Antimalware, firewall, and other security programs for Windows XP working in 2023 and hopefully beyond

[NojusK]

On 4/13/2025 at 9:55 AM, AstroSkipper said:

Status reports on programmes without a version number, for whatever reason, are generally useless. It either doesn't help to call it an "ancient version". The lack of information and meaning remains in any case. 

The only reason to hide the version number is probably to prevent those AVs from suddenly stop working, as it was with Malwarebytes 1.75. It was all happy days, but once it gained enough attention, they pulled the plug... Sounds silly, but it's very possible. Of course, old Kaspersky versions might be still receiving updates due to it's popularity in it's motherland and much bigger use of old version of Windows.

[AstroSkipper]

7 hours ago, NojusK said:

The only reason to hide the version number is probably to prevent those AVs from suddenly stop working, as it was with Malwarebytes 1.75.

That's why I wrote:

On 4/13/2025 at 11:55 AM, AstroSkipper said:

... , for whatever reason, ...

Which means that it doesn't matter at all. The actual question is: What's the point of a report on an old version without a version number of a programme that does not stand for security anyways? Everyone can answer this question for themselves.  And if a manufacturer wants to pull the plug, then a few posts in some thread won't change anything. One should evaluate things in life realistically. 

Edited April 14 by AstroSkipper
Update of content

[Multibooter]

7 hours ago, AstroSkipper said:

.. a programme that does not stand for security anyways ...

Can you judge the quality of a specific program which you have never tested, of which you don't even know the build and version? Just food for thought, please don't take my comment in an argumentative way, I do like your many excellent and really helpful postings!

I plan to provide details publicly about this build when the Kaspersky signature server stops providing updates for me. And maybe download links. My ancient version of Kaspersky is a corporate version and the signatures can be updated from the Kaspersky server and from an update distribution folder. Updates from an update distribution folder have worked fine for various computers with WinXP, from Pentium 3 to i7, without requiring internet access.

I am archiving each signature update, so that eventually there will be a final signature update under Windows XP - but hopefully not in the near future! A final signature update may still be useful for 6 months and longer, and then virus-checking will have to move on to a more recent operating system.

The final signature update for Kaspersky Anti-Virus under Windows 98 was on 1Apr2014. Being able to update signatures under Windows XP in 2025 is pretty good!

 

Edited April 15 by Multibooter

[AstroSkipper]

10 hours ago, Multibooter said:

please don't take my comment in an argumentative way, I do like your many excellent and really helpful postings!

First of all, thanks!  About that stuff, all has been said here. There is nothing to argue anymore. The facts are crystal clear. And common sense should not be disregarded.

10 hours ago, Multibooter said:

Can you judge the quality of a specific program which you have never tested, of which you don't even know the build and version?

Yes, of course! Besides all the facts, zero trust in this programme!  And it doesn't matter which version. BTW, I have tested it long, long time ago. But the way this programme lived its own life was unacceptable. I only allow programmes to do what I have authorised and set up. So after a short time, I deleted everything related to this programme and deep-cleaned my partition. And from today's perspective, that was a very wise decision. 

Edited April 15 by AstroSkipper
Update of content

[Saxon]

On 4/14/2025 at 5:39 AM, NojusK said:

old Kaspersky versions might be still receiving updates due to it's popularity in it's motherland

We'd need to see some actual evidence, statistics from independent sources, fact checked researches. Until then, it's just a guess.

On 4/14/2025 at 7:05 PM, Multibooter said:

Can you judge the quality of a specific program which you have never tested, of which you don't even know the build and version?

I've never even heard of this programme before, in Belgium we don't use it, and the first time I read about it was here, but no proof of its alleged "quality" was ever provided..

 

[Multibooter]

6 hours ago, Saxon said:

I've never even heard of this programme before, in Belgium we don't use it, and the first time I read about it was here

 

One attraction of msfn.org is that you can discover many little jewels here. I, for example, have recently discovered the usefulness for me of Paragon GPT Loader and OpenVPN, thanks to the helpful postings of fellow msfn members.

