Multibooter

Sandboxie - Uses (not security-related) 1) For test-installing software inside the sandbox folder, without modifying the remainder of the HDD. Programs like Total Uninstall could be used, but are more time-consuming for a test-install and may still leave stuff on the computer after uninstall. To get rid of a test-installed program, you only need to delete the content of the sandbox. 2) To run multiple instances of a program simultaneously, each instance in its own sandbox. In this way you can run a program simultaneously in 2 or more windows. Examples: you can have a pdf program (e.g. Foxit Phantom) open in 2 or more windows at the same time, visually comparing 2 pdf files side-by-side (e.g. original vs translation, draft1 vs draft2, text1 vs text2 ), or viewing side-by-side various pages of the same pdf file. You can have a Hex editor (e.g. Hex Workshop) open in 2 or more windows, for viewing different code sections of a file side-by-side. (more uses and examples will be added)

Sandboxie - Compatibility (applications) The following applications do NOT run OK in a sandbox under Windows XP: 1) 360Chrome 86 v13.5.1030 by NotHereToPlayGames [SSE2] loads very slowly and the websites appear strange The following applications require special settings in Sandboxie: 1) Supermium 121 (2Feb2024) [SSE2] runs OK in a sandbox if all * IPC Access is granted to chrome.exe: in window Sandbox Settings -> Resource Access -> IPC Access -> click on Add Program button -> select chrome.exe -> OK -> click on Add button -> in msg window Add Resource Name: * This will create a big hole in the sandbox. Screenshots are in the posting by XP++ of 11Aug2024. Without the * chrome.exe setting: red dots appear in the Sandboxie icon in the System Tray, then disappear]. ISSUE: After exiting Supermium 1he red dots remain in the Sandboxie icon in the System Tray. The granting of * IPC Access to chrome.exe may be a workaround of an issue of Sandboxie v5.40, since the changelog of subsequent Sandboxie v5.43.6 indicates: "fixed chrome 86+ compatybility bug with chroms own sandbox" https://github.com/sandboxie-plus/Sandboxie/releases?page=16 The following applications run OK in a sandbox under Windows XP: The minimum operating system and minimum CPU are indicated in parentheses. The indicated application versions work OK in a sandbox, but are not necessarily the last/best version to run OK in a sandbox. - Mypal68 v68.14.0b by feodor2 (WinXP SP3, 32bit, SSE2) - Mypal68 v68.13.8b by feodor2 (WinXP SP3, SSE-only) - Serpent 52 by roytam1 (WinXP SP3, SSE-only) - New Moon 28 by roytam1 [WinXP SP2, SSE-only] - Tor Browser v7.5.6 [time and timezone must be set correctly, last version for WinXP, WinXP SP2, SSE-only] - Firefox 45ESR - Jasc Paint Shop Pro v7.04 (Anniversary Edition) [WinXP SP2, SSE-only] - Foxit Phantom v2.2.3.1112 (WinXP SP2, SSE-only) - Random House Webster's Unabridged Ditionary v3.0 [WinXP SP2, SSE-only] - Registry Trash Keys Finder v3.9.2 and v3.9.4 (WinXP SP2, SSE-only [probably also Win98, not tested]) postings with screenshots are at http://web.archive.org/web/20240904132535/https://msfn.org/board/topic/186405-sandboxie-under-windows-xp/page/3/#comments

Sandboxie - Compatibility (operating systems and CPU) The following are the last versions of Sandboxie working OK under: Windows XP SP2 and SP3 - SSE2 CPU (Pentium 4, AMD Athlon 64, Intel Atom, all x64-capable CPUs, and later) Sandboxie v5.40 (9Apr2020) Windows XP SP2 and SP3 - SSE-only CPU (Pentium 3) Sandboxie v5.22 (30Oct2017) Windows XP x64 - ?? Windows Vista 32bit - ?? Windows Vista 64bit - ?? It is unclear which version of Sandboxie is the last/best version to run under Windows Vista.

