Multibooter

Thanks for the info about issues of Sandboxie under WinXP and with FAT32. I have installed WinXP on a FAT32 partition for compatibility with Win98 and because I prefer the folder dates of FAT32 to the folder dates of NTFS. My main security-related use of a sandbox is for checking out/test-running malware etc, to see whether it is really malware or something useful. Avast Antivirus 2015 v10.3.2225 Premium (28Jul2015) works OK under WinXP and SSE-only and has a HDD-based sandbox feature, i.e. no major RAM requirement. If you had to run malware under WinXP, with no Anti-Exploit software running in the background, would the Avast Antivirus 2015 sandbox be safer or the Sandboxie sandbox?

Sandboxie before registry fixes - GroupOrderList - SCSI Class Sandboxie v5.40 SSE2 on top Sandboxie v5.22 SSE-only at bottom [Pictures were deleted since problem was RESOLVED with registry fixes by modnar, see under posting: Version history Page with pictures was archived at https://web.archive.org/web/20240808195712/https://msfn.org/board/topic/186405-sandboxie-under-windows-xp/#comments ]

Thanks for your suggestions. 1) I have changed the registry: -> renamed in HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv the value from "DependsOnService" to "DependOnService" [no "s"] 2) I didn't quite get on what to change in HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\GroupOrderList for Filter and SCSI Class. Below are screen shots under WinXP SP3 of GroupOrderList on a desktop (SSE2 dual core, Sandboxie v5.40) and on my old Inspiron 7500 laptop (SSE-only Pentium 3, Sandboxie v5.22). Could you upload a .reg patch or a screenshot with the recommended changes for Filter and SCSI Class for v5.22 and v5.40? Sandboxie before registry fixes - GroupOrderList - Filter Sandboxie v5.40 SSE2 on top Sandboxie v5.22 SSE-only at bottom [Pictures were deleted since problem was RESOLVED with registry fixes by modnar, see under posting: Version history Page with pictures was archived at https://web.archive.org/web/20240808195712/https://msfn.org/board/topic/186405-sandboxie-under-windows-xp/#comments ]

Version history up to v5.30: [Ronen Tzur, Invincea and Sophos, last capture on 23Apr2020] https://web.archive.org/web/20200423140308/https://www.sandboxie.com/VersionChanges from v5.40.1 onwards [David Xanatos] https://github.com/xanasoft/Sandboxie-Plus/blob/master/CHANGELOG.md Registry fixes by modnar for Sandboxie v5.22 and v5.40 (special edition of Sandboxie by David Xanatos for WinXP, SSE2, 9Apr2020): 1) Rename in registry HKLM\SYSTEM\CurrentControlSet\Services\SbieDrv "DependsOnService" to "DependOnService" [no "s"] 2) Registry fix to improve compatibility and efficiency, revised on 29Jun2025: GroupOrderList_Filter_0B_XP_USP4_7Aug2024.reg Update on 29Jun2025: After intensive long-term testing modnar has concluded that the above GroupOrderList_Filter_0B_XP_USP4_7Aug2024.reg fix is his final recommendation. Other registry patches listed here earlier are rejected and should be undone. The above GroupOrderList_Filter_0B_XP_USP4_7Aug2024.reg replaces the rejected GroupOrderList_Filter_06_XP_USP4.reg posted here earlier. If you have run registry patches posted here earlier, modnar recommends to restore the virgin settings with the 3 backup patches listed below. Restart Windows after running the registry fixes. SbieDrv_Group_File_System.reg, also listed above earlier, was removed on 16Mar2025 because of the revisions and is not needed anymore. GroupOrderList_FSFilter_Infrastructure_03_XP_USP4.reg, listed above earlier, was removed on 29Jun2025. Below are corrections regarding earlier registry fixes by modnar, as of 29Jun2025: 1) The following are virgin backup settings to undo 3 registry patches which were posted here before 29Jun2025 and which have been rejected subsequently: GroupOrderList_Primary_Disk_05_XP_USP4.regGroupOrderList_SCSI_Class_03_XP_USP4.regGroupOrderList_FSFilter_Infrastructure_04_XP_USP4_29Jun2025.reg 2) If you have run NtfsDisableLastAccessUpdate_1.reg (to reduce the stress on the disk), previously posted here, please remove it from your system (delete it from HKeyLocalMachine/System/CurrentControlSet/Control/Filesystem so there are only 3 factory entries: NtfsDisable8dot3NameCreation (0), Win31FileSystem (0), Win95TruncatedExtensions (1) and reboot) Source - old versions https://web.archive.org/web/20170601000000*/http://www.sandboxie.com:80/SandboxieInstall.exe [best, only combined 32+64bit versions] https://web.archive.org/web/*/https://www.sandboxie.com/attic/* [32bit, 64bit and combined versions] https://sandboxie-website-archive.github.io/www.sandboxie.com/AllVersions.html [seems to be the same as https://web.archive.org/web/20200310035403/https://www.sandboxie.com/AllVersions ] Temporary postings:

