Jump to content

Antimalware, firewall, and other security programs for Windows XP working in 2023 and hopefully beyond

AstroSkipper

By AstroSkipper
in Windows XP

 Share

Recommended Posts

Dixel

Dixel

Posted
Posted
19 hours ago, AstroSkipper said:

If I wanted to install a Comodo Firewall 6.x.x version, I would go with Comodo Firewall 6.3.39949.2976 as it is the last archived version.

Excellent choice! I'm thinking to try this approach, I'll observe the whole situation a bit longer, then install this new one, many thanks for it!

5
  • 5 weeks later...

dmiranda

dmiranda

Posted
Posted (edited)

For on demand, offline scanning of files, trendmicro works relatively well (although slow as expected in large full of data disks) with the following setup. Note that if you are not finicky about non portable stuff, you probably get the same or similar by using https://www.trendmicro.com/en_il/forHome/products/housecall.html which seems to run in XP and auto-update of patterns and definitions:

o   sysclean.com - the main executable module, you need to run it in a directory of your choice; while running, copy all the files that sysclean.com unpacks in the folder, including sysclean.exe, into a subflolder, close and delete sysclean.com and move the content of the created subfolder to the root folder . From then on, run the program using sysclean.exe.

DOWNLOAD FROM http://www.trendmicro.com/ftp/products/aupattern/tsc/sysclean.zip

o   readme.txt   - basic, standard instructions for use 

DOWNLOAD FROM http://www.trendmicro.com/ftp/products/aupattern/tsc/readme.txt  
o   ssapiptn.da5 - spyware pattern file

DOWNLOAD FROM https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=31&regs=nabu&lang_loc=1

o   lpt$vpn.XXX  - malware pattern file (see Requirements)

DOWNLOAD FROM https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=1&regs=nabu&lang_loc=1

o   ENGINE vsapi32.dll: there is an arguably outdated engine (9.750.0.1005) included in sysclean.com, also downloadable from With different results (depending on setup and happenstance), it can be updated using the 4 methods below. Use the one that suits you best. 

o   Patterns (the ones in readme.txt and other not mentioned in readme.txt) that may work at: https://www.trendmicro.com/en_gb/business/products/downloads.html#all-pattern-files. The links to those files in said page may vary from setup to setup (VPN, DNS provider, DOH in browser, etc) so I also report the names. If the links below don't work, you can search and find and then download in the above webpage:

  1. Consumer Smart Scan Agent Pattern - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=51&regs=nabu&lang_loc=1
  2. Conventional Enterprise OPR - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=1&regs=nabu&lang_loc=1
  3. Damage Cleanup Template - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=11&regs=nabu&lang_loc=1
  4. Network Virus Wall Pattern - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=19&regs=nabu&lang_loc=1
  5. Smart Scan Agent Pattern - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=35&regs=nabu&lang_loc=1
  6. Spyware Pattern - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=31&regs=nabu&lang_loc=1
  7. Threat Discovery Appliance - NCCP - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=107&regs=nabu&lang_loc=1
  8. Threat Discovery Appliance - NCIP - https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=103&regs=nabu&lang_loc=1

I now keep this portable on demand/offline scanner with clamwin (that can be supplemented with -I seldom use it- on the fly, kind of real time scanning with ClamSentinel), and Avast anti rootkit. MBB is out of the picture now. As per our host here, @AstroSkipper, other similar available products for XP are eScanAV Anti-Virus Toolkit (MWAV) or RogueKiller Anti-Malware Free.

Be well!

 

Edited by dmiranda
EDITED TO CONSOLIDATE COMMENTS WHILE TESTING, AND SIGGESTIONS by AstroSkipper, as I understood them.
AstroSkipper

AstroSkipper

Posted
  • Author
Posted (edited)
16 hours ago, dmiranda said:

This leaves me with three offline on demand virus-crapware checking methods: sysclean.exe, discussed above, clamwin (that can be supplemented for somewhat constant on the fly scanning with ClamSentinel), and Avast anti rootkit. MBB isout of the picture now.

TBH, there are more offline on demand scanners which are most recent in terms of engine and virus defhinitions. For example, eScanAV Anti-Virus Toolkit (MWAV) or RogueKiller Anti-Malware Free. The more rare ones are antimalware programmes with real-time protection in Windows XP.
In any case, it is good to list other programmes for Windows XP here, whether they are offline scanners or fully-fledged antimalware programmes with real-time protection:thumbup

Edited by AstroSkipper
Update of content
4
George King

George King

Posted
Posted (edited)

Hi @AstroSkipper I see there is still no mention about Huorong Internet Security 6 which still support Windows XP.  For modern system is also available on Microsoft Store.

Homepage: 

https://huorong.cn/

Download x64 v2024.09.20 

https://down-tencent.huorong.cn/sysdiag-all-x64-6.0.2.3-2024.09.20.1.exe

 

Download x86 v2024.09.20 

https://down-tencent.huorong.cn/sysdiag-all-x86-6.0.2.3-2024.09.20.1.exe

 

Some pictures from my Windows XP testing machine

3.png

1.png


2.png


4.png


5.png


6.png


7.png


8.png


9.png


10.png

 

Edited by George King
1
AstroSkipper

AstroSkipper

Posted
  • Author
Posted (edited)
2 hours ago, George King said:

Hi @AstroSkipper I see there is still no mention about Huorong Internet Security 6 which still support Windows XP.  For modern system is also available on Microsoft Store.