Sandboxie is a must-have utility with many security and non-security uses. This topic will focus on the compatibility and the uses of Sandboxie under WinXP. Postings about Sandboxie under other older operating systems (e.g. Windows Vista) are also welcome. Download links: 1) Windows XP 32bit (SP2 and SP3), SSE2 Sandboxie v5.40 (WinXP, SSE2, 9Apr2020) is the last version for Windows XP 32bit (SP2 and SP3), SSE2. It can be downloaded from: https://github.com/sandboxie-plus/Sandboxie/releases/download/v5.40/SandboxieInstall32_xp.exe v5.40 is freeware and was created by David Xanatos, based on the source code of v5.40 released by Sophos. v5.40 does not require registration or activation. v5.40 (9Apr2020) is of special interest because many Windows XP users may think that v5.22 (30Oct2017) is the last version of Sandboxie for Windows XP, maybe based on the info at Wikipedia: "Windows XP SP3 and Windows Vista SP2 were supported [=by Sophos] up to version 5.22, after which their support [=by Sophos] was dropped." https://en.wikipedia.org/wiki/Sandboxie The subsequent developer David Xanatos, however, had created in April 2020 the above special edition v5.40 for Windows XP, which is a little gem. v5.40 by David Xanatos works great under Windows XP (32-bit) on computers with an SSE2 CPU (= Pentium 4 and higher). Do NOT attempt to install v5.40 on an SSE-only CPU (e.g. Pentium 3). 2) Windows XP SP2 and SP3, SSE-only Sandboxie v5.22 (30Oct2017) is the last version for Windows XP SP2 and SP3, SSE-only (e.g. Pentium 3). 32-bit installer: https://web.archive.org/web/20180107162521if_/https://www.sandboxie.com/attic/SandboxieInstall32-522.exe 32+64-bit-installer [but not for Windows XP x64]: https://web.archive.org/web/20171109032037if_/https://www.sandboxie.com/SandboxieInstall.exe 64-bit installer: https://web.archive.org/web/20180107162355if_/https://www.sandboxie.com/attic/SandboxieInstall64-522.exe v5.22 is a limited trial version by Sophos, with the following limitations of the trial version: - it does not expire, but a nag screen will appear after 30 days - you may create several sandboxes, but you cannot use several sandboxes at the same time - you cannot use the Forced Programs and Forced Folders features - registration was for a time-limited subscription, requiring re-activation - you cannot register or activate v5.22 at Sophos anymore

I have tried Kaspersky Virus Removal Tool 2015 v15.0.28 on my SSE-only Inspiron 7500. I would be VERY CAREFUL: 1) I have downloaded kvrt.exe FOUR times, in a period of 2 hours, 3 downloads were just minutes away from each other. All four downloads differed substantially from each other and were not digitally signed, i.e. the differing files kvrt.exe may have been individually marked. 2) The license agreement specifically states that Kaspersky ("the Rightholder") will receive a lot of information from you and about your computer. You have to mark THREE separate checkboxes that you explicitly agree before you can proceed. After kvrt.exe ran for about 5 mins, the window Kaspersky Virus Removal Tool came up, Ready to Scan, This version is obsolete, Database release date 30.06.2024. I clicked on Cancel because I had run kvrt.exe under Total Uninstall, with the Ethernet cable disconnected. A StartUp Organizer msg window had popped up, indicating one Run Once registry entry. Upon rebooting there was no desktop icon, no -> Start -> Programs entry to start Kaspersky Virus Removal Tool. Total Uninstall showed a lot of entries for Kaspersky Virus Removal Tool, but I could not find KVRT files on the HDD, except for the license agreement. It seems that kvrt.exe is a portable program and doesn't install anything. In any case, I didn't make a scan and restored the WinXP partition to wipe out any installed stuff. Was I overly cautious, with the four differing kvrt.exe files downloaded and the three separate checkboxes in the License agreement?

My ancient version of Kaspersky runs under SSE-only, but not under Win98. Would this SSE-only compatibility mean that it would probably also run under Linux Wine?

