Antimalware, firewall, and other security programs for Windows XP working in 2023 and hopefully beyond

[NotHereToPlayGames]

4 hours ago, Milkinis said:

so you don't use a live XP machine ? 

Of course I do!

But NOT for downloading and testing new software that I want to test-run.

I never "try" software on my live XP machine until that software has been thoroughly tested inside a VirtualBox VM.

[AstroSkipper]

43 minutes ago, NotHereToPlayGames said:

Of course I do!

But NOT for downloading and testing new software that I want to test-run.

I never "try" software on my live XP machine until that software has been thoroughly tested inside a VirtualBox VM.

I do every task such as testing software, downloading files, or surfing the web in my real Windows XP machine. I never had a serious infection.  The reason I created this thread was indeed to present, collect and preserve all possible security programmes which are still available for Windows XP to secure such a real machine and protect it against malicious threats. 

Edited July 2, 2023 by AstroSkipper

[AstroSkipper]

Process Hacker 2

Process Hacker is a free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware. The software installs its own driver into the system which significantly expands the search capabilities of the active processes and allows you to detect processes hidden by different viruses and applications. Process Hacker displays processes in a tree structure and divides them into categories that are highlighted in different colors for easier identification. The software offers many possibilities for various actions with processes including viewing detailed information about them and terminating process in different ways to bypass the rootkits and security apps. Process Hacker allows you to view and manage services that can not be displayed in the service console, identify software that has active connections to the network, and receive real-time information about disk access. Also, Process Hacker displays a graph and detailed statistics on the use of the system resources in real time, namely, memory usage, resource consumption of each processor core, reading and writing data. Although the version 2.38 was listed as the last XP-compatible one, the last stable version 2.39 is still compatible with Windows XP (and Vista).

Features:

Main features:

• Detection of hidden and malicious processes
• Termination of any process
• Display of full statistics processes
• Display of system performance graphs
• Viewing services, network connections and disk activity

More features are described here: https://processhacker.sourceforge.io/archive/website_v2/features.php

Homepage: https://processhacker.sourceforge.io/

Version number: 2.39 (r124)

Date of release: 29.03.2016

System requirements:  Windows XP SP2)/Vista/7/8/10, 32-bit or 64-bit

Release notes:

Quote

2.39 Latest

    HIGHLIGHTS:
        Improved compatibility with security and anti-cheat software
        Added ability to edit process environment variables
        Fixed .NET process detection
    OTHER CHANGES:
        Improved tooltip information for dllhost.exe
        Removed Terminator
        Updated DotNetTools plugin:
            Fixed .NET assembly tab performance issues
            Added extra .NET memory counters to the .NET performance tab
            Added "Show sizes in bytes" checkbox to the .NET performance tab
            Added right-click menu to the .NET assembly tab
        Updated ExtendedTools plugin:
            Fixed "No process" disk event bug
        Updated HardwareDevices plugin:
            Fixed incorrect drive letters
            Fixed drive letter and panel clipping issue

Reviews:

https://www.malwarebytes.com/blog/news/2018/11/advanced-tools-process-hacker

https://download.cnet.com/Process-Hacker/3000-2094_4-10971791.html

https://www.pcworld.com/article/457252/review-process-hacker-is-task-manager-on-steroids.html


Download links:

Installer:
https://sourceforge.net/projects/processhacker/files/processhacker2/processhacker-2.39-setup.exe/download
https://github.com/winsiderss/systeminformer/releases/download/v2.39/processhacker-2.39-setup.exe
Portable:
https://sourceforge.net/projects/processhacker/files/processhacker2/processhacker-2.39-bin.zip/download
https://github.com/winsiderss/systeminformer/releases/download/v2.39/processhacker-2.39-bin.zip

Screenshots:









I use Process Hacker since 2010. It's one of the first programmes I usually install in a new Windows system. I always start this programme automatically on Windows start-up. I use Process Hacker to control all loaded processes, services and drivers. One click and I know what is going on in the background of my system. Terminating crashed processes or process trees can be done in a quick and clear way. All services and drivers which are added or deleted will reported via a systray notification. This tool is like an additional security layer besides any antimalware real-time protection.  Process Hacker, like Total Commander, is one of the most used programmes in all my Windows systems. I tried a lot of task managers and I know them all. IMHO, Process Hacker is the best of all.

Cheers, AstroSkipper

Edited July 3, 2023 by AstroSkipper
Update of content

[Vistapocalypse]

Subject: Sandboxie

13 hours ago, Vistapocalypse said:

...I recall mentioning 5.22 in a Windows XP thread years ago, but @Sampei.Nihira insisted that an earlier version was best for XP.

It appears that my recollection was faulty.  I tracked down a Sampei.Nihira post on the subject of Sandboxie for Windows XP from December 2020. He did not suggest a version earlier than 5.22, but rather version 5.40 (developed after Sandboxie became open source). I will edit my earlier post to correct it.

Edit: My recollection wasn’t so bad after all: I was just remembering an earlier post from Sampei.Nihira on February 10, 2020 in which he stated, “The latest version of SandboxIE that best suits working with Windows XP is 3.76.” I will leave my earlier post as it is and apologize for any confusion.

