Leaderboard

I found an alternative way to update uBlock Origin Legacy when the user still decides to install over an existing installation: Backup all your settings using the "Back up to file" button on the page "Settings". Install the new version of uBlock Origin Legacy over the existing one. Reset your installation using the "Reset to default settings" button on the page "Settings". Restore all settings from your backup file. This method can only be used for updates with the same extension ID, i.e. from version 1.16.4.32 and higher or from version 1.16.4.31 and lower. The reason for this is the change of the extension ID in version 1.16.4.32 I have performed. But one thing is clear. A clean install is the best method that causes the fewest problems. Greetings, AstroSkipper

@Damnation Can there be a mixture between halmps and halmacpi Dietmar

... That's NOT accurate to say ; while both OSes are NT 6.0, per your linked documentation: Windows Vista SP2 x86 & x64 Official Extended Support was EoL'ed on Apr 11th, 2017 : https://learn.microsoft.com/en-us/lifecycle/products/windows-vista It is indeed true that the WS 2008 SP2 targeting updates released some two years after Vista's official End of Extended Support can be installed manually on the OS and bestow SHA-2 support on it, but this practice isn't considered "official" by either the vendor (Microsoft) or the rest of the third party vendors (Norton in this case ) ... Kindest regards ...

NortonLifeLock has announced that they will stop supporting Norton Security v22.15.x products on Vista and other older OSs that do not support SHA-2 code signing as of 22-May-2024. See employee Gayathri_R's 01-Mar-2024 announcement End-of-Life announcement for Norton security software on Windows XP, Windows Vista, and Windows 7 (SP0) for more information. Note that Win 7 SP0 is Win 7 without Service Pack 1. NortonLifeLock threatened to end support for Norton Security v22.15.x a few years ago and reversed their decision after customers complained but I think they intend to stick to the 22-May-2024 end-of-life date this time.

@Damnation nt!KiDispatchInterrupt+0x393: 804dcbe5 3b6d00 cmp ebp,dword ptr [ebp] 11: kd> p nt!KiDispatchInterrupt+0x396: 804dcbe8 740d je nt!KiDispatchInterrupt+0x3a5 (804dcbf7) 11: kd> p nt!KiDispatchInterrupt+0x3a5: 804dcbf7 83bb2801000000 cmp dword ptr [ebx+128h],0 11: kd> p nt!KiDispatchInterrupt+0x3ac: 804dcbfe 74d7 je nt!KiDispatchInterrupt+0x385 (804dcbd7) 11: kd> p Packet failed authentication. Please make sure the host and target encryption keys match exactly. Also make sure you don't have multiple target machines pointed at the same network port on your host. Bad packet sent from 192.168.2.102. Run nslookup 192.168.2.102 from a command prompt to get the machine name. Packet failed authentication. Please make sure the host and target encryption keys match exactly. Also make sure you don't have multiple target machines pointed at the same network port on your host. Bad packet sent from 192.168.2.102. Run nslookup 192.168.2.102 from a command prompt to get the machine name. Packet failed authentication. Please make sure the host and target encryption keys match exactly. Also make sure you don't have multiple target machines pointed at the same network port on your host. Bad packet sent from 192.168.2.102. Run nslookup 192.168.2.102 from a command prompt to get the machine name. nt!KiDispatchInterrupt+0x38d: 804dcbdf f390 pause 10: kd> p

@Damnation This is Bsod surrounding without any breakpoint, Windbg continous with "p", F10, Dietmar https://ufile.io/b5j6aq0z

@Damnation I have your hal.pdb integrated. Now I get this, looks like kind of loop, or if something cant be found Dietmar https://ufile.io/310s052p

@Damnation Yes, I fixed everything that is possible on the HP 255 g6 board. Now, there is ACPI-Multprocessor with mostly all drivers. A lot of other notebooks boot with the same idea XP SP3 now, which show before Bsod, not direct related to acpi.sys. All those Bsods happen because of their VGA settings in DSDT and their internal VGA cant be disabled via Bios. Now I am just setting up a new XP SP3 on my Asrock z370 k6 board. Without any extra driver, just naked and ready for debug. This is possible, because it can use PS/2 for mouse and keyboard. Then I add your acpi.sys, hal.dll and ntoskrn8.sys. Soon I report Dietmar

Well, since the other member above kindly warned us - Avast might also be compromised by foreign intelligence agencies, I shan't use it anyways! I tend to listen to what the older folks have to say.

Panda Free (or not Free) and Malwarebytes Premium can both be installed, since they don't need a lot of RAM, so no problem with that.