.zip files, except those from official sources, appear to me, especially from dubious sources, as more suspicious than .rar files. The multi-packing of archives appears to indicate to me most of the times that the content is OK. Probably very few trojans, viruses etc replicate themselves using multi-packing and the initial spreading of a multi-packed trojan, virus etc may not be effective. The multi-packed file in "My personal in the Wild", and flagged as "infected" by my ancient version of Kaspersky after manually unpacking --- turned out to be OK when run in a sandbox. It is one of perhaps 10 falsely flagged positives in "My personal in the Wild". Actual infections on my computer were caused mainly by my own personal stupidity, like double-clicking on a file with a .rar icon and an extremely long filename, so that the ".exe" wouldn't be fully displayed. Unfortunately the file was a .exe, not a .rar. Happened twice to me, when I was in a hurry. But when I noticed, 10secs later, that I had done something that I shouldn't have, I pulled the plug of the computer, booted into Win98 and restored the partition from a clean backup. Everything was OK, except that I had lost some work in progress.

This drop in the number of signatures is indeed amazing, that was actually my main reason for the posting. I always archive the update folder created by the update (an update of my ancient version of Kaspersky is possible only 1 time after the initial installation). The size of the 2 .rar files of the update distribution folder, which contain my updates of early May 2024 (689,027KB) and of 7Jul2024 (703,501KB) is interesting. Kaspersky Lab increased the size of their updates, but decreased the number of signatures. No idea what they did. Regarding false positives: I do NOT delete most stuff flagged in my downloads, I just archive it separately onto a different HDD. There is just too much good stuff among the flagged stuff. My feeling is that Kaspersky issues fewer false flags than other anti-virus programs. But I have only compared the stuff flagged by my ancient version of Kaspersky vs Avast 2015. Avast 2015 falsely flags about 25% more stuff than my ancient version of Kaspersky. Eventually I will have to run all the programs contained in "My personal in the Wild" in a sandbox, to identify which ones are falsely flagged, but this is currently too time-consuming. BTW, I have added another small screenshot + more text to my preceding posting.

Yes. I have successfully updated the signatures of my ancient version of Kaspersky on my Inspiron 7500 laptop under WinXP SP3, SSE-only The number of signatures was reduced to 18 million, from 20 million in my previous signature update in early May 2024. I tested the new, fewer 18 million signatures with "My personal in the Wild", containing 100 infected downloads. The same number (141) of infected files was detected in the 100 files as with the previous signatures of early May 2024, with 20 million signatures. The number of infected files "141" is larger than the files in "My personal in the Wild" download sample (100) because many files contained in "My personal in the Wild" contain several different viruses, trojans etc. The screenshot with the Duration of 11hrs is with my SSE-only Inspiron laptop (updated signatures of 7Jul2024), the screenshot with the Duration of 1hr is with my SSE2 Core 2 Duo desktop (old signatures of early May 2024). The improvement made by the new signatures is negligeable, the new signatures checked only 17 more component files (171,610 vs 171,593). The screenshots also show that an SSE-only computer is OK for checking a few smaller files, but is definitely too slow for checking "My personal in the wild" (100 infected files, largest file 140MB, total size 3.84GB). BTW, my ancient version of Kaspersky has a detection rate of only 99/100 because it missed the detection of 1 flagged file. The missed flagged file was contained in a multi-part .rar file, contained in a multi-part .zip file, contained in a .rar file. When this file in "My personal in the Wild" was extracted manually, my ancient version of Kaspersky did flag the file.