[Multibooter]

6 hours ago, Saxon said:

... but no proof of its alleged "quality" was ever provided..

 

I can attest that my specific build of Kaspersky Anti-Virus is of top quality and is completely safe to use for virus-checking. I have used this build for 11 years, nearly every other day. I am not Russian and have no affiliation to Kaspersky or Russia whatsoever.  I am an old member of msfn, since 2008, 1k+ postings and I have never given bad advice intentionally.

One man's opinion, no more discussions about that, you're entitled to your opinion.

Edited April 16 by Multibooter

[AstroSkipper]

I am an old member of MSFN too with 4k+ postings , and I have never given any advice without a well-founded reason.  Long story short, absolutely no trust in Kaspersky and especially in their definition updates. And this will be the case forever. The reasons for that can be read in all its detail in this thread. 

Edited April 16 by AstroSkipper

[Multibooter]

1 hour ago, AstroSkipper said:

... absolutely no trust in Kaspersky and especially in their definition updates...

Reminds me of two expert witnesses in court, on opposing sides . I talk about a specific build, you talk about Kaspersky in general. But let's move on!

[Saxon]

12 hours ago, Multibooter said:

Reminds me of two expert witnesses in court, on opposing sides . I talk about a specific build, you talk about Kaspersky in general. But let's move on!

My mom's a criminal defence attorney. In court, you need to provide exact details, but you explicitly denied to do that, without the knowing your version we have nothing more to investigate, the court denies your application.

Added.

As for Kaspersky in general, there was an investigation here already, also by "ancient" and respected members, in this topic, about the fact it changes main Windows system files, scroll back,

Edited April 16 by Saxon

[Multibooter]

7 hours ago, Saxon said:

As for Kaspersky in general...

Does "in general" also include "AntiViral Toolkit Pro for Windows 95 Beta by Eugene Kaspersky (C) KAMI Corp., Russia, 1992-1996"? It probably still runs under WinXP and surely is no risk. The term "in general" always implies "exceptions", so I agree with you. And I do appreciate your comments, especially from a person a generation younger than I am, who is interested in Windows XP!

The risk depends on the version and build, reflecting how Kaspersky mutated. Microsoft also mutated, and I like the old XP version of Windows.

BTW, AntiViral Toolkit Pro by Eugene Kaspersky was distributed in the US, around 1996-98, by a company called "Central Command Inc.", sounds like https://en.wikipedia.org/wiki/United_States_Central_Command - what a mutation!

But again, I'll  move on. I personally have all I need regarding antivirus under WinXP, and there are several other topics at msfn to which I may contribute. My recent postings here were intended to share my experience of updating my antivirus program via VPN. VPN under WinXP has become recently one of my current projects of interest.

Edited April 16 by Multibooter

[AndreasB.]

There are no more keys for Kaspersky Antivirus.
Therefore, this is now also eliminated.

Which antivirus program is still suitable for Windows XP and also gets virus updates?
The system should not burden the system too much either.

[pcalvert]

Simple Software-Restriction Policy should also be included on the list. Personally, I would not use Windows XP without it.

Simple Software-Restriction Policy
https://sourceforge.net/projects/softwarepolicy/

Simple Software Restriction Policy is a security add-on for Windows
https://www.thewindowsclub.com/simple-software-restriction-policy-windows

 

[Multibooter]

On 7/18/2025 at 3:47 PM, AndreasB. said:

There are no more keys for Kaspersky Antivirus.
Therefore, this is now also eliminated.

Yes, there are no more working license keys for My ancient version of Kaspersky. My last license key for My ancient version of Kasperky expired 10 years ago. When I then contacted Kaspersky in the US they informed me that they had no more license keys for My ancient version of Kaspersky for sale, and that I should contact their head office in Moscow, maybe they could sell me one. But that looked a little complicated to me, and I don't need daily updates.

