Does anyone know if Oleg has a real time component for his AVZ which could work on the 9x/ME systems? I'm trying to keep some very old legacy PCs alive, and his AVZ can be configured to work even on Win 3.X.

If no one knows of such a component, and if it's okay with Oleg, would anyone be interested in working together on the coding of such a component?

Thanks,
Dave

AVZ comes with a AVZGuard component.
-{ Quote: "About the technology

The AVZGuard technology is based on the kernel-mode driver that delimits access of the running applications to the system. This driver can operate under Windows NT-based systems (starting from Windows NT 4.0 and up to Vista Beta 1). The main goal of this subsystem is active counteraction to malicious programs that are especially hard to remove, because they actively counteract the computer healing process.
When the AVZGuard subsystem is activated, all applications are divided into two categories - trusted and not trusted. The driver has no effect on the operation of trusted applications, while other applications are prevented from executing the following operations:·

Creating, modifying, and deleting registry parameters
Creating files with the *.exe, *.dll, *.sys, *.ocx, *.scr, *.cpl, *.pif, *.bat, *.cmd extensions on any drive
Accessing the \device\rawip, \device\udp, \device\tcp, \device\ip devices
Accessing the device\physicalmemory device (which blocks all operations with the physical memory from the user mode)
Installing drivers (which is the consequence of the blocking of the registry operations)
Starting processes
Opening running processes with access level allowing its termination or writing into its address space
Opening threads of other processes (at the same time, the process can open and stop its own threads)" }-

After enabling AVZGuard, kernel-mode antirootkit is blocked, and user-mode antirootkit continues normal operation. Specific feature of AVZGuard is the possibility of extending the influence of the user-mode antirootkit to other processes.

Refer to AVZ Help.

The AVZGuard works with NT, 2000 and above, but not 9x/ME and "beneath."

Dave

That is correct, NT based. I was trying to say you're outta luck - second sentence in About the technology. It would be news to me if there was.

What do you want to achieve, something like AVZGuard realtime? How about SSM (http://www.syssafety.com/product.html) free which is okay for 98.

-{ Quote: "What do you want to achieve, something like AVZGuard realtime? How about SSM (http://www.syssafety.com/product.html) free which is okay for 98." }-

Hey, that sounds like a good idea. Thanks.