I have checked "My personal in the Wild" with Kaspersky Anti-Virus v6.0.3.837, signatures of 1Apr2014 [i.e. 10 years old], under Window 98. Only 12 of 100 items were flagged by Kaspersky AV with a 10-year-old signature, in the sample of 100 items flagged by my ancient version of Kaspersky with a near-current signature of early May2024. This shows that a current or near-current signature is essential for virus-detection. Version differences of the scanning engine seem to be only of secondary importance since the dates of the scanning engines of Kaspersky Anti-Virus v6.0.3.837 and that of my ancient version of Kaspersky are not eons apart. A detection rate of 12 in a 100, as with Kaspersky Anti-Virus v6.0.3, means: don't use it. Not sure yet what a detection rate of 52 in 100, as by Avast 2015 with a 10-month-old signature, would imply. The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911230659/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/71/

My Inspiron 7500 laptop has a Pentium III, 650MHz and 2.54GB free space on the WinXP partition. I have used the Inspiron 7500 for testing the SSE-only compatibility of many programs. Programs installed on the Inspiron 7500 also work on another Pentium III 800MHz desktop, which has slots for both PCI and ISA cards and on which I may eventually get to work my Microsolutions CP/M co-processor card. The requirements listed in the .pdf are NOT for the build downloaded, even if p.2 lists "v11.x.x" . 1Aug2015 is the pdf creation date of eScan_AV_User_Guide_010815.pdf. As I stated in my brief test, "mwav.exe is NOT digitally signed, the most recent file contained in mwav.exe has the file modification date 26Apr2023" . mwav.exe can be extracted with 7-Zip. Under SSE-only the installation of this version of mwav.exe fails. archive.org has not captured any application .exes of eScan http://web.archive.org:/*/http://update1.mwti.net/download/tools/* I have briefly checked escanrd.zip listed there, it seems to contain a bootable Chinese+Korean .iso, which I didn't try/burn. If you look into the darker parts, maybe some torrents listed by www.btdig.com, when searching for "escan virus" [no quotation marks], are still working and contain an older build of eScan working under SSE-only, but I doubt it. Searching for "escan" or "escanav" inside eMule, which has a much better retention rate, results in no program listings. The system requirements also list "Additional Drives: CD‐ROM drive", so the SSE-only version probably came on a CD, but the CD is not listed at https://archive.org/search?query=(escan virus) Maybe the CD will be uploaded to archive.org in the future. Until then the build of eScan compatible with SSE-only, referred to in the .pdf, may be a rare file, gone forever. But no idea whether the scan engine of this elusive build, compatible with SSE-only, can be updated with a current signature. Next on my list is Panda, maybe there is a build which works under SSE-only.

The 1st version referred to in my posting is the version referred to in your article. The version numbering of eScan seems to be inconsistent. The log file generated by eScan indicates "Version 22.0.64". If I remember right, "22.0.60" appears in the small msg window when this version of eScan is run on my SSE-only Inspiron 7500, not the window pictured in your article https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/9/#comment-1245109. Yes, the version of eScan in your article does NOT run on my SSE-only computer. I strongly doubt that the program will run on other SSE-only computers.

"My personal in the Wild" I have just created a folder "My personal in the Wild". It contains the 100 smallest files flagged as infected by my ancient version of Kaspersky, in MY downloads of the last 2 months. The downloads were mainly related to WinXP. My guess is that about 5-10 files in "My personal in the Wild" are falsely flagged by Kaspersky (Kaspersky seems to falsely flag substantially fewer files than other anti-virus programs). The purpose of this "My personal in the Wild" is to help me select a 2nd virus-scanner for a dedicated virus-checking computer with SSE2, useful for checking stuff of my personal interest (i.e. WinXP). I have virus-checked "My personal in the Wild" with Avast Antivirus 2015 v10.4.2233 (SSE, Free, 17Sep2015), signature of 10Oct2023. The amazing result was that Avast Antivirus 2015 flagged only 52 of the 100 files in the sample, i.e. 48 out of the 100 files in "My personal in the Wild" were NOT flagged. In my next test I will check my "My personal in the Wild" with Kaspersky Anti-Virus v6.0.3.837, signatures of 1Apr2014, under WINDOWS 98. The purpose of this test is to find out how relevant current virus signatures (20 million signatures vs 7 million signatures) and a little more recent scanning engine are, for my personal interests, and how useful the heuristic and other analysis methods by Kaspersky of 2014 (10 years ago) are today.