Yes, it's working now! Many thanks to you, my honorable user, you are awesome!

i had some time to look at it his function is bugged up basicly he write it himself "// hacky but works: small number is command id, large is submenu (a pointer)"" that indicates he tryed to trick it and had to do "hacky solutions" he use a endless while true loop with ends escapes and continues, also goto´s,calls to the same functions in a function, and then seperators for his menu to fix how he called it "bad seperators" this ended up in a os specific solution you useally dont do that because the operating system can might change the relevant codes over time (such as 7 to 10, or 98 to nt) - something like this already happend in the past but the solution to this problem is possible as the author use multiple fixes all over around (probaly to compensate the problems) it is easy to add that fix - anyways it actually was a bit weird to find it out in win10 its just a flag, that was found like very quickly - but no in xp it didnt do that and gave very weird results even turned off xp was working ok while on 10 it did what it suppose to do - it was turned off as the code suppose to was changed to let me know if it works now! the .avif file (and heic) format dont work for me, neither on xp nor on 10 nor on 7 (both unchanged from the official download page and the changed version) https://www.file-upload.net/download-15277606/SumatraPDF_WINXP_3.5.2_3.zip.html https://www.mediafire.com/file/a4mtyf33ozs6q63/SumatraPDF_WINXP_3.5.2_3.zip/file

I thought that I ought to push things along with this project with this post. The objective is to update Dibya's last patched binaries so that they are based on the last POSReady 2009 updates of these modules. It ought to be possible to patch other system files using the same techniques. The approach that Dibya has used is to patch the export table of these binaries so that API calls to NT6 functions are forwarded to an external dynamic link library that acts as a container for all the additional NT6 functions for the patched kernel32.dll, advapi32.dll, ole32.dll, shell32.dll and user32.dll. This external dynamic link library is called ExKernel.dll. I have provided a screen shot of the patched advapi32.dll opened in PE Maker here: Exkernel.dll is built by dissasembling Microsoft and Wine binaries to extract the subroutines for the additional NT6 functions to make the asm file ExKernel.asm which is then assembled with nasm.exe to produce the object file ExKernel.obj. ExKernel.obj is passed to golink.exe to link Exkernel to advapi32.dll, shell32.dll, kernel32.dll, and ntdll.dll. The ExKernel.asm file contains a table for imports as in the sample below: ; IMPORT TABLE EXTERN RtlEnterCriticalSection EXTERN RtlLeaveCriticalSection EXTERN WaitForSingleObject ;EXTERN _alloca_probe EXTERN RtlInitializeCriticalSection EXTERN SetEvent EXTERN RtlSetLastWin32Error EXTERN RtlTryEnterCriticalSection EXTERN GetLastError EXTERN GetProcessHeap EXTERN RtlAllocateHeap EXTERN ExitThread EXTERN CreateEventA EXTERN LoadLibraryA The table for exports is shown in the sample below: ; EXPORT TABLE GLOBAL AcquireSRWLockExclusive EXPORT AcquireSRWLockExclusive GLOBAL AcquireSRWLockShared EXPORT AcquireSRWLockShared GLOBAL InitializeSRWLock EXPORT InitializeSRWLock GLOBAL ReleaseSRWLockExclusive EXPORT ReleaseSRWLockExclusive GLOBAL ReleaseSRWLockShared EXPORT ReleaseSRWLockShared GLOBAL TryAcquireSRWLockExclusive EXPORT TryAcquireSRWLockExclusive GLOBAL TryAcquireSRWLockShared EXPORT TryAcquireSRWLockShared GLOBAL InterlockedCompareExchange64 EXPORT InterlockedCompareExchange64 Here is a sample of a subroutine in assembly included in ExKernel.asm FindNextStreamW: ;blackwingcat KB935839 2017.04 push ebp mov ebp,esp mov ecx,[ebp+08h] mov edx,[ecx+04h] add edx,[ecx+0Ch] mov eax,[ecx+08h] cmp eax,edx jnz L77EA5881 push 3221225489 ;C0000011h call SUB_L77E5826D xor eax,eax jmp L77EA58D4 L77EA5881: mov ecx,[eax+08h] mov edx,[ebp+0Ch] mov [edx],ecx mov ecx,[eax+0Ch] mov [edx+04h],ecx mov ecx,[eax+04h] push ebx push esi mov ebx,ecx push edi shr ecx,02h lea esi,[eax+18h] lea edi,[edx+08h] rep movsd mov ecx,ebx and ecx,00000003h rep movsb mov ecx,[eax+04h] shr ecx,1 and word [edx+ecx*2+08h],0000h mov eax,[eax] test eax,eax pop edi pop esi pop ebx jbe L77EA58C5 mov ecx,[ebp+08h] add [ecx+08h],eax jmp L77EA58D1 L77EA58C5: mov eax,[ebp+08h] mov ecx,[eax+04h] add ecx,[eax+0Ch] mov [eax+08h],ecx L77EA58D1: xor eax,eax inc eax L77EA58D4: pop ebp retn 0008h Here are some issues that I am unclear about and I would like Dibya or someone to clarify: Can someone supply instructions on how to use PE Maker to add additional entries to the export table? How do you know if there is sufficient space in the binary to be patched to accommodate these new entries in the export table without over-writing some of the existing code? Is there some way of creating extra space in the binary to to accommodate these new entries? What tool is recommended to extract functions as assembly from Microsoft and Wine binaries? Why criteria would you use to choose either Microsoft, Wine or BWC binaries as a source for these extracted functions? If you decide not to use an external dynamic link library as a container for the additional NT6 functions how would you insert them into the binary to be patched? Would you dissasemble the binary to be patched and paste the dissasembled NT6 functions into it's asm file then assemble it, or could you extract the NT6 functions as hex and paste them into a hex dump of the binary to be patched? ExKernel.asm