Sandboxie - Uses (security-related) (uses and examples will be added)

Sandboxie - Uses (not security-related) 1) For test-installing software inside the sandbox folder, without modifying the remainder of the HDD. Programs like Total Uninstall could be used, but are more time-consuming for a test-install and may still leave stuff on the computer after uninstall. To get rid of a test-installed program, you only need to delete the content of the sandbox. 2) To run multiple instances of a program simultaneously, each instance in its own sandbox. In this way you can run a program simultaneously in 2 or more windows. Examples: you can have a pdf program (e.g. Foxit Phantom) open in 2 or more windows at the same time, visually comparing 2 pdf files side-by-side (e.g. original vs translation, draft1 vs draft2, text1 vs text2 ), or viewing side-by-side various pages of the same pdf file. You can have a Hex editor (e.g. Hex Workshop) open in 2 or more windows, for viewing different code sections of a file side-by-side. (more uses and examples will be added)

Sandboxie - Compatibility (applications) The following applications do NOT run OK in a sandbox under Windows XP: 1) 360Chrome 86 v13.5.1030 by NotHereToPlayGames [SSE2] loads very slowly and the websites appear strange The following applications require special settings in Sandboxie: 1) Supermium 121 (2Feb2024) [SSE2] runs OK in a sandbox if all * IPC Access is granted to chrome.exe: in window Sandbox Settings -> Resource Access -> IPC Access -> click on Add Program button -> select chrome.exe -> OK -> click on Add button -> in msg window Add Resource Name: * This will create a big hole in the sandbox. Screenshots are in the posting by XP++ of 11Aug2024. Without the * chrome.exe setting: red dots appear in the Sandboxie icon in the System Tray, then disappear]. ISSUE: After exiting Supermium 1he red dots remain in the Sandboxie icon in the System Tray. The granting of * IPC Access to chrome.exe may be a workaround of an issue of Sandboxie v5.40, since the changelog of subsequent Sandboxie v5.43.6 indicates: "fixed chrome 86+ compatybility bug with chroms own sandbox" https://github.com/sandboxie-plus/Sandboxie/releases?page=16 The following applications run OK in a sandbox under Windows XP: The minimum operating system and minimum CPU are indicated in parentheses. The indicated application versions work OK in a sandbox, but are not necessarily the last/best version to run OK in a sandbox. - Mypal68 v68.14.0b by feodor2 (WinXP SP3, 32bit, SSE2) - Mypal68 v68.13.8b by feodor2 (WinXP SP3, SSE-only) - Serpent 52 by roytam1 (WinXP SP3, SSE-only) - New Moon 28 by roytam1 [WinXP SP2, SSE-only] - Tor Browser v7.5.6 [time and timezone must be set correctly, last version for WinXP, WinXP SP2, SSE-only] - Firefox 45ESR - Jasc Paint Shop Pro v7.04 (Anniversary Edition) [WinXP SP2, SSE-only] - Foxit Phantom v2.2.3.1112 (WinXP SP2, SSE-only) - Random House Webster's Unabridged Ditionary v3.0 [WinXP SP2, SSE-only] - Registry Trash Keys Finder v3.9.2 and v3.9.4 (WinXP SP2, SSE-only [probably also Win98, not tested]) postings with screenshots are at http://web.archive.org/web/20240904132535/https://msfn.org/board/topic/186405-sandboxie-under-windows-xp/page/3/#comments

Sandboxie - Compatibility (operating systems and CPU) The following are the last versions of Sandboxie working OK under: Windows XP SP2 and SP3 - SSE2 CPU (Pentium 4, AMD Athlon 64, Intel Atom, all x64-capable CPUs, and later) Sandboxie v5.40 (9Apr2020) Windows XP SP2 and SP3 - SSE-only CPU (Pentium 3) Sandboxie v5.22 (30Oct2017) Windows XP x64 - ?? Windows Vista 32bit - ?? Windows Vista 64bit - ?? It is unclear which version of Sandboxie is the last/best version to run under Windows Vista.