My ancient version of Kaspersky is definitely not eliminated. It is a trial version which has NO EXPIRATION DATE, in contrast to subsequent trial versions by Kaspersky, and runs indefinitely without a license key. It has been used nearly daily over the past 10 years, with near-current signatures, without requiring a license key. The limitation of this trial version is that it can be updated ONE time after installation. After the first successful signature update, the update button is greyed-out and doesn't work anymore.

Here is the explanation of why My ancient version of Kaspersky is still updateable:
I have been making progressive clean opsys/partition backups, since the initial installation of WinXP:
step 1) created a clean opsys/partition backup
step 2) test-installed e.g. 5 new programs, and e.g. 4 of them were rejected and 1 should be kept
step 3) restored the preceding clean opsys/partition backup
step 4) made a clean re-install of the program(s) I wanted to keep
step 5) created the next clean opsys/partition backup with the new program(s) I wanted to keep
etc

The benefit of such progressive, clean opsys backups is that the computer stays clean and free of junk.

When I made the clean install of My ancient version of Kasperky (step 4),
- I installed the program
- made all the desired customization settings
- created a new progressive, clean opsys/partition backup (step 5), WITHOUT having updated Kaspersky
The benefit of creating a progressive, clean opsys/partition backup of Kaspersky, WITHOUT having run the 1st signature update, is that the opsys backup file and all subsequent progressive backups do not get bloated with 700+ MB of signatures.

A side benefit of creating a clean opsys backup of My ancient version of Kaspersky, WITHOUT having run the 1st signature update, was that whenever a subsequent progressive opsys/partition backup was restored (step 3), e.g. when making a new progressive opsys backup, a virgin version of Kaspersky was back again, permitting an update with the current signature..

I make progressive, clean opsys/partition backups about every 2-3 months, with new good stuff added progressively. My ancient version of Kaspersky has worked fine for me, even with signatures up to 3 months old.

Below are two screenshots of My ancient version of Kaspersky under WinXP SP3, updated last week to the signature of 3Dec2025.

 

 

The Server edition of My ancient version of Kaspersky also installs, runs and updates fine under Windows Server 2003 on my Inspiron 7500 laptop (Pentium III of the year 2001, 700MHz). Below are three screenshots under Windows Server 2003 of 20Nov2025.

 

 

 

I had installed Win2003 on my Inspiron 7500 because WinXP cannot be made to work with GPT HDDs >2TB on a Pentium III laptop. My ancient version of Kaspersky can virus-check OK stuff on a 4TB HDD, under Win2003 on a 24-year-old Pentium III laptop, although it is extremely slow.

 

 

Edited December 9 by Multibooter

[Multibooter]

On 6/24/2023 at 10:46 AM, AstroSkipper said:

In Germany, the "Bundesamt für Sicherheit und Information (BSI)", in English the "Federal Office for Information Security (BSI)", had already warned against the use of anti-virus software from the Russian manufacturer Kaspersky on 15 March 2022: https://www.bsi.bund.de/DE/Themen/Unternehmen-und-Organisationen/Cyber-Sicherheitslage/Technische-Sicherheitshinweise-und-Warnungen/Warnungen-nach-Par-7/Archiv/FAQ-Kaspersky/faq_node.html (German website, use an online translator!).

My ancient version of Kaspersky under Windows 10

My ancient version of Kaspersky installs, runs and works fine under WinXP. During the installation under WinXP I have de-selected the "Protection Components", I don't need them.

Under Windows 10, however, immediately after clicking on the installer of the workstation edition of My ancient version of Kaspersky, the following message comes up:

"Program Compatibility Assistant. This app can't run on this device
Kaspersky Anti-Virus xxx
This app can't run because it causes security or performance issues on Windows. A new version may be available. Check with your software provider for an updated version that runs on this version of Windows."

The Program Compatibility Assistant of Windows 10 prevents the start of the installation of the workstation edition of My ancient version of Kaspersky under Windows 10. This blocking of the installation under Windows 10 by the MS Program Compatibility Assistant corroborates the BSI warning in the posting by AstroSkipper.

