Search the Community

what's the best antivirus that works with the extended kernel? ive been doing research into this recently and can't find anything that would work properly (or won't work at all) so my question is are there any antivirus known to work with the extended kernel if anyone could help with this it would be much appreciated. -legacyfan

I've got MSE 4.4.304 installed per the consensus of it being the best version to install on XP. I'd like to get it working, and I'm perfectly fine with manually installing definitions, which is what I do on Vista anyways, and occasionally on W7 though auto-update there works on its own so that I never have a chance to download the definitions There's a procedure specified in the middle of this thread (now closed), from @heinoganda I believe: 1. Get the old good pe_patch.exe. 2. Rename mpam-fe.exe to TEMP.EXE 3. Use PE_PATCH to change "Sub-System Version" from 5.2 to 5.1 4. Use the reliable n7epsilon's PEChecksum.exe v. 1.4 to correct the PE Checksum. (or ModifyPE) 5. Rename TEMP.EXE to mpam-fe.exe and run it. I couldn't find PEChecksum, the file is no longer available, but ModifyPE works in XP. I changed Sub-System Version from 6.0 to 5.1 then clicked Save, then ran ModifyPE on it using: @echo off cd /D "%~dp0" modifype.exe TEMP.EXE -c pause Now, running the file, I don't see the "not a valid Win32 application" error, but nothing at all seems to happen. Thoughts? In Task Manager, I see TEMP.EXE for a couple seconds, then it disappears. I've tried killing MsMpEng.exe beforehand, and after TEMP.EXE exits that comes back up. Still red, no definitions installed. Previously, I also tried this script: However, this seems to auto-update MSE, which is not what I need - nor do I need it to download definitions. I'm just trying to install the mpam-fe.exe file I already have. I've also tried: For some reason, a minute or so after copying the files into that (originally empty) folder, they disappear. Not sure why, the folder is empty again. Seems that MSE is processing them, almost, but no change in the dashboard, everything is still red. Also tried this procedure: 1.239.450.0 is recommended, but I could only get MpSigStub from as new as mpam-fe 1.211.1490.0 without being TOO new... It runs, after about 30 seconds, it deletes the other extracted files in the directory, then exits. Again, it would SEEM that it was successful. Yet, MSE is as red as always. How can I actually install the current definitions? And if I can't install the current definitions, what are the latest definitions it will happily install?? **UPDATE:** Finally found some success! This page had it all: Turns out the definitions THEMSELVES did stop supporting XP at some point. I ran this one, and now my MSE is now yellow instead of red. That link in question (the latest XP-compatible mpam-fe.exe) is archived in the Wayback Machine (Internet Archive). I'm happy with that - I suppose it's yellow because it knows they are already old, and my MSE will never be green, and I should just live with that? Yellow is better than red, just want to know what I could expect here...

Anti-Malware Toolkit 2.0.2 has been released! 2.0.2 - 2020-09-25 [New] Option to delete downloaded files on close. [Changed] Windows 7 will explicitly use the last supported TLS, version 1.2. [Changed] Right click menu is now Run instead of Install.

Anti-Malware Toolkit 2.0.1 has been released! 2.0.1 - 2020-07-02 [New] Tasks menu to easily allow users to run common repairs. [New] Report a Bug form with diagnostic information. [New] Ability to scan with Microsoft Malicious Software Tool under Tasks menu. [Changed] Applied better optimizations to images. [Changed] Redesigned About form. [Changed] Code improvements and optimizations.

It’s been a long time in the making. Finally, I’ve released the Anti-Malware Toolkit 2! Check it out! It has a lot of quality software to help users get their PCs in good working condition. The Anti-Malware Toolkit 2 has been released! Lunarsoft has always had the goal of helping users rid their computers of malware by suggesting a variety of tools. The search for the right program can be daunting for some users, and takes valuable time. It’s already stressful enough when your computer gets infected by malicious software. Rather than have those users suffer by searching several websites for the right software, there was a better goal. To give users a program that would eliminate the search, providing direct downloads to the files to help get them back to a clean, operational state. Read more on Lunarsoft