Sandboxie is a must-have utility with many security and non-security uses. This topic will focus on the compatibility and the uses of Sandboxie under WinXP. Postings about Sandboxie under other older operating systems (e.g. Windows Vista) are also welcome. Download links: 1) Windows XP 32bit (SP2 and SP3), SSE2 Sandboxie v5.40 (WinXP, SSE2, 9Apr2020) is the last version for Windows XP 32bit (SP2 and SP3), SSE2. It can be downloaded from: https://github.com/sandboxie-plus/Sandboxie/releases/download/v5.40/SandboxieInstall32_xp.exe v5.40 is freeware and was created by David Xanatos, based on the source code of v5.40 released by Sophos. v5.40 does not require registration or activation. v5.40 (9Apr2020) is of special interest because many Windows XP users may think that v5.22 (30Oct2017) is the last version of Sandboxie for Windows XP, maybe based on the info at Wikipedia: "Windows XP SP3 and Windows Vista SP2 were supported [=by Sophos] up to version 5.22, after which their support [=by Sophos] was dropped." https://en.wikipedia.org/wiki/Sandboxie The subsequent developer David Xanatos, however, had created in April 2020 the above special edition v5.40 for Windows XP, which is a little gem. v5.40 by David Xanatos works great under Windows XP (32-bit) on computers with an SSE2 CPU (= Pentium 4 and higher). Do NOT attempt to install v5.40 on an SSE-only CPU (e.g. Pentium 3). 2) Windows XP SP2 and SP3, SSE-only Sandboxie v5.22 (30Oct2017) is the last version for Windows XP SP2 and SP3, SSE-only (e.g. Pentium 3). 32-bit installer: https://web.archive.org/web/20180107162521if_/https://www.sandboxie.com/attic/SandboxieInstall32-522.exe 32+64-bit-installer [but not for Windows XP x64]: https://web.archive.org/web/20171109032037if_/https://www.sandboxie.com/SandboxieInstall.exe 64-bit installer: https://web.archive.org/web/20180107162355if_/https://www.sandboxie.com/attic/SandboxieInstall64-522.exe v5.22 is a limited trial version by Sophos, with the following limitations of the trial version: - it does not expire, but a nag screen will appear after 30 days - you may create several sandboxes, but you cannot use several sandboxes at the same time - you cannot use the Forced Programs and Forced Folders features - registration was for a time-limited subscription, requiring re-activation - you cannot register or activate v5.22 at Sophos anymore

I have tried Kaspersky Virus Removal Tool 2015 v15.0.28 on my SSE-only Inspiron 7500. I would be VERY CAREFUL: 1) I have downloaded kvrt.exe FOUR times, in a period of 2 hours, 3 downloads were just minutes away from each other. All four downloads differed substantially from each other and were not digitally signed, i.e. the differing files kvrt.exe may have been individually marked. 2) The license agreement specifically states that Kaspersky ("the Rightholder") will receive a lot of information from you and about your computer. You have to mark THREE separate checkboxes that you explicitly agree before you can proceed. After kvrt.exe ran for about 5 mins, the window Kaspersky Virus Removal Tool came up, Ready to Scan, This version is obsolete, Database release date 30.06.2024. I clicked on Cancel because I had run kvrt.exe under Total Uninstall, with the Ethernet cable disconnected. A StartUp Organizer msg window had popped up, indicating one Run Once registry entry. Upon rebooting there was no desktop icon, no -> Start -> Programs entry to start Kaspersky Virus Removal Tool. Total Uninstall showed a lot of entries for Kaspersky Virus Removal Tool, but I could not find KVRT files on the HDD, except for the license agreement. It seems that kvrt.exe is a portable program and doesn't install anything. In any case, I didn't make a scan and restored the WinXP partition to wipe out any installed stuff. Was I overly cautious, with the four differing kvrt.exe files downloaded and the three separate checkboxes in the License agreement?