Homepage: 

https://huorong.cn/

Download x64 v2024.09.20 

https://down-tencent.huorong.cn/sysdiag-all-x64-6.0.2.3-2024.09.20.1.exe

 

Download x86 v2024.09.20 

https://down-tencent.huorong.cn/sysdiag-all-x86-6.0.2.3-2024.09.20.1.exe

 

Some pictures from my Windows XP testing machine

3.png

1.png


2.png


4.png


5.png


6.png


7.png


8.png


9.png


10.png

 

Thanks for the reminder and further information! You had already mentioned Huorong Internet Security here:
https://msfn.org/board/topic/184730-antimalware-firewall-and-other-security-programs-for-windows-xp-working-in-2023-and-hopefully-beyond/?do=findComment&comment=1256082
Unfortunately, no-one except you and me had provided any further information about this programme. It has therefore been forgotten again due to a general lack of interest as usual. What I personally don't like about this manufacturer is the homepage, which is apparently only available in Chinese. And even the downloadable manuals are only in Chinese. Online translators still have problems with Chinese. Google translated Huorong as Tinder:crazy: On purpose or by chance? :buehehe: I do not hope Huorong is Tinder related. :blink: And the few tests that I have briefly looked through are not particularly positive either. Except for the fact that it is compatible with Windows XP, which is of course great. Long story short. What about storage space, RAM utilisation, processor load and detection rates? :dubbio:

 

Edited by AstroSkipper
Update of content
3
AstroSkipper

AstroSkipper

Posted
  • Author
Posted (edited)

@dmiranda All your download links for pattern files are not working. For example, your link https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=31®s=uk for the spyware pattern file does not do anything. The correct link has to be: https://downloadcenter.trendmicro.com/index.php?clk=tab_pattern&clkval=31&regs=nabu&lang_loc=1 where you can download the file ssaptn763.zip by this link: https://www.trendmicro.com/ftp/products/aupattern/spyware_ssaptn/ssaptn763.zip 
Please correct all your links so that they are really working! :P

On 9/20/2024 at 6:32 PM, dmiranda said:

I notice, though, that on closing sysclean.com, the engine gets deleted together with other files sysclean.com creates when starting (and deletes again when closing) - including sysclean.exe. For testing purposes, I have

(1) run sysclean.com and copied these generated files into a random folder,
(2) closed sysclean.com,
(3) copied the saved folder back to root,
(4) copy now to root the updated engine plus tmcomm.cat (required by sysclean.exe).
(6) save for future need sysclean.com into a random folder

Then run sysclean.exe (which would have otherwise dissapeared with the newest engine on closing engine.com)

After first launch of the sysclean.com file and copying all extracted files to another location, the trick to avoid deleting all files inside the Sysclean folder is to always start the tool by applying the file sysclean.exe instead of sysclean.com.

Edited by AstroSkipper
3
AstroSkipper

AstroSkipper

Posted
  • Author
Posted (edited)
On 9/20/2024 at 6:32 PM, dmiranda said:

You can get a newer engine from the Trend Micro Anti Threat Toolkit (ATTK), https://helpcenter.trendmicro.com/en-us/article/tmka-17906, unzip attk_ScanCleanOffline_gui_x86.exe, and get vsapi32.dll.  Thanks to Hangar0 from PFC  (our @Hangar0?).

Have you also checked this tip? :dubbio: You know the proof is in the pudding. The scan engine vsapi32.dll in the version 22.610.0.1017 inside the attk_ScanCleanOffline_gui_x86.exe file does not work properly in Trend Micro Sysclean. In my test scan, this engine leads to errors documented in the report.log file. However, the scan engine vsapi32.dll in the version 21.600.0.1007 inside this archive does the trick: http://files.trendmicro.com/products/engine/VSAPI/21600/dll/VSAPI-NT-DLL-21.600-1007.ZIP Please correct this in your post, too! :P After performing a scan, the report isn't displayed by the tool. You have to open the report.log file manually. All in all, I don't like this tool. :no: It's too old and does not directly show information about the scan process. Furthermore, too less features and only a very few options. But it is indeed able to scan files even today. And the most recent pattern files are still compatible with this old tool.

Edited by AstroSkipper
Update of content
2
George King

George King

Posted
Posted

@AstroSkipper All test I found about Huorong were for v5 version and about 5 years old. I quess it's not bad if Microsoft added it to it's store for modern systems.

 

On my testing machine was installation size +-100MB. Two new processes was added - HipsDaemon.exe +- 160MB RAM and HipsTray.exe with +- 20MB RAM. I have 32GB on this testing machine, so it can eats what they need. But seems it small install size and RAM usage too. CPU usage was not changed at all, my system still have same 1% CPU usage.

AstroSkipper

AstroSkipper

Posted
  • Author
Posted (edited)
14 hours ago, George King said:

@AstroSkipper All test I found about Huorong were for v5 version and about 5 years old. I quess it's not bad if Microsoft added it to it's store for modern systems.

Here is a review of Huorong Internet Security v6
https://malwaretips.com/threads/huorong-internet-security-v6-finale.132002/ 
And the test results are rather disastrous. :o There is still a lot of room for improvement. :rolleyes: So I can't agree with your assessment. nimportequoi.gif

Edited by AstroSkipper
Update of content
3

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...