One of the most effective ways to keep your system secure and private while on the web is to implement a managed blacklist of sites you just won't allow your device(s) to visit. I have been developing a script that gathers data from various contributors around the web who have developed lists of badware web sites, and compiles the info into a blacklist of sites you REALLY DO NOT want to visit. The result is pressed into service by a very simple process: Adding blacklist entries into your hosts file. Windows uses the file %SystemRoot%\System32\drivers\etc\hosts. to allow you to pre-load your DNS cache. The intent is that if you have a server you'd like to name, but the name isn't provided by an online DNS service, you can name it in your hosts file. But what the hosts file can ALSO do is allow you to redirect name resolution to 0.0.0.0 for any number of sites that serve malware, ads, track you, or just deliver things you don't want to see. An attempt to access that named site just fails. Your computer never contacts it. If you put the right list into your hosts file, your system will automatically, and most importantly without noticeable ongoing overhead, just avoid visiting badware sites. That's it. It doesn't require decisions by you, and it doesn't cause extra software to run. And there's no cost; the information is freely available - and surprisingly well maintained. What you see in a practical sense is that your browsing experience becomes free from ads, you no longer see viruses and malware trying to come in, and your browsing experience even gets faster. No kidding. Let's say, for example, that a badware site is www.iservemalware.com... Maybe links to www.iservemalware.com are embedded in other people's web pages, in ad slots, for example, or in things you fear your kids might click on. Maybe it shows up as a link in an eMail. Or even worse, html that just opens the site as soon as you view the message. It'd be nice if something would just stop your computer from visiting such a bad site, right? One entry in the hosts file will do just that: 0.0.0.0 www.iservemalware.com Boom, your computer won't visit the online server for www.iservemalware.com again. Maybe you've already even added some of your own badware sites you've run across to your own hosts file. But wouldn't it be great if you could combine the web browsing experiences of other folks out there too? There are literally tens of thousands of bad web sites. Seriously. But that number is not infinite! I present to you, free of charge and with no strings attached, my HostsCompiler script: http://Noel.ProDigitalSoftware.com/files/HostsCompiler.zip It retrieves badware site data, processes it into a minimum size blacklist, and augments your existing hosts file. I've tested it on 64 bit Windows 7, 8.1, and 10, though it will probably also work on 32 bit systems and Vista and XP. To set it up: Unzip all the files into the same folder, open an elevated command prompt, CD into that folder, run HostsCompiler.bat by typing its name, it will prompt you to continue, and it will immediately go out and find lists of badware / malware / adware sites from online sources and add them to your hosts file. You'll be instantly protected against visiting nearly 50,000 known badware sites. You'll notice a positive difference in your browsing experience. Run it regularly - for example by scheduling it to run every day using the Windows Task Scheduler as I do - and you'll have a "set it and forget it" system that will keep itself up to date to block the latest servers showing up online with intent to turn you into a victim. For me the script literally runs to completion in 5 seconds. The online sources this script obtains the information from are the following at the time of this writing: http://winhelp2002.mvps.org http://malware-domains.com http://www.malwaredomainlist.com http://adaway.org http://someonewhocares.org http://pgl.yoyo.org http://www.quero.at I wish to acknowledge the fine people who publish the lists at the above sites for their contributions to enhanced online security, privacy, and browsing performance. The executables in my zip file are from the freely available GnuWin32 toolkit plus one I've written (SHOWTIME, a tiny command line executable for displaying the current time/date), and the script is editable and readable, with plenty of comments. It's designed to coexist with whatever else you do with your hosts file. If you have even the slightest worry over running this, I ENCOURAGE YOU to research the executables online and open HostsCompiler.bat in a text editor and learn how it works. Those of you wishing to schedule regular HostsCompiler runs will be interested in this excerpt from the script: :: Synopsis: :: :: HostsCompiler NoPrompt :: :: NoPrompt - (Optional) If specified, will avert the request for confirmation. :: :: :: Suggest scheduling this job with a command line similar to: :: :: HostsCompiler NoPrompt >>C:\Some\Path\HostsCompiler.log 2>&1 :: Be aware that this is batch script and that altering your hosts file is a bit geeky. It requires a little knowledge about how Windows works and the exercise of some care. Don't use this if you don't feel comfortable with manipulating files on your computer. Please let me know if you have any problems or suggestions about things that could be improved. I'd love to hear your experiences with this method of enhancing security. Mine have been good. After running this, if you find a site you'd like to visit no longer works, there are ways to determine what the host name is and whether it's being blocked by a hosts entry - e.g., choose F12 developer tools in Internet Explorer, go to the Network tab, enable tracing, navigate in your browser, and look for a Result of (Aborted) - and you need only comment out the entry in your hosts file to restore access. -Noel