My ancient version of Kaspersky runs under SSE-only, but not under Win98. Would this SSE-only compatibility mean that it would probably also run under Linux Wine?

.zip files, except those from official sources, appear to me, especially from dubious sources, as more suspicious than .rar files. The multi-packing of archives appears to indicate to me most of the times that the content is OK. Probably very few trojans, viruses etc replicate themselves using multi-packing and the initial spreading of a multi-packed trojan, virus etc may not be effective. The multi-packed file in "My personal in the Wild", and flagged as "infected" by my ancient version of Kaspersky after manually unpacking --- turned out to be OK when run in a sandbox. It is one of perhaps 10 falsely flagged positives in "My personal in the Wild". Actual infections on my computer were caused mainly by my own personal stupidity, like double-clicking on a file with a .rar icon and an extremely long filename, so that the ".exe" wouldn't be fully displayed. Unfortunately the file was a .exe, not a .rar. Happened twice to me, when I was in a hurry. But when I noticed, 10secs later, that I had done something that I shouldn't have, I pulled the plug of the computer, booted into Win98 and restored the partition from a clean backup. Everything was OK, except that I had lost some work in progress.

This drop in the number of signatures is indeed amazing, that was actually my main reason for the posting. I always archive the update folder created by the update (an update of my ancient version of Kaspersky is possible only 1 time after the initial installation). The size of the 2 .rar files of the update distribution folder, which contain my updates of early May 2024 (689,027KB) and of 7Jul2024 (703,501KB) is interesting. Kaspersky Lab increased the size of their updates, but decreased the number of signatures. No idea what they did. Regarding false positives: I do NOT delete most stuff flagged in my downloads, I just archive it separately onto a different HDD. There is just too much good stuff among the flagged stuff. My feeling is that Kaspersky issues fewer false flags than other anti-virus programs. But I have only compared the stuff flagged by my ancient version of Kaspersky vs Avast 2015. Avast 2015 falsely flags about 25% more stuff than my ancient version of Kaspersky. Eventually I will have to run all the programs contained in "My personal in the Wild" in a sandbox, to identify which ones are falsely flagged, but this is currently too time-consuming. BTW, I have added another small screenshot + more text to my preceding posting.

Yes. I have successfully updated the signatures of my ancient version of Kaspersky on my Inspiron 7500 laptop under WinXP SP3, SSE-only The number of signatures was reduced to 18 million, from 20 million in my previous signature update in early May 2024. I tested the new, fewer 18 million signatures with "My personal in the Wild", containing 100 infected downloads. The same number (141) of infected files was detected in the 100 files as with the previous signatures of early May 2024, with 20 million signatures. The number of infected files "141" is larger than the files in "My personal in the Wild" download sample (100) because many files contained in "My personal in the Wild" contain several different viruses, trojans etc. The screenshot with the Duration of 11hrs is with my SSE-only Inspiron laptop (updated signatures of 7Jul2024), the screenshot with the Duration of 1hr is with my SSE2 Core 2 Duo desktop (old signatures of early May 2024). The improvement made by the new signatures is negligeable, the new signatures checked only 17 more component files (171,610 vs 171,593). The screenshots also show that an SSE-only computer is OK for checking a few smaller files, but is definitely too slow for checking "My personal in the wild" (100 infected files, largest file 140MB, total size 3.84GB). BTW, my ancient version of Kaspersky has a detection rate of only 99/100 because it missed the detection of 1 flagged file. The missed flagged file was contained in a multi-part .rar file, contained in a multi-part .zip file, contained in a .rar file. When this file in "My personal in the Wild" was extracted manually, my ancient version of Kaspersky did flag the file.

