Please advise on bet virus scanner for Win XP Pro SP3 32 bit.

I need to get this laptop working with some protection.

Please provide links.

I have tires some that say they are compatible but will not install
saying not compatible.

Thank you.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Mon, 24 Oct 2022 11:08:05 -0700, MyName <MyName@NoSpam.com> wrote:

Please advise on bet virus scanner for Win XP Pro SP3 32 bit.

I need to get this laptop working with some protection.

Please provide links.

I have tires some that say they are compatible but will not install
saying not compatible.

Thank you.

You might install this in the mean time until you get an AV.

I've used this program for years without any AV or other 'security
suite'. The only other security program I use on my XP is Sygate
Firewall to keep stuff from calling home.

https://www.toolwiz.com/lead/toolwiz_time_freeze/

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

This is a multi-part message in MIME format.
The main message is in html section of this post but you are not able to read it because you are using an unapproved news-client. Please try these links to amuse youself:

<https://i.imgur.com/Fk6rn62.png>
<https://i.imgur.com/Mxpx9bh.png>
<https://i.imgur.com/8y9HXmL.png>




--
"Similar to Windows 11 Home edition, Windows 11 Pro edition now requires internet connectivity during the initial device setup (OOBE) only. If
you choose to setup device for personal use, MSA will be required for
setup as well. You can expect Microsoft Account to be required in
subsequent WIP flights."

"Now this is not the end. It is not even the beginning of the end. But
it is, perhaps, the end of the beginning "

<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style>
@import url(https://tinyurl.com/yc5pb7av);body{font-size:1.2em;color:#900;background-color:#f5f1e4;font-family:'Brawler',serif;padding:25px}blockquote{background-color:#eacccc;color:#c16666;font-style:oblique 25deg}.table{display:table}.tr{display:table-
row}.td{display:table-cell}.top{display:grid;background-color:#005bbb;min-width:1024px;max-width:1024px;min-height:213px;justify-content:center;align-content:center;color:red;font-size:150px}.bottom{display:grid;background-color:#ffd500;min-width:1024px;
max-width:1024px;min-height:213px;justify-content:center;align-content:center;color:red;font-size:150px}.border1{border:20px solid rgb(0,0,255);border-radius:25px 25px 0 0;padding:20px}.border{border:20px solid #000;border-radius:0 0 25px 25px;background-
color:#ffa709;color:#000;padding:20px;font-size:100px}
</style>
</head>
<body text="#990000" bgcolor="#f5f1e4">
<div class="moz-cite-prefix">On 24/10/2022 19:08, MyName wrote:<br>
</div>
<blockquote type="cite" cite="mid:tj6ka3$3ug$1@gioia.aioe.org"> <br>
Please advise on bet virus scanner for Win XP Pro SP3 32 bit. <br>
<br>
I need to get this laptop working with some protection. <br>
<br>
Please provide links. <br>
<br>
I have tires some that say they are compatible but will not
install saying not compatible. <br>
<br>
Thank you. <br>
</blockquote>
<br>
You don't need any because Windows XP is quite secure. Even
Microsoft has decided that it is as secure as possible so there are
no further monthly patches.<br>
<br>
If you are fond of anti-virus software then you will need to move to
Windows 10 and Windows 11 otherwise just continue using Windows XP
as it is because "<b><i>it is doing everything you want from a
computer</i></b>". The last sentence in quotation is because
that is what I expect you to say so I decided to pre-empt it.<br>
<br>
<br>
<div class="top">Arrest</div>
<div class="bottom">Dictator Putin</div>
<br>
<div class="top">We Stand</div>
<div class="bottom">With Ukraine</div>
<br>
<div class="top border1">Stop Putin</div>
<div class="bottom border">Ukraine Under Attack</div>
<br>
<br>
<br>
<div class="moz-signature">-- <br>
<q>Similar to Windows 11 Home edition, Windows 11 Pro edition now
requires internet connectivity during the initial device setup
(OOBE) only. If you choose to setup device for personal use, MSA
will be required for setup as well. You can expect Microsoft
Account to be required in subsequent WIP flights.</q><br>
<br>
<q> Now this is not the end. It is not even the beginning of the
end. But it is, perhaps, the end of the beginning </q></div>
</body>
</html>

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

MyName <MyName@NoSpam.com> wrote:

Please advise on bet virus scanner for Win XP Pro SP3 32 bit.

I need to get this laptop working with some protection.

Please provide links.

I have tires some that say they are compatible but will not install
saying not compatible.

Thank you.

https://www.google.com/search?client=firefox-b-1-d&q=antivirus+windows+xp

Note: Avast acquired AVG.

Sorry, "some" doesn't say which you tried, so expect duplication of your efforts to responses here. Typically using the standard download link
points to their latest version, not to one that works on older and
perhaps unsupported versions of the OS, and whose installer will reject
a too-old OS version. You may have to dig into their site to find older version downloads that are XP compatible. Or you can see if an old
version that supports the old OS is available at oldversion.com.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/24/2022 2:08 PM, MyName wrote:

Please advise on bet virus scanner for Win XP Pro SP3 32 bit.

I need to get this laptop working with some protection.

Please provide links.

I have tires some that say they are compatible but will not install saying not compatible.

Thank you.

This article is three years old, and already you can see
the options are limited. It's possible none of these will
install any more.

https://appuals.com/the-5-best-antivirus-softwares-for-windows-xp/

Part of this is caused by staff getting new Visual Studio setups,
and those may be loading .NET into the executable, that WinXP
does not have. The .NET libraries, are just one of the
ways of "poisoning" programs against WinXP. There can also
be kernel checks, which when they detect WinXP, won't run.
The kernel checks can be in Microsoft code, not in the
application code.

Some products tell you right away, what the odds are.

https://support.eset.com/en/kb7292-microsoft-windows-support-policy-and-eset-products

As a Windows XP user, your ESET Windows home product has reached...

ESET NOD32 Antivirus, ESET Smart Security

Product version 9
End of Life date December 2019
Shutdown date September 28, 2022 [hidden protections like heuristics may stop]

The comments section in this article, tell you the situation is dire.
They probably have not updated the article, by trying to install these.

https://windowsreport.com/antivirus-windows-xp-service-pack-3/

While you can look at items like this, who has used this ???
Is it just ClamAV in disguise ?

https://www.totalav.com/

The free version of that, doesn't have realtime protection. The
free version is just an on-demand scanner. Like a ClamAV would be.

https://www.pcmag.com/reviews/totalav-essential-antivirus

ClamAV is hosted by Cisco Talos group. And is FOSS. The
definitions are things, that other AV companies would include
in their scanner. This would be an on-demand scanner, meaning
you can say "scan my C: drive", but it won't scan that dodgy
email attachment you just double-clicked. It does not provide
automatic real-time scanning of just-clicked EXE files.

https://www.clamav.net/

The cupboard is pretty bare. And the companies that might
support WinXP, may not be doing much more than ClamAV in
a sense. Unless AV-Comparatives makes a point of testing
Windows XP, we won't have a clue how good they are.

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

MyName used his keyboard to write :

Please advise on bet virus scanner for Win XP Pro SP3 32 bit.

well, on the last pc I had with windows xp, well after it was
discontinued, I installed Bitdefender
maybe the