My previous post must have seemed naive to an expert like VistaLover, but I had anticipated that the CDM client would calculate a checksum of it's main dll to detect tampering, and if the checksum did not match the correct one in the client's code a signal would be sent to the widevine server to halt the download of the encrypted keys. Castlabs are now offering a free service for Widevine/VMP signing of application packages derived from official releases of Electron. They also offer a commercial VMP certification of custom Chromium/Electron adaptations which sounds like it is not free. Perhaps VistaLover could study this page Electron for Content Security VMP signing service and make some recommendations to the Supermium developer.

... I launched my Kafan MiniBrowser (KMB) copy (Chromium 87 based) on my Vista SP2 x86 OS with below command-line argument: --user-agent="Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36" Then I navigated to: https://chromewebstore.google.com/detail/ublock-origin/cjpalhdlnbpafiamejdnhcphjbkeiagm?hl=en Guess what? Yes, the previous banner: no longer displayed, but ONLY to be replaced by a new banner, stating: WT... ?

No, that's not it. Seems that Win+X is removing itself with newer Windows Updates Wipe %localappdata%\Microsoft\Windows\WinX

Thanks for the replies. I guess I have a slightly newer version. It seems to be working OK. I'm more up on Windows XP than Windows 7 ... so it's all good.

@VistaLover, somehow missed your post from 2/15/2024. if i did i would not have posted. ment no disrespect.

Update notification! As already reported , the Root Certificates have been updated and are now from 27-02-2024. Here are screenshots of both updaters: Therefore, my self-created, offline Root Certificate Updaters in the section 11.2.4. Downloads related to Root Certificate Updates (in the first post of this thread) will also be updated as soon as possible. Cheers, AstroSkipper

What happens if you sign the driver with my solution? System level signing is, like explained in this topic... Install the driver. Sign before reboot! "permanently bypass driver signature verification" https://msfn.org/board/topic/185975-got-vista-to-run-on-nvme-with-one-of-george-kings-drivers-but-its-unsigned-any-way-to-permanently-bypass-driver-signature-verification-at-boot/