I have checked "My personal in the Wild" with Kaspersky Anti-Virus v6.0.3.837, signatures of 1Apr2014 [i.e. 10 years old], under Window 98. Only 12 of 100 items were flagged by Kaspersky AV with a 10-year-old signature, in the sample of 100 items flagged by my ancient version of Kaspersky with a near-current signature of early May2024. This shows that a current or near-current signature is essential for virus-detection. Version differences of the scanning engine seem to be only of secondary importance since the dates of the scanning engines of Kaspersky Anti-Virus v6.0.3.837 and that of my ancient version of Kaspersky are not eons apart. A detection rate of 12 in a 100, as with Kaspersky Anti-Virus v6.0.3, means: don't use it. Not sure yet what a detection rate of 52 in 100, as by Avast 2015 with a 10-month-old signature, would imply. The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911230659/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/71/

My Inspiron 7500 laptop has a Pentium III, 650MHz and 2.54GB free space on the WinXP partition. I have used the Inspiron 7500 for testing the SSE-only compatibility of many programs. Programs installed on the Inspiron 7500 also work on another Pentium III 800MHz desktop, which has slots for both PCI and ISA cards and on which I may eventually get to work my Microsolutions CP/M co-processor card. The requirements listed in the .pdf are NOT for the build downloaded, even if p.2 lists "v11.x.x" . 1Aug2015 is the pdf creation date of eScan_AV_User_Guide_010815.pdf. As I stated in my brief test, "mwav.exe is NOT digitally signed, the most recent file contained in mwav.exe has the file modification date 26Apr2023" . mwav.exe can be extracted with 7-Zip. Under SSE-only the installation of this version of mwav.exe fails. archive.org has not captured any application .exes of eScan http://web.archive.org:/*/http://update1.mwti.net/download/tools/* I have briefly checked escanrd.zip listed there, it seems to contain a bootable Chinese+Korean .iso, which I didn't try/burn. If you look into the darker parts, maybe some torrents listed by www.btdig.com, when searching for "escan virus" [no quotation marks], are still working and contain an older build of eScan working under SSE-only, but I doubt it. Searching for "escan" or "escanav" inside eMule, which has a much better retention rate, results in no program listings. The system requirements also list "Additional Drives: CD‐ROM drive", so the SSE-only version probably came on a CD, but the CD is not listed at https://archive.org/search?query=(escan virus) Maybe the CD will be uploaded to archive.org in the future. Until then the build of eScan compatible with SSE-only, referred to in the .pdf, may be a rare file, gone forever. But no idea whether the scan engine of this elusive build, compatible with SSE-only, can be updated with a current signature. Next on my list is Panda, maybe there is a build which works under SSE-only.

The 1st version referred to in my posting is the version referred to in your article. The version numbering of eScan seems to be inconsistent. The log file generated by eScan indicates "Version 22.0.64". If I remember right, "22.0.60" appears in the small msg window when this version of eScan is run on my SSE-only Inspiron 7500, not the window pictured in your article https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/9/#comment-1245109. Yes, the version of eScan in your article does NOT run on my SSE-only computer. I strongly doubt that the program will run on other SSE-only computers.

"My personal in the Wild" I have just created a folder "My personal in the Wild". It contains the 100 smallest files flagged as infected by my ancient version of Kaspersky, in MY downloads of the last 2 months. The downloads were mainly related to WinXP. My guess is that about 5-10 files in "My personal in the Wild" are falsely flagged by Kaspersky (Kaspersky seems to falsely flag substantially fewer files than other anti-virus programs). The purpose of this "My personal in the Wild" is to help me select a 2nd virus-scanner for a dedicated virus-checking computer with SSE2, useful for checking stuff of my personal interest (i.e. WinXP). I have virus-checked "My personal in the Wild" with Avast Antivirus 2015 v10.4.2233 (SSE, Free, 17Sep2015), signature of 10Oct2023. The amazing result was that Avast Antivirus 2015 flagged only 52 of the 100 files in the sample, i.e. 48 out of the 100 files in "My personal in the Wild" were NOT flagged. In my next test I will check my "My personal in the Wild" with Kaspersky Anti-Virus v6.0.3.837, signatures of 1Apr2014, under WINDOWS 98. The purpose of this test is to find out how relevant current virus signatures (20 million signatures vs 7 million signatures) and a little more recent scanning engine are, for my personal interests, and how useful the heuristic and other analysis methods by Kaspersky of 2014 (10 years ago) are today.

I do like calling it "my ancient version of Kaspersky", "ancient" connotes respect for its quality . Maybe I will post the version or a screenshot, for the record, when there will be no more signature updates for it.