The small print of the BSI warning of 15Mar2022 in the link by AstroSkipper indicates a possible non-technical motivation:
"Im Kontext des Krieges, den Russland gegen die Ukraine führt, könnte ein russischer IT-Hersteller selbst offensive Operationen durchführen". [translation from German: "In the context of the war by Russia against Ukraine, it could be possible that a Russian information technology manufacturer could engage on their own in offensive operations"]

I strongly doubt that the testing by the German BSI in 2022 included My ancient version of Kaspersky under Window XP (EOL of WinXP was 2014-2019).

My ancient version of Kaspersky installs, runs and works fine with all versions of Windows from Windows 2000 thru Windows 7/Windows Server 2008, without being blocked by The MS Program Compatibility Assistant, they are listed in the User Guide as system requirements.
The Program Compatibility Assistant was introduced with Windows Vista. The first posting I have found about Kaspersky being blocked by the MS Program Compatibility Assistant was of 10May2022 [the Russian invasion of Ukraine was on 24Feb2022]
https://malwaretips.com/threads/problem-installing-kaspersky-anti-ransomware-tool.113730/

So the workstation edition of My ancient version of Kaspersky cannot be installed under windows 10.

But hold it, there is another, little-known edition of My ancient version of Kaspersky. It is a specced-down workstation edition for virus-checking, without the "Protection Components". This edition is NOT blocked under Windows 10 by the Program Compatibility Assistant, i.e. it looks OK to the MS Program Compatibility Assistant. It installs, runs and works OK under Windows XP and Windows 10.

 

The screenshot above shows this specced-down edition running OK under Windows 10. My ancient version of Kaspersky pre-dates Windows 10, and displays the Windows 10 operating system as "Microsoft Windows NT 6.2 x64 Edition (build 9200)".

 

 

Screenshots above: This specced-down edition of My ancient version of Kaspersky updates OK under Windows 10.

Comparing the specced-down edition under Windows 10 vs the normal workstation edition under WinXP

1) I made a virus check of "My personal in the Wild", a collection of 100 infected files from eMule, with the specced-down edition under Win10 and with the normal workstation edition under WinXP.
Both test scans flagged the same number of infected files, so both the specced-down and the normal workstation versions are equally useful for virus-checking.

Above: Scan result with the normal workstation edition under Windows XP SP3

Above: Scan result with the specced-down workstation edition under Windows 10

SUMMARY: Viruses. malware etc get flagged OK by both editions, under Windows XP and under Windows 10. The specced-down edition doesNOT get blocked by the MS Program Compatibility Assistant under Windows 10.

2) I also made another test-scan with the two editions under Windows 10 and Windows XP, this time with a set of clean, not-infected files (184 files, altogether 64GB).

Above: Scan results of the set containing only clean files, with the normal workstation edition under Windows XP.

 

Above: Scan results of the set containing only clean files, with the specced-down edition under Windows 10

The specced-down edition under Windows 10 produced four "processing error" messages, probably because of some incompatibility with Windows 10, but virus-checking continued uninterrupted, as usual. I would speculate that these processing error messages will not occur when the specced-down edition is run under WinXP. Virus-checking of clean files with the specced-down edition is more efficient (808,744 files scanned vs 1,105,804 files), reducing the scan-time substantially (1:14hrs vs 2:29hrs).

The screenshots made under Windows 10 have a white title bar, while the screenshots made under Windows XP have a blue title bar. The above tests under Windows 10 and Windows XP were made on the same computer, which was set up for multi-booting into various operating systems.

The specced-down edition seems to have fast virus-checking as objective. The Settings window of the specced-down edition, in contrast to the normal workstation edition, doesnot display a check-box for the selection/de-selection of the "iSwift" setting, which is a setting to speed up virus-checking on NTFS partitions. I manually changed three instances of the value "UseIStreams" in the KasperskyLab key in the Windows 10 registry in order to set "iSwift" to "off" for most of the checking by the specced-down edition under Windows 10, which is my preferred setting.

Under WinXP I prefer the normal to the specced-down workstation edition, mainly because the normal version has worked fine for the past 10+ years.

Edited 53 minutes ago by Multibooter