@Damnation Break instruction exception - code 80000003 (first chance) nt!KiDispatchInterrupt+0x38d: 804dcbdf f390 pause 1: kd> g Break instruction exception - code 80000003 (first chance) ******************************************************************************* * * * You are seeing this message because you pressed either * * CTRL+C (if you run console kernel debugger) or, * * CTRL+BREAK (if you run GUI kernel debugger), * * on your debugger machine's keyboard. * * * * THIS IS NOT A BUG OR A SYSTEM CRASH * * * * If you did not intend to break into the debugger, press the "g" key, then * * press the "Enter" key now. This message might immediately reappear. If it * * does, press "g" and "Enter" again. * * * ******************************************************************************* nt!DbgBreakPointWithStatus+0x4: 804e2a42 cc int 3 0: kd> g *** Fatal System Error: 0x0000007e (0xC0000005,0x00000000,0xF789E168,0xF789DE64) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows XP 2600 x86 compatible target at (Thu Feb 29 19:05:36.031 2024 (UTC + 1:00)), ptr64 FALSE Loading Kernel Symbols .............................. Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7E, {c0000005, 0, f789e168, f789de64} Probably caused by : NDIS.sys ( NDIS!ndisMQueryNetworkAddress+23 ) Followup: MachineOwner --------- nt!RtlpBreakWithStatusInstruction: 804e2a42 cc int 3 11: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 00000000, The address that the exception occurred at Arg3: f789e168, Exception Record Address Arg4: f789de64, Context Record Address Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x" nicht in den Arbeitsspeicher bertragen. FAULTING_IP: +1f451c801f451e8 00000000 ?? ??? EXCEPTION_RECORD: f789e168 -- (.exr 0xfffffffff789e168) ExceptionAddress: 00000000 ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000000 Parameter[1]: 00000000 Attempt to read from address 00000000 CONTEXT: f789de64 -- (.cxr 0xfffffffff789de64;r) eax=00000000 ebx=80702790 ecx=54445358 edx=00000001 esi=f7472b20 edi=807026c0 eip=00000000 esp=f789e230 ebp=f789e250 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 00000000 ?? ??? Last set context: eax=00000000 ebx=80702790 ecx=54445358 edx=00000001 esi=f7472b20 edi=807026c0 eip=00000000 esp=f789e230 ebp=f789e250 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 00000000 ?? ??? Resetting default scope DEFAULT_BUCKET_ID: DRIVER_FAULT PROCESS_NAME: System ERROR_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x" nicht in den Arbeitsspeicher bertragen. EXCEPTION_PARAMETER1: 00000000 EXCEPTION_PARAMETER2: 00000000 READ_ADDRESS: 00000000 FOLLOWUP_IP: NDIS!ndisMQueryNetworkAddress+23 bac63a56 e6ff out 0FFh,al FAILED_INSTRUCTION_ADDRESS: +23 00000000 ?? ??? BUGCHECK_STR: 0x7E ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre LAST_CONTROL_TRANSFER: from 00000000 to 00000000 SYMBOL_ON_RAW_STACK: 1 STACK_ADDR_RAW_STACK_SYMBOL: fffffffff789d9e0 STACK_COMMAND: dps fffffffff789d9e0-0x20 ; kb STACK_TEXT: f789d9c0 6c674a6f f789d9c4 6e666e67 f789d9c8 ee776a67 f789d9cc 6a676a67 f789d9d0 7e647a66 f789d9d4 7b667866 f789d9d8 38063a0e f789d9dc bac63a56 NDIS!ndisMQueryNetworkAddress+0x23 f789d9e0 3a063a06 f789d9e4 3a063206 f789d9e8 91ea67db f789d9ec c37cf2f2 f789d9f0 f1ea779b f789d9f4 e3ff5070 f789d9f8 b1eb67d3 f789d9fc e3fed2f2 f789da00 00008070 f789da04 00000000 f789da08 8071e0fe hal!HalpGetFeatureBits+0x52 [e:\xpsp1\nt\base\hals\halmps\i386\mphal.c @ 1097] f789da0c 00000001 f789da10 f78feb3c f789da14 f78feb38 f789da18 f78feb38 f789da1c 00008070 f789da20 00000000 f789da24 00000000 f789da28 756e6547 f789da2c 49656e69 f789da30 6c65746e f789da34 00d1e300 f789da38 00000000 f789da3c 00000000 SYMBOL_NAME: NDIS!ndisMQueryNetworkAddress+23 FOLLOWUP_NAME: MachineOwner MODULE_NAME: NDIS IMAGE_NAME: NDIS.sys DEBUG_FLR_IMAGE_TIMESTAMP: 48025d03 IMAGE_VERSION: 5.1.2600.5512 FAILURE_BUCKET_ID: 0x7E_NULL_IP_NDIS!ndisMQueryNetworkAddress+23 BUCKET_ID: 0x7E_NULL_IP_NDIS!ndisMQueryNetworkAddress+23 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x7e_null_ip_ndis!ndismquerynetworkaddress+23 FAILURE_ID_HASH: {6cac7e57-f19c-4081-7e29-9f6a6f30cf6b} Followup: MachineOwner ---------

@Damnation Next try gives this Dietmar https://ufile.io/tw0rd9vu

And here is the shortest way to update the installation of uBlock Origin Legacy properly: Backup all your settings using the "Back up to file" button on the page "Settings". Uninstall uBlock Origin Legacy and delete the ublock0.sqlite file in your profile subfolder extension-data. Restart the browser and install the new version of uBlock Origin Legacy. Restore all settings from your backup file. Greetings, AstroSkipper