Here is a quick review of 2 versions of eScanAV under WinXP SP3 SSE-only: 1) Product Version 11.0.1139.1077 - download and description page: https://www.escanav.com/en/mwav-tools/download-free-antivirus-toolkit.asp - download link: https://update1.mwti.net/download/tools/mwav.exe - mwav.exe is NOT digitally signed, the most recent file contained in mwav.exe has the file modification date 26Apr2023 a virus-check of mwav.exe with my ancient version of Kaspersky did not flag anything suspicious - eScanAV seems to be a repackaged version of Bitdefender: eupdate.ini, installed by mwav.exe into \Temp\ contains the text "Bitdefender 2015", - under WinXP with SSE-only: double-clicking on mwav.exe extracts a huge amount of stuff into the Temp folder, the program seems to run from stuff in the Temp folder, then a msg window comes up "eScan Toolkit (22.0.60): Please Wait" - then: err msg: "MWAV - eSanAV AntiVirus Toolkit. Internal Error!!!. This could be because of incorrect system date setting or missing signature files or corrupt files. Please send MWAV.LOG file to support@escanav.com" - i.e. this version of eScan does not run under WinXP SP3 SSE-only 2) v11.0.1400.2281 (4May2020) - is a 30-day trial - download link: https://update1.mwti.net/download/escan/escan11/awn4k3ek.exe - the installer awn4k3ek.exe is NOT digitally signed a virus-check of awn4k3ek.exe with my ancient version of Kaspersky did flag PASSWORD-PROTECTED stuff inside awn4k3ek. I normally move pw-protected software to flagged stuff (malware, adware etc), except when I fully trust the source, e.g. Beyond Compare the file modification date of many extracted files is 4May2020 - under WinXP SP3 SSE-only: the program installs + updated the signatures OK to the current date 4Jul2024 + seems to run BUT when virus-checking a test-sample of infected stuff: NOTHING is flagged a check of the eScan logfile indicates: "Internal Error!!!. This could be because of incorrect system date setting ... ERROR!!! Unable to load AV!" i.e. the installer and the holding program run under SSE-only, but NOT the scan engine inside. The program does NOT notify the user under SSE-only that nothing gets virus-checked. - i.e. this version of eScan does not work under WinXP SP3 SSE-only The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911231925/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/70/

@Dixel I just looked up "ancient" in my old New Webster International of 1926, the last revision of the first edition of the current dictionary series started in 1909, where "ancient" is defined in the initial definition as "of many years", "of long standing", with examples like "our ancient bickerings". I would refer to CP/M 2.2 as "my old CP/M", but would call the specific instance of Kaspersky AV as "my ancient version x.x.x.x of Kaspersky", so "old" may be older than "ancient"... Telling you the version/build number wouldn't help you, you wouldn't be able to get it, it's just not around anymore, except for the server version.

With my ancient version of Kaspersky being the only choice? I defintely will check out eScan.

Avast Antivirus 2015 does seem to work offline, it has about 10 million signatures vs about 20 million by Kaspersky. The signatures of Avast Antivirus 2015 are of 10Oct2023, both after updating online and after updating from vpsupd.exe. When vpsupd.exe is downloaded with FlashGet, vpsupd.exe also has the file modification date [= server upload date] 10Oct2023. Maybe no more signature updates for Avast Antivirus 2015, maybe a final EOL update sometime in the future. The fact that Avast still has the special SSE-only files on their server may indicate that Avast Antivirus 2015 is not quite yet EOL. Running vpsupd.exe under Total Uninstall lists a huge number of changes and causes my Kerio v2.1.5 firewall to crash, "Windows - Fatal Application Exit", but Kerio is up again after rebooting, everything seems to be OK. Test-installing eScan under SSE-only is on my list, I just want to finish up with my postings about Avast Antivirus 2015. eScan is probably not Western software but Indian software, even if MicroWorld has their head office in the U.S. Maybe a better classification than "non-Western" would be "BRICS-software". Maybe all dualistic classifications of antivirus software are misnomers, we live in a multi-polar world, there may be no good and bad, only shades of grey. I didn't find an entry for MicroWorld in the English wikipedia. On my dedicated SSE2 virus-checking desktop I intend to have at least one Western antivirus software, next to Kaspersky, that's why I spend so much time with Avast.