I do like calling it "my ancient version of Kaspersky", "ancient" connotes respect for its quality . Maybe I will post the version or a screenshot, for the record, when there will be no more signature updates for it.

Here is a quick review of 2 versions of eScanAV under WinXP SP3 SSE-only: 1) Product Version 11.0.1139.1077 - download and description page: https://www.escanav.com/en/mwav-tools/download-free-antivirus-toolkit.asp - download link: https://update1.mwti.net/download/tools/mwav.exe - mwav.exe is NOT digitally signed, the most recent file contained in mwav.exe has the file modification date 26Apr2023 a virus-check of mwav.exe with my ancient version of Kaspersky did not flag anything suspicious - eScanAV seems to be a repackaged version of Bitdefender: eupdate.ini, installed by mwav.exe into \Temp\ contains the text "Bitdefender 2015", - under WinXP with SSE-only: double-clicking on mwav.exe extracts a huge amount of stuff into the Temp folder, the program seems to run from stuff in the Temp folder, then a msg window comes up "eScan Toolkit (22.0.60): Please Wait" - then: err msg: "MWAV - eSanAV AntiVirus Toolkit. Internal Error!!!. This could be because of incorrect system date setting or missing signature files or corrupt files. Please send MWAV.LOG file to support@escanav.com" - i.e. this version of eScan does not run under WinXP SP3 SSE-only 2) v11.0.1400.2281 (4May2020) - is a 30-day trial - download link: https://update1.mwti.net/download/escan/escan11/awn4k3ek.exe - the installer awn4k3ek.exe is NOT digitally signed a virus-check of awn4k3ek.exe with my ancient version of Kaspersky did flag PASSWORD-PROTECTED stuff inside awn4k3ek. I normally move pw-protected software to flagged stuff (malware, adware etc), except when I fully trust the source, e.g. Beyond Compare the file modification date of many extracted files is 4May2020 - under WinXP SP3 SSE-only: the program installs + updated the signatures OK to the current date 4Jul2024 + seems to run BUT when virus-checking a test-sample of infected stuff: NOTHING is flagged a check of the eScan logfile indicates: "Internal Error!!!. This could be because of incorrect system date setting ... ERROR!!! Unable to load AV!" i.e. the installer and the holding program run under SSE-only, but NOT the scan engine inside. The program does NOT notify the user under SSE-only that nothing gets virus-checked. - i.e. this version of eScan does not work under WinXP SP3 SSE-only The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911231925/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/70/

@Dixel I just looked up "ancient" in my old New Webster International of 1926, the last revision of the first edition of the current dictionary series started in 1909, where "ancient" is defined in the initial definition as "of many years", "of long standing", with examples like "our ancient bickerings". I would refer to CP/M 2.2 as "my old CP/M", but would call the specific instance of Kaspersky AV as "my ancient version x.x.x.x of Kaspersky", so "old" may be older than "ancient"... Telling you the version/build number wouldn't help you, you wouldn't be able to get it, it's just not around anymore, except for the server version.

With my ancient version of Kaspersky being the only choice? I defintely will check out eScan.

Avast Antivirus 2015 does seem to work offline, it has about 10 million signatures vs about 20 million by Kaspersky. The signatures of Avast Antivirus 2015 are of 10Oct2023, both after updating online and after updating from vpsupd.exe. When vpsupd.exe is downloaded with FlashGet, vpsupd.exe also has the file modification date [= server upload date] 10Oct2023. Maybe no more signature updates for Avast Antivirus 2015, maybe a final EOL update sometime in the future. The fact that Avast still has the special SSE-only files on their server may indicate that Avast Antivirus 2015 is not quite yet EOL. Running vpsupd.exe under Total Uninstall lists a huge number of changes and causes my Kerio v2.1.5 firewall to crash, "Windows - Fatal Application Exit", but Kerio is up again after rebooting, everything seems to be OK. Test-installing eScan under SSE-only is on my list, I just want to finish up with my postings about Avast Antivirus 2015. eScan is probably not Western software but Indian software, even if MicroWorld has their head office in the U.S. Maybe a better classification than "non-Western" would be "BRICS-software". Maybe all dualistic classifications of antivirus software are misnomers, we live in a multi-polar world, there may be no good and bad, only shades of grey. I didn't find an entry for MicroWorld in the English wikipedia. On my dedicated SSE2 virus-checking desktop I intend to have at least one Western antivirus software, next to Kaspersky, that's why I spend so much time with Avast.

I am about to change my mind about Avast Antivirus 2015, after some more experimenting. Avast Antivirus 2015 - SSE-only files The "offline" installer of Avast Antivirus 2015 (both Free and Premier) does NOT contain all required components for installing under SSE-only. During the "offline" installation under SSE-only the installer downloads 2 files, ais_gen_gui_nosse2-7e5.vpx and ais_gen_gui_nosse2_cef-7cc.vpx. If there is no internet connection, e.g. the Ethernet cable is pulled out from the computer during the installation, the "offline" installation under SSE-only will terminate with the msg "There was an error while installing the product" -> Restart computer, with Avast Antivirus 2015 NOT being installed. This has two consequences for installing Avast Antivirus 2015 the regular way under SSE-only: 1) You must have an online connection during the installation, during which Avast Antivirus 2015 constantly transmits who-knows-what to who-knows-where. I had to keep clicking continuously on firewall messages permitting outbound connections for completing the installation OK.. 2) Whenever Avast decides to remove these 2 files from their server, Avast Antivirus 2015 canNOT be installed anymore under SSE-only and the installer becomes useless trash. The compatibility with SSE-only is nowadays the only reason for installing old Avast Antivirus 2015. There exists, however, a little trick to install Avast Antivirus 2015 completely offline under SSE-only. STEP 1: Create a partition backup, Then make a 1st installation with the computer online + permit individually all outbound connections. After the installer msg window finishes displaying "Downloading ..." of the 2nd file, wait with the granting of firewall permissions. Immediately copy the 2 downloaded files ais_gen_gui_nosse2-7e5.vpx and ais_gen_gui_nosse2_cef-7cc.vpx from the \Temp\ folder of the installer to another folder on a different partition etc. Then restore the partition backup. This STEP 1 needs to be done only once, for obtaining the 2 rare files required by the installer under SSE-only. STEP 2: Disconnect the internet connection, e.g. the Ethernet cable, then re-install Avast Antivirus 2015. When the window "Question: You are installing an old version of Avast!" is displayed, the installer has finished extracting the installation source. $$$ -> copy these 2 files into the temp folder created by the installer, so that the installer will not attempt to download the missing files from the server. Avast Antivirus 2015 will then install OK, without attempting to download the 2 files. The trick with manually copying these 2 files into the \Temp\ folder during the installation also results in a software where the firewall can automatically disable outgoing connection attempts, no constant clicking when the computer is online. The nuisance part of Avast Antivirus 2015 seems to be set during the online connection of the installer With this installation trick Avast Antivirus 2015 may have become a useful tool under WinXP with SSE-only, especially for retro-computing enthusiasts who do not have my ancient version of Kaspersky.

Thanks for identifying the last SSE-only version and for the link! I am in the process of deciding on a 2nd virus-checker. I started with Avast because it has a big virus signature data base. Avast is owned by Gen Digital Inc., which also owns the Norton, LifeLock, Avira and AVG brands https://en.wikipedia.org/wiki/Gen_Digital I installed Avast Antivirus 2015 v10.4.2233 (SSE, Free, 17Sep2015) on an SSE-only Inspiron 7500 laptop, but I quickly removed it again, with a partition restore to be safe. Too much calling out to googleusercontent.com etc, nearly on every click. I then looked for the corresponding Premium version, hoping that the Premium version wouldn't contain that calling-out stuff. I couldn't find the corresponding Premium build, archive.org seems to have archived only a small corrupt file for Premium v10.4.2233, the download fails. Do you have an OK download link for it? I test-installed the preceding Premium build, Avast Antivirus 2015 v10.3.2225 (SSE, Premium, 28Jul2015) https://web.archive.org/web/20160129062513if_/http://files.avast.com/iavs9x/avast_premier_antivirus_setup.exe I liked the Sandbox, which is not included in the Free version, although I have not yet compared it to other sandbox programs. I was flabberghasted when I saw the consent request of the Premium version, similar to the Free version. The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911232807/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/69/ "Nearly every software product you use collects information about you. Search engines, games, everything. We do the same." The Premium version seems to have issues similar to those of the talkative Free version. I didn't see the opt-out option in the program, maybe hidden somewhere. I will not keep Avast on my main computers, you also had objections to it. As a new project, I plan to use a dedicated, offline desktop computer only for virus-checking, with both Kaspersky and a supplementary Western virus-checker.

I have my doubts about the German BSI. Their current head Claudia Plattner is a red-green political appointee, who seems to consider US interests https://www.danisch.de/blog/2023/07/07/die-seltsame-it-sicherheitsexpertise-der-neuen-bsi-chefin-claudia-plattner/ Why did she go to Tulane, couldn't she get admitted to a top university like MIT? She is not listed in the US wikipedia, only in the German wikipedia https://de.wikipedia.org/wiki/Claudia_Plattner "BSI's predecessor was the cryptographic department of Germany's foreign intelligence agency (BND)" https://en.wikipedia.org/wiki/Federal_Office_for_Information_Security Relying on BSI for anti-virus software recommendations?

In order to shed some more light onto the hullaballoo around Kaspersky, I have looked a little into it, here are my two cents: 1) Kaspersky Anti-Virus 18 does NOT install under SSE-only I have attempted to install 2 builds of Kaspersky Anti-Virus 18 on my SSE-only Inspiron 7500, neither of them installs under SSE-only. I initially tried to install the current build digitally signed OK 24Dec2017 and available at http://arc-products.s.kaspersky-labs.com/homeuser/kav2018/18.0.0.405abcdef/english-0.3439.0/323224f2/kav18.0.0.405en_full.exe I got the typical SSE-only err msg: "Kaspersky Anti-Virus [18.0.0.405.0.3439.0] has encountered a problem and needs to close. We are sorry for the inconvenience." I subsequently attempted to install the earliest build of v18 which I could find, digitally signed OK 12Jul2017, and got a similar err msg: "Kaspersky Anti-Virus [18.0.0.405.0.1298.0] has encountered a problem and needs to close. We are sorry for the inconvenience" 2) I tried to extract both installers. Below are the extraction details from the 164MB installer of 24Dec2017: - WinRAR v5.61 (30Sep2018) extracts 95 files and 2 folders, altogether 23MB - 7-Zip v9.20 extracts 88 files and 19 folders, altogether 136MB, with differing file and folder names - 7-Zip v23.01 (20Jun2023) also extracts 88 files and 19 folders, but adds an err msg: "Warnings. There are some data after the end of the payload data" when extracting \Product\crypto_ssl.dll i.e. Kaspersky 18 uses a proprietary SFX which cannot be extracted completely with WinRAR or 7-Zip I definitely did NOT like the warning msg by 7-Zip v23. My ancient version of Kaspersky can be extracted Ok by 7-Zip v23. BTW, the above shows that 7-Zip v23 could also serve as a security tool. 3) When my ancient version of Kaspersky, updated with current signatures, scans the installer kav18.0.0.405en_full.exe, it indicates that only 2 files were scanned, i.e. that it could not look into the installer, even if WinRAR and 7-Zip could partially look into it, which is exceptional. When I subsequently virus-checked the file with Kaspersky Anti-Virus v6.0.3.837 under Windows 98, with signatures of 1Apr2014, Kaspersky COULD look it the .exe and checked 1531 objects. This led me to suspect that some files, e.g. kav18.0.0.405en_full.exe [the installer .exe of Kaspersky Anti-Virus v18], are intentionally not checked by Kaspersky. Possibly the instructions of what to check and what not to check are contained in the signature updates of my ancient version of Kaspersky. Maybe certain files are flagged as "safe", to speed up scanning, or to skip doubtful stuff? When I checked kav18.0.0.405en_full.exe under WinXP with my not-yet-updated updated ancient version of Kaspersky, a similar huge amount of objects was reported as scanned, in contrast to the just 2 objects reported as scanned after updating the signatures. This is quite a strong indication that the signature updates contain a flag to the scan engine not to look into certain files. Comparing the number of objects scanned by my ancient un-updated version vs my ancient updated version could perhaps be a very easy method of identifying Russian spyware, on the assumption, right or wrong, that Kaspersky hides Russian spyware. The 2 screenshots below were deleted on 11Sep2024. The posting with the screenshots was archived at http://web.archive.org/web/20240911232807/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/69/ 4) My two cents: current Kaspersky 18 may perhaps contain or hide Russian spyware. Kaspersky may protect Russians from Western spyware, given the relation between Eugene Kaspersky and the former KGB. By analogy, Western antivirus software may possibly hide in a potentially analogous manner Western spyware and may possibly protect Westerners from Russian spyware. A tiny number of items scanned in a container, e.g. in an installer .exe etc, may or may not be a flag for a suspicious file scanned, or for a suspicious or poor virus-checker, or for both. It would be interesting to see which containers cannot be scanned by Western antivirus software. Maybe it would be worth while moving some archived stuff into a separate category, "Suspicious - no virus flagged, but cannot look into the .exe". I have seen a lot of such files, some may be innocuous, some maybe not. Using both Western AND non-Western antivirus software seems to be useful to keep the computer clean in an era of cyber conflict. Kaspersky Anti-Virus should remain accessible, being probably the best check against WESTERN spyware. Modern Windows may or may not contain, hide or facilitate Western spyware An old SSE-only computer may be much more resilient to infections by modern spyware, modern spyware may not install or run. The detection of a particular modern spyware, however, may be disabled also in SSE-only computers by special instructions contained in signature updates, which may apply equally to Western and non-Western antivirus software. My ancient version of Kaspersky definitely does not contain spyware and is still my preferred virus-checker, even if it may not detect all Russian spyware, if any, in my downloads. Kaspersky 18 may be useful for identifying Western spyware. But using Kaspersky 18 may be risky, except on a dedicated standalone computer. I have used a lot of "maybes", these were my two cents only

Thanks! I checked the link, RunAsDate "... doesn't change the current system date and time of your computer, but it only injects the date/time that you specify into the desired application." datechanger.exe, in contrast, changes the system clock date + time until the program is loaded/run (if I remember correctly), then immediately sets it back, also runs under Win98. Old and simple Trouble in Paradise, whose runtime could be set by datechanger, is maybe the only freeware with an expiration date. RunAsDate looks quite useful for more sophisticated software, e.g. for trial versions which have a built-in expiration date, so that you cannot first-install it past that date. Thanks again for hinting to more current software!

My archive may contain 7 different builds of this rare ancient version of Kaspersky, perhaps 5 of them for servers, perhaps 2 for WinXP. For 3 of these builds, FTP links to kaspersky.ru with pw may have been commonly known. One server build of this ancient version is still available at an abandoned site of a former distributor of Kaspersky, together with corrupted trash, and is at archive.org. The server version of my ancient Kaspersky unfortunately does not install under WinXP SP3 (tested), it requires at least Win2000 server.

DateChanger v1.0 (31Oct2000) was useful for using EOL software frequently, you could include it in a desktop shortcut. It was a freeware, also runs under WinXP. It seems to be a rare file now [filename: datechanger.exe, was available still in 2014, apparently not archived by archive.org] https://web.archive.org/web/20061112060512/http://www.sharewareplaza.com:80/Date-Changer-downloads_4351.html It was useful to frequently run the EOL freeware Iomega zip/jaz tester "Trouble in Paradise v2.1b", for testing the quality of zip and jaz disks, without having to set dates manually back and forth. Perhaps it's useful for EOL McAfee Stinger.