@Damnation A first run shows only the same error as you have, that someone tries to write in forbidden memory Dietmar *** Fatal System Error: 0x0000007e (0xC0000005,0x00000000,0xF789E168,0xF789DE64) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows XP 2600 x86 compatible target at (Wed Feb 28 18:25:27.820 2024 (UTC + 1:00)), ptr64 FALSE Loading Kernel Symbols .............................. Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7E, {c0000005, 0, f789e168, f789de64} Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE ) Followup: MachineOwner --------- nt!RtlpBreakWithStatusInstruction: 804e2a42 cc int 3 11: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e) This is a very common bugcheck. Usually the exception address pinpoints the driver/function that caused the problem. Always note this address as well as the link date of the driver/image that contains this address. Arguments: Arg1: c0000005, The exception code that was not handled Arg2: 00000000, The address that the exception occurred at Arg3: f789e168, Exception Record Address Arg4: f789de64, Context Record Address Debugging Details: ------------------ EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x" nicht in den Arbeitsspeicher bertragen. FAULTING_IP: +150b5800150b78 00000000 ?? ??? EXCEPTION_RECORD: f789e168 -- (.exr 0xfffffffff789e168) ExceptionAddress: 00000000 ExceptionCode: c0000005 (Access violation) ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000000 Parameter[1]: 00000000 Attempt to read from address 00000000 CONTEXT: f789de64 -- (.cxr 0xfffffffff789de64;r) eax=00000000 ebx=80702790 ecx=54445358 edx=00000001 esi=f7472b20 edi=807026c0 eip=00000000 esp=f789e230 ebp=f789e250 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 00000000 ?? ??? Last set context: eax=00000000 ebx=80702790 ecx=54445358 edx=00000001 esi=f7472b20 edi=807026c0 eip=00000000 esp=f789e230 ebp=f789e250 iopl=0 nv up ei pl zr na pe nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246 00000000 ?? ??? Resetting default scope DEFAULT_BUCKET_ID: DRIVER_FAULT PROCESS_NAME: System ERROR_CODE: (NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x" nicht in den Arbeitsspeicher bertragen. EXCEPTION_PARAMETER1: 00000000 EXCEPTION_PARAMETER2: 00000000 READ_ADDRESS: 00000000 FOLLOWUP_IP: +150b5800150b78 00000000 ?? ??? FAILED_INSTRUCTION_ADDRESS: +150b5800150b78 00000000 ?? ??? BUGCHECK_STR: 0x7E ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre LAST_CONTROL_TRANSFER: from 00000000 to 00000000 STACK_TEXT: f789e22c 00000000 00000000 00000000 f74774fc 0x0 STACK_COMMAND: kb SYMBOL_NAME: ANALYSIS_INCONCLUSIVE FOLLOWUP_NAME: MachineOwner MODULE_NAME: Unknown_Module IMAGE_NAME: Unknown_Image DEBUG_FLR_IMAGE_TIMESTAMP: 0 IMAGE_VERSION: FAILURE_BUCKET_ID: 0x7E_NULL_IP_ANALYSIS_INCONCLUSIVE BUCKET_ID: 0x7E_NULL_IP_ANALYSIS_INCONCLUSIVE ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x7e_null_ip_analysis_inconclusive FAILURE_ID_HASH: {dfedf0b5-2624-ece8-95fa-645295e3260a} Followup: MachineOwner ---------

@Damnation First I make small joke, just replace acpi.sys, halmacpi.dll and ntoskrn8.sys with your version on the XP SP3 Setup xp.iso. But during the "Setup is inspecting your hardware configuration" comes message, that "acpi.sys is damaged". Now I setup with the original files and debug Dietmar

I am not doing this, I considered doing it to prevent buggy code being pushed to roytam1's users, but I never decided to actually go forward with it. What's sad is that roytam1 continues to release code to his users that has not been verified as production ready. Code in the master branch of upstream UXP or upstream Basilisk is not always production ready. I have seen issues reported on MSFN for roytam1's builds because he was pulling code from master branches before they were ready. He is doing a disservice to his users by giving them potentially buggy code.

Of course, Avast Premier's self-protection was deactivated before I started the uninstall routine. Everyone who wants to completely remove an AV programme that has such a self-protection function should know this. But that did not help at all. It was the same with Eset NOD32 Antivirus in the past. The uninstall routine of Avast 18.8 was inadequately programmed and therefore rubbish. And AvastClear 18.8 is not much better. The way I described in the article "Why I switched from Avast! to WiseVector StopX" I quoted above, on the other hand, worked excellently, but is not readily accessible and recommended for an inexperienced user. PS: The reader should not be confused by the title of my article. In the meanwhile, WiseVector StopX has been abandoned by the manufacturer and is therefore history.