I am about to change my mind about Avast Antivirus 2015, after some more experimenting. Avast Antivirus 2015 - SSE-only files The "offline" installer of Avast Antivirus 2015 (both Free and Premier) does NOT contain all required components for installing under SSE-only. During the "offline" installation under SSE-only the installer downloads 2 files, ais_gen_gui_nosse2-7e5.vpx and ais_gen_gui_nosse2_cef-7cc.vpx. If there is no internet connection, e.g. the Ethernet cable is pulled out from the computer during the installation, the "offline" installation under SSE-only will terminate with the msg "There was an error while installing the product" -> Restart computer, with Avast Antivirus 2015 NOT being installed. This has two consequences for installing Avast Antivirus 2015 the regular way under SSE-only: 1) You must have an online connection during the installation, during which Avast Antivirus 2015 constantly transmits who-knows-what to who-knows-where. I had to keep clicking continuously on firewall messages permitting outbound connections for completing the installation OK.. 2) Whenever Avast decides to remove these 2 files from their server, Avast Antivirus 2015 canNOT be installed anymore under SSE-only and the installer becomes useless trash. The compatibility with SSE-only is nowadays the only reason for installing old Avast Antivirus 2015. There exists, however, a little trick to install Avast Antivirus 2015 completely offline under SSE-only. STEP 1: Create a partition backup, Then make a 1st installation with the computer online + permit individually all outbound connections. After the installer msg window finishes displaying "Downloading ..." of the 2nd file, wait with the granting of firewall permissions. Immediately copy the 2 downloaded files ais_gen_gui_nosse2-7e5.vpx and ais_gen_gui_nosse2_cef-7cc.vpx from the \Temp\ folder of the installer to another folder on a different partition etc. Then restore the partition backup. This STEP 1 needs to be done only once, for obtaining the 2 rare files required by the installer under SSE-only. STEP 2: Disconnect the internet connection, e.g. the Ethernet cable, then re-install Avast Antivirus 2015. When the window "Question: You are installing an old version of Avast!" is displayed, the installer has finished extracting the installation source. $$$ -> copy these 2 files into the temp folder created by the installer, so that the installer will not attempt to download the missing files from the server. Avast Antivirus 2015 will then install OK, without attempting to download the 2 files. The trick with manually copying these 2 files into the \Temp\ folder during the installation also results in a software where the firewall can automatically disable outgoing connection attempts, no constant clicking when the computer is online. The nuisance part of Avast Antivirus 2015 seems to be set during the online connection of the installer With this installation trick Avast Antivirus 2015 may have become a useful tool under WinXP with SSE-only, especially for retro-computing enthusiasts who do not have my ancient version of Kaspersky.

Thanks for identifying the last SSE-only version and for the link! I am in the process of deciding on a 2nd virus-checker. I started with Avast because it has a big virus signature data base. Avast is owned by Gen Digital Inc., which also owns the Norton, LifeLock, Avira and AVG brands https://en.wikipedia.org/wiki/Gen_Digital I installed Avast Antivirus 2015 v10.4.2233 (SSE, Free, 17Sep2015) on an SSE-only Inspiron 7500 laptop, but I quickly removed it again, with a partition restore to be safe. Too much calling out to googleusercontent.com etc, nearly on every click. I then looked for the corresponding Premium version, hoping that the Premium version wouldn't contain that calling-out stuff. I couldn't find the corresponding Premium build, archive.org seems to have archived only a small corrupt file for Premium v10.4.2233, the download fails. Do you have an OK download link for it? I test-installed the preceding Premium build, Avast Antivirus 2015 v10.3.2225 (SSE, Premium, 28Jul2015) https://web.archive.org/web/20160129062513if_/http://files.avast.com/iavs9x/avast_premier_antivirus_setup.exe I liked the Sandbox, which is not included in the Free version, although I have not yet compared it to other sandbox programs. I was flabberghasted when I saw the consent request of the Premium version, similar to the Free version. The screenshot below was deleted on 11Sep2024. The posting with the screenshot was archived at http://web.archive.org/web/20240911232807/https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/page/69/ "Nearly every software product you use collects information about you. Search engines, games, everything. We do the same." The Premium version seems to have issues similar to those of the talkative Free version. I didn't see the opt-out option in the program, maybe hidden somewhere. I will not keep Avast on my main computers, you also had objections to it. As a new project, I plan to use a dedicated, offline desktop computer only for virus-checking, with both Kaspersky and a supplementary Western virus-checker.