Edited July 2, 2023 by Vistapocalypse
additional content

[AstroSkipper]

9 hours ago, AstroSkipper said:

Of course! Sandboxie belongs to the topic of this thread and is already on my internal list. It was installed in all my Windows XP partitions from the very first. I use the last XP-compatible version 5.22 and I love it. I use it regularly for testing tools I do not trust at first sight. In the past, the best news about Sandboxie was that it no longer required a licence and was declared open source in 2020. https://web.archive.org/web/20200425220152/https://community.sophos.com/products/sandboxie/f/forum/119641/important-sandboxie-open-source-code-is-available-for-download

I am still using the official last XP-compatible version Sandboxie 5.22. I checked Sandboxie's compatibility in terms of Windows XP, too. Indeed, the developer David Xanatos compiled a special, last XP-compatible version Sandboxie 5.40 after it had become open source. This version does not need a licence anymore. Here is a download link: https://github.com/sandboxie-plus/Sandboxie/releases/download/v5.40/SandboxieInstall32_xp.exe
However, I do have a licence, therefore, I am not really interested in.

[Vistapocalypse]

Good for you! However, I don’t think a licence for 5.22 is obtainable in 2023, and the free version nagged after 30 days (see my September 30, 2019 post). I attempted to register two posts after the linked post, but it was already impossible by that time! So 5.40 would seem to be the best option for XP users who want to try Sandboxie nowadays.

[UCyborg]

17 hours ago, Vistapocalypse said:

@UCyborg are you actually using Sandboxie 5.22 on XP?

No, I just remembered it exists. Didn't know about 5.40 version though, good to know.

[AstroSkipper]

On 7/2/2023 at 6:19 PM, AstroSkipper said:

I use Process Hacker since 2010. It's one of the first programmes I usually install in a new Windows system. I always start this programme automatically on Windows start-up. I use Process Hacker to control all loaded processes, services and drivers. One click and I know what is going on in the background of my system. Terminating crashed processes or process trees can be done in a quick and clear way. All services and drivers which are added or deleted will reported via a systray notification. This tool is like an additional security layer besides any antimalware real-time protection.  Process Hacker, like Total Commander, is one of the most used programmes in all my Windows systems. I tried a lot of task managers and I know them all. IMHO, Process Hacker is the best of all.

I presented Process Hacker with a lot of additional information here in my thread. Additionally, I have given my experience and assessment about this programme. Now, I would like to hear from Windows XP users about their experiences and opinions in terms of this programme. So if you should use Process Hacker under Windows XP, feel free to let us know what you think about it! 

Greetings, AstroSkipper 

[NotHereToPlayGames]

I use an older version of Process Hacker, forget at the moment what version number it is (I'm at work and it's on my home computer).

The older versions default to a three-in-one view for processes, RAM, and CPU and I prefer the three-in-one view.

[AstroSkipper]

1 hour ago, NotHereToPlayGames said:

I use an older version of Process Hacker, forget at the moment what version number it is (I'm at work and it's on my home computer).

The older versions default to a three-in-one view for processes, RAM, and CPU and I prefer the three-in-one view.

Do you refer to the systray icon(s) or the main programme view when talking about a three-in-one view?  In my main programme view, I see all of this information about processes, RAM, and CPU. And I have configured Process Hacker to see two separate icons in my systray, one for used RAM and one for the CPU history.

Edited July 5, 2023 by AstroSkipper
Update of content

[NotHereToPlayGames]

I only have two versions that I have kept over the years.  Version 2.28 is the last that doesn't do an auto-update check without asking me (I hate phone-home auto-update checks!).

I was going from memory when I replied at work and it's not processes, RAM, and CPU - version 2.28 has this for a System Information view:

 

Version 2.23 has this view for System Information and I prefer all of that info right there on one screen (I am aware that the same info can be viewed in different screens on newer versions), I just like hitting Ctrl-I and bam, there it all is:

[Vistapocalypse]

That looks cool @NotHereToPlayGames, but do you consider it to be a security program?

[NotHereToPlayGames]

2 minutes ago, Vistapocalypse said:

That looks cool @NotHereToPlayGames, but do you consider it to be a security program?

No, but Astro specifically asked to hear from XP users running Process Hacker under XP.

I run XP and run Process Hacker under XP, so I provided my two cents.

 

5 hours ago, AstroSkipper said:

I presented Process Hacker with a lot of additional information here in my thread. Additionally, I have given my experience and assessment about this programme. Now, I would like to hear from Windows XP users about their experiences and opinions in terms of this programme. So if you should use Process Hacker under Windows XP, feel free to let us know what you think about it! 

 

[NotHereToPlayGames]

But then again, to me, VirtualBox is my biggest and most-used "security program".

Run anything I want, without regard to crashes and holes, without regard to uninstall remnants left behind, without an internet connection to communicate anything whatsoever.

Then delete the VM and revert to the base VM, clone it, and start all over again.  

[AstroSkipper]

Observing the background processes, noticing new and possibly malicious threats and getting systray notifications when new drivers or services are installed, all that can be done by Process Hacker. Here is a quotation from Process Hacker's homepage: 

Quote

A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.

And here is my assessment:

On 7/2/2023 at 6:19 PM, AstroSkipper said:

All services and drivers which are added or deleted will reported via a systray notification. This tool is like an additional security layer besides any antimalware real-time protection.

That's what I call a security programme at its best.  If you don't know what's going on in your system, you don't need to worry about security and possible measures. Then you will just have to blindly trust other programmes and leave the security of your system to them. I personally would never do that.  But, to each their own! 

Edited July 5, 2023 by AstroSkipper