AvastClear does not need any installation. It is portable. So there is no need of uninstallation, either. But in my case, it didn't work, unfortunately. AvastClear is more of a joke. A company provides a special tool for uninstalling their products, but it fails, either. Very poor!

Asking Kaspersky whether his competitor Avast is safe. Nice joke! I will soon ask the chef of a restaurant I visit if his food is good.

7-Zip is a file archiver. It is no security programme. It is great and my main file compression and extrcting programme. IMHO, there are no security concerns. But talking about it here is definitely off-topic. So you're right. You won't find it in any antimalware software list. But you can find a description here: In the case, 7-Zip has been updated in the meantime, I will edit my article soon.

No, Vistapocalypse warned us about the dangers coming from the KGB(FSB) or whatever they call Russian spies these days, and I'm grateful for that warning! It makes me wonder, why do you even assume, a fellow American, such as him, would be afraid of the NSA, right @Vistapocalypse, you aren't afraid of the NSA or their alleged "backdoor" in Avast or anywhere else?

WOW! A portable AV! That's definitely something unique. The last time I used a portable AV, it was ClamWin. Panda Dome looks more and more tempting, I will probably make a small gift to my mommy and purchase her a paid version of Panda Dome for WinXP laptop!

it's made in china just like the last working and stable web browsers for XP. google, intel, nvidia, M$... and many others who don't support XP anymore are not chinese companies AFAIK Read this quotation from my introductory post containing the conditions for posting here in this thread: No more off-topic posts in my thread! This is my last warning. AstroSkipper

@Dixel! Hello and welcome to my thread! Glad to hear you like my thread! I have been using Panda Free Antivirus for several months. I am generally amazed at how little resources it uses and how it protects my Windows XP computer completely satisfactorily. I hope you will find what you are looking for here. My list of all presented security programmes in the second post of this thread is just under construction, but will be maintained by me and constantly expanded, if my real life allows it and I have not to waste my time commenting on programmes that have long since been sufficiently discussed and put ad acta. Greetings from Germany to The Netherlands, AstroSkipper

It brings a lot of good memories! I look forward to see it still kicks! Cheers, Dixel.

AstroSkipper, greetings! It's so great to see you're still here and provide us with top-notch software only! I'm actually amazed and intrigued at the same time! They still have such a nice all-in-one security European software package for XP, and I didn't know about it! What would I do without you! I'll intsall it on my mother's laptop as soon as I visit her. The name Panda was confusing though)))) I thought it was Chinese, now I see it's European, and I'll not hesitate to use it!

Malwarebytes Premium is more than a virus scanner. Here is a link to read what kind of features are offered in Malwarebytes: Have a lot of fun while reading!

The Giant Matrix home page disappeared in 2015. Their last version seems to be 9.0.1 from 2013. I assume that Anti Tracks' VPN feature doesn't work anymore in these days. For me, no problem, I use paid VPN services. In any case, I will check this programme more deeply when I have more time. First, I will add it to my internal list.

Already happened in November of 2022, Google had pulled the plug. https://msfn.org/board/topic/184046-future-of-chrome-on-windows-7

Thanks ! Is it any faster than the 471 ? They said it has no gaming improvements, only "security".

Well, 2021 games don't work, like I wrote just now. RDR2 is 2019. I'm pretty sure you got the wrong impression, It would be easier if they worked on win 7 ! I don't even have win 8/10 and not going to. The "fact" is debatable, to say the least. We shall see how folks will try to survive without chrome, audacity, MKVtoolnix, etc. My 26 y.o. girlfriend says Windows 7 is a system for pensioners, lol. I wonder what the next younger one would say !

Why would I read an article from early 2017 for such obsolete hardware ? We shall have 2023 in a couple of weeks. I don't know people who would voluntarily purchase a 6 years old laptop just to be able (possibly, without any hard proof) use Win 7. From what I know, that trick worked only for some early Kaby-lake models.

it is always be safe and keep distance from him, better using binoculars to observe him instead.

and yeah. people started having problem with MCP's custom NSS code. https://forum.palemoon.org/viewtopic.php?f=37&t=22421 and Mark admitted the problem. https://forum.palemoon.org/viewtopic.php?p=170029#p170029 but whatever, I'd stick to mozilla's NSS as usual.

