -- could be the download was
farmed off to another site, I guess -- but I didn't see it in the
Address Bar.


But now I've got my security settings back to medium (instead of
high) for the Internet Zone (it didn't help to have avast! in the
Trusted Zone with medium settings, though!) -- & I'll try the
download tomorrow. It better work! Maybe Webster72n will have
reported by then, anyhow. That seems like a massive download!

Yeah, both of them were... one 30 the other 35 IIRC.

That takes too long to update virus defs that way. I'm still on
dial-up!


Yeah, I know, waaaayy toooooo lllloooooonnnnngggg.

Absoooooooluuuuuuuutely!


Though there are similar versions, such as 4.7.4 or 3.0.1, for
Linux, BSD, Solaris [depending upon usage -server editions] or
1.3.0 [home workstation], or MAC (2.74), it is doubtful those VPS
files would benefit Windows users.

Yea -- I wouldn't trust that.


Not something I'd suggest, though "push comes to shove"...

I see what you're saying. I expect to begin a mad scramble in
October or so.

Good luck, I'm not finding many left with support for 9X/ME.

Anyway, suppose we should kill some of this material and drop the
cross-post if we continue for some reason.

I'll follow your lead.



Thanks,
Jerry

----------------------------------------------------------------
--
-- --
----------

Hello,

support for Windows 98/ME has ended with year 2009, but we will
be releasing new virus definitions for avast! 4.8 till the end
of this year.

Best regards,
Jakub Vanous
ALWIL Software a.s.

Ticket Details
===================
Ticket ID: ZFU-618246
Department: [ENG] Technical support
Priority: Default
Status: On Hold

--
Thanks or Good Luck,
There may be humor in this post, and,
Naturally, you will not sue,
Should things get worse after this,
PCR

On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---

On 03/06/2010 11:58 AM, webster72n wrote:
Obviously you are 'into it', MEB.
Couldn't that be exactly the reason why you got infected?
Doing too many things a cautious user wouldn't do?
Personally I don't seem to have those problems.
Just an observation, mind you...

Harry.


Really? And how do you know that?
Do you run packet sniffing software EVERY TIME you connect to the Internet?
Are you skilled enough to recognize these forms/styles of hacks and
whatever coding and/or transmissions might be involved?

OH, and yeah, that IS why I became infected by LOOKING for this
activity; that WAS the point; how do you think most of these things are
discovered, monitored, traced, tracked, and the parties involved brought
to justice or some protection erected against these things?
What? Is it magic, speculation, pure guess???



"MEB" wrote in message
...
On 03/05/2010 10:08 PM, PCR wrote:

Okay, cut a bit.. change the direction a bit ...
MEB wrote:
On 03/04/2010 11:32 PM, PCR wrote:
MEB wrote:
On 03/03/2010 08:04 PM, PCR wrote:
MEB wrote:
On 03/02/2010 07:29 PM, PCR wrote:
Jerry Martin wrote:
Hello:

The following is the response I received from ALWIL Software
when I inquired about the end of support for avast! v4.8 and
the end of support for Windows 98/ME. I'm not completely clear
of the statement that support for Windows 98/ME ended at the
end of 2009, but that definition updates will be provide until
the end of 2010. Should I interpret this to mean that the
avast! v4.8 program files will not be updated, but that
definition update file that will work with Windows 98/ME will
be supplied until the end of 2010?

I share your interpretation. Sounds like procrastination in this
matter must end for me by October or so -- & I must scramble then
for protection! What a pity! Can you ask that Vanous whether he's
found new viruses that affect Win98 lately -- or is he just
giving us stuff for XP?


I think that answer will be hard to provide since polymorphic,
encrypted and hidden aspects, and other malicious activities now
dominate any infection, and hence its detection.

You're saying it's hard to tell Win98 viruses apart from XP types?
I'm hoping Vanous might know whether anything new has recently been
detected for Win98 & been put into the avast! definitions.

Ah no I'm not actually "saying" anything. Just observing that with
the application of polymorphic changes to almost everything being
done maliciously, what MAY have the defs and malware activities
associated with Win9X virus and other exploits, at any specific
previous time, may not be now... seems entirely plausible that is
likely occurring. And it really doesn't take much to change an old
hack or virus for Win9X into a new one that could slip by, nor to
just use a 9X system in just a control or distribution capacity;
not much there to stop it or even notice it.

I see -- you mean the virus signature may change & get by old avast!
defs. OK.

Right.

OK.



Still, it would be interesting to know, though taken with a
"grain of salt". so to speak..


Uh-huh. I see Martin hasn't had a chance to pass the query along,
though.

Yep, still waiting..

Me too. And I think signature changes are covered in my question
that I wish to be passed along to Vanous.

Well, its a bit more than that. The engine and its on-access/online
scanning with its heuristics and methods is outdated already. This
what the major issue appears to be now with even the
supported/updated AV, they aren't catching what they should; hacker
methods and exploits are changing faster than they can keep up, way
faster.

I think -- if the question will get to Vanous -- he might put mention of
heuristics in his answer -- if he's really any good. Could be the
heuristics as they relate to Win98 are actually unchanged, i.e., there
is only so much behavior that a thing can do to look like a virus in
Win98 (which is my understanding of what heuristics is).

Okay, maybe we need a bit more here.

A large part of the activity now isn't "virus" activity like most
people think of where it attacks all your files, crashes your system,
you know, that crap -like the old days; its using computers in botnets
for various functions like: to drain big bank accounts; DDoS of large
corporations; taking and use your accounts for other uses; and other
sundry stuff. It doesn't take much from any individual computer since
these rely upon massive amounts already hacked - if you've ever
P2P/tor/whatever for files, music, movies, or stuff, you should
understand the concept of massed computers working together on various
things.
For instance, in just the last two months, 2 massive hacker networks
were taken down, one in China [over 170,000 hackers registered], the
other in Spain [Mariposa botnet - reported as having around 12.7 million
hacked computers under its control INCLUDING many Fortune 500 companies
here in the US].

The "virus" like activity is now NOT static [which defs can be used
against] for the most part because its counter-productive to have these
discovered, instead constantly changing "hacks" [polymorphic] of
whatever THAT computer's function is in the botnet [like just a repeater
for control codes, IP to use in DDoS attacks, whatever] is what is
occurring more often. Since these are constantly changing, it is
extremely hard to detect them, because use of the Internet requires so
many things go on JUST when viewing pages or normal usage. Not even UDP
packets [like DNS, streaming, etc.] are safe from usage by hackers.

You have indicated that there must be some limit to what can be done in
a Win9X computer... whereas its mo WHY would you think there would be
some limit. The ability to install background hacks into the 9X/ME
system was accomplished years ago. IE does allow background hidden
instances, and numerous other, were all proofed. One of the MOST
vulnerable parts of the NTs IS/was the DOS/CMD/backward compatibility -
32bit-16bit coding - the 17 year old vulnerability; that is basically
what Win9X/ME coding is. In those systems, this was used to elevate
privileges and install programs, in 9X/ME there are no privileges to
overcome, no real user account protections even.

CVE-2010-0232
MS10-015
"What is the Windows Virtual DOS Machine (NTVDM) subsystem?
The Windows Virtual DOS Machine (NTVDM) subsystem is a protected
environment subsystem that emulates MS-DOS and 16-bit Windows within
Windows NT-based operating systems. A VDM is created whenever a user
starts an MS-DOS application on a Windows NT-based operating system."

Why is it so hard to put this aspect, this coding vulnerability/this
exploitable aspect, in context with the environments that use it AS the
OS, no emulation required.
There is no protective overlaying OS which has to be hacked to get at
the coding vulnerability, because that IS inherent in and to the OS.
This isn't the only issue which revolves around the
Intel/32bit-16bit/legacy code aspect. Couple this issue with the IE6
exploits, OE exploits, outdated Flash and JAVA, RealPlayer exploits,
FireFox exploits, and, uhh, put some name here and its likely
exploitable.

The problem is these aren't the hackers of old, like a pimply faced
teenage kid writing some virus code and sending up with a nifty new
application; these are literally professionals for the most part, they
SELL: exploit code; bots; hack kits; use of their botnets or already
setup botnets; setup entire servers; sell personal information and
account information; and whatever is needed/used/wanted; these have
become businesses - criminal organizations for profit. Do they have
9X/ME worms, trojans, and hacks, ah yeah, they've had them for years.
Are they the same as the defs know, no unless someone attempts to use
one of the old ones; are they the same as might be found by the old
style heuristic methods, not likely, they are much more sophisticated;
its *profitable* to have as many computers hacked, and hacks/exploits as
might be wanted in that consumer market.

Which brings us back to my comment that I couldn't say what was going
on with these things NOW, because I stopped using and testing Win9X for
issues and vulnerabilities about, what, around four months ago. I did
however advise of several things PRIOR to ending this last activity with
Win9X as my primary OS and Internet connection. I *was* using AVAST with
custom settings, and extra protections and applications, and which
didn't stop the malicious activity or keep me from becoming severely
infected. Of course I went looking for this stuff...


Also, don't forget, avast! has other capabilities that might be worth a
try -- such as customizing the Standard Shield to block opening,
renaming, deleting of files & formatting of drives. I haven't tried it
yet because it may make things awkward to do. Looks like, when a thing
is blocked, a requestor will be put up whether to allow it -- I really
should try!

Yeah I tried several custom settings.. I also had mine set to show ALL
the activity it was doing. Yep, tried a lot of stuff that last couple
years of testing....
Try it out, would useful now.

And that "makes things awkward to do" aspect is what causes a large
percentage of Windows, IE, Flash, and JAVA exploits to work. In the same
light as XP and other users using administrator accounts to access the
Internet because its inconvenient to use a protected/limited account,
and those who won't get the updates because their OS is pirated or they
think Microsoft is "spying on them".

--
MEB

--
MEB
http://peoplescounsel.org/ref/windows-main.htm
Windows Info, Diagnostics, Security, Networking
http://peoplescounsel.org
The "real world" of Law, Justice, and Government
___---