New regular/weekly KM-Goanna release: https://o.rths.cf/kmeleon/KM76.2-Goanna-20190629.7z Changelog: Out-of-tree changes: * update Goanna3 to git 2a3b5ec9e..253db3c3f: - nss: update to 3.44.1, with vc2013 fix and gyp fix (0982e5a8d) - import change from rmottola/Arctic-Fox: - Bug 1087646 - Properly serialize nullprincipal URIs across IPC. (1fcc5a63e) - bug 1137538 - remove nsIIdentityInfo and nsNSSSocketInfo::GetPreviousCert Bug 1136471 - Remove unused nsIIdentityInfo.getValidEVPolicyOid(). (f23ed7a6f) - Bug 1049476 - 0001. webidl change - Support user certificate parameter (ba92ac3c6) - Bug 1049476 - 0002. Support user certificate parameter in API. (30ec1a9c8) - Bug 1049476 - 0003. Add EAP-TLS to wifi capabilities. (69920f968) - Bug 1130400. Part 1. Pass the passed in anchor frame to SetPopupPosition in nsMenuPopupFrame::LayoutPopup if we have one. r=enndeakin (2de244c51) - Bug 1130400. Part 2. Use a reflow callback to set the position of xul popups. r=enndeakin (aa2117085) - Bug 1130400. Add test. (9047c9013) - Bug 1043143: Step 2a: Add a class like nsDownloader but using memory instead of a file. (fad673f10) - Bug 1034143: Step 2b: Add the ability to read jar files from arbitrary memory. (e1dc9faa6) - Bug 1034143: Step 1: Fix tests for bug 945152 and bug 1008126. r=smaug (e6b6cc408) - Bug 1043143: Step 3: Convert nsJARChannel from temporary files to temporary memory. r=honzab (79e381e50) - Bug 1145631 - Part 1: Replace MOZ_OVERRIDE and MOZ_FINAL with override and final in the tree; r=froydnj (f21f630cb) - Bug 1148527 - Indentation fix after bug 1145631 (a8153b9c5) (b372a2634) - import change from rmottola/Arctic-Fox: - cleanup whitespace (402d7b83b) - Bug 1140658 - Part 7: Close underlying file stream in ReadStream before reporting closed; (2bce37716) - Bug 1143223 - Teach Cache ReadStream not to AddRef() itself in its destructor. (b262891bd) - Bug 1140658 - Part 1: Create a mini-framework for running tests in the worker, service worker and window contexts (ff56f6f4e) - Bug 1140658 - Part 2: Merge test_cache.js and test_cache_frame.html (b6eabb6fd) - Bug 1140658 - Part 5: Remove test_cache_quick_close.html because it makes no sense after bug 1131353 (19d0a7f24) - Bug 1142333 - Add a test for passing Request objects to DOM cache match methods (506346266) - Bug 1142790 - Add a test for passing Request objects to DOM cache matchAll method; (7629a098e) - Bug 1142269 - Auto-vacuum the DOM Cache database; r=bkelly (7918837f0) - Bug 1143959 - Set the journal mode and foreign key pragmas for all DBActions; r=bkelly (72203a916) - Bug 1143894 - Part 1: Clear the ErrorResult message if InternalHeaders::Get fails; r=bkelly (fd5afc218) - Bug 1143894 - Part 2: Support Vary headers including multiple header names in DOM Cache; r=bkelly (cb3d7129d) - Bug 1143894 - Part 3: Do not propagate errors in getting the headers to the outside world; r=bkelly (de058497a) - Bug 1143894 - Part 4: Add tests for handling of the Vary header in DOM Cache (bd174ede9) - Bug 1143894 - Part 5: Add a test for handling of the Vary header with multiple entries in the cache; r=bkelly (780cf31ce) - Bug 1142790 - Add a test for passing Request objects to DOM cache matchAll method; (318bacb44) - Bug 1140658 - Part 4: Port test_cache_add.html to the new mini-framework; (fbd80b0f6) - Bug 1142772 - Interleave the DOM Cache tests run through the mini-framework; r=bkelly (37c61b81f) - Bug 1143193 - Run the tests for match and matchAll on both Request objects and string URLs; (cb6a122f9) - Bug 1143219 - Add tests for passing an unknown request to match and matchAll; (6eed5fb13) - Bug 1143511 - Correct the usages of .catch() in DOM cache tests; r=bkelly (aa7fbd0f7) - Bug 1143813 - Add tests for attempting to store a non-GET request in the DOM Cache (573164971) - Bug 1143820 - Add tests to ensure that the URL fragments are correctly ignored by the DOM Cache API; (81c4bea52) - Bug 1143833 - Add tests for the ignoreSearch match mode in DOM cache; (013de8632) - Bug 1143222 - Avoid dumping out extremely long response bodies to the mochitest log, and re-enable the newly added DOM cache tests to run both in seqential and parallel modes; r=bkelly (be68c42b0) - Bug 1144337 - Add tests to ensure that cacheName is only honored on CacheStorage, and not Cache (fa38be4f8) - Bug 1145445 - Add a test for CacheStorage; (3512d19fc) - Bug 1145792 - Add a test for the Cache.keys method; (ceae47df5) - Bug 1110814 P1 Implement Cache IPC actor for streaming data from child to parent. (a72a00cd2) - Bug 1110814 P0 Fully initialize Response before resolve Fetch promise. (443df9f44) - Bug 1110814 follow-up: Fix a typo in order to fix the test failures (c89dce5f6) - Bug 1110814 followup: Add missing 'override' annotations to new methods in CacheParent. (3b01c389d) (a0e1e5739) - import change from rmottola/Arctic-Fox: - Bug 1110487 P2 Implement the nsIOfflineStorage interface in Cache. (e61a6d548) - Bug 1110487 P3 Cache should ensure Actions are finished before completing. (0278071c5) - Bug 1110487 P4 Allow Cache Action objects to be canceled more than once. (8734ce14e) - Bug 1149987 - Part 1: Make it possible to send an ErrorResult that doesn't encode a JS exception through the IPDL layer (f8c8abf60) - Bug 1149987 - Part 7: Send the full ErrorResult in the AddAllResponse IPC message; r=bkelly (0201b05e7) - Bug 1145321 - Disconnect the CacheStorage object from its actor when it gets cycle collected; (78aac7cb5) (7f40159c3) - import change from rmottola/Arctic-Fox: - Bug 1146557 P1 Fix CacheStorage and Cache to QI to nsISupports correctly. r=ehsan (b56ba80cd) - Bug 1146557 P2 Flip dom.caches.enabled to true on non-release builds. (b1ac38779) - Bug 1126014 - DomainPolicy support for e10s. r=mrbkap (484fa7f8d) - Bug 1092102 - Implement worker debugger runnables; (cfb3cb53d) - Bug 1092102 - Implement WorkerDebugger.initialize; (24f467b14) - Bug 1092102 - Implement WorkerDebugger.postMessage; (ad69a161d) - Bug 1092102 - Implement WorkerDebuggerGlobalScope.reportError; (f937913f2) - Bug 1092102 - Implement WorkerDebuggerGlobalScope.enterEventLoop; (d1d0ad392) - Bug 1092102 - Implement WorkerDebuggerGlobalScope.setImmediate (a22de0f0d) - Bug 1092102 - Implement WorkerDebuggerGlobalScope.createSandbox (d281de130) - Bug 1092102 followup: Add missing 'override' annotation on DebuggerImmediateRunnable::IsDebuggerRunnable(). (b4d053cfe) - Bug 1092102, followup 2: Add missing 'override' annotation to WorkerDebuggerSandboxPrivate::GetGlobalJSObject() (and 'virtual', for consistency). (72c9f3c84) - Bug 1092102 - Rename Suspend/Resume to Freeze/Thaw; (a7f2b5c11) - Bug 1092102 - Implement WorkerDebugger.isFrozen; (805ba0e9e) (253db3c3f) * Notice: the changelog above may not always applicable to XULRunner code which K-Meleon uses. A goanna3 source tree that has kmeleon adaption patch applied is available here: https://github.com/roytam1/palemoon27/tree/kmeleon76

WARNING: MCP people decided to write custom codes in NSS in order to solve https://github.com/MoonchildProductions/UXP/issues/82, while I want to stick with mozilla's upstream NSS, so MCP NSS will not be in my builds and switching profiles from official 28.6.0(not released yet, can't confirm official unstable version right now) build to my build may cause stored passwords being lost.

New build of post-deprecated Serpent/moebius for XP! * Notice: This repo will not be built on regular schedule, and changes are experimental as usual. ** Current moebius patch level should be on par with 52.9, but some security patches can not be applied/ported due to source milestone differences between versions. Test binary: Win32 http://o.rths.cf/basilisk/basilisk55-win32-git-20190622-c2dfff698-xpmod.7z Win64 http://o.rths.cf/basilisk/basilisk55-win64-git-20190622-c2dfff698-xpmod.7z repo: https://github.com/roytam1/basilisk55 Repo changes: - ported mozilla upstream change: Bug 1544386 part 1 - Call ElementAccessHasExtraIndexedProperty instead of ArrayPrototypeHasIndexedProperty when inlining array natives. r=tcampbell a=lizzard (MFSA2019-18) (baebe9c1a) - ported upstream mozilla esr60 changes: bug1515052, bug1539219, bug1547757, bug1555523 (945e3a9c8) - update ICU to icu4c-58.3, tzdata to 2019a, and marked for clobbering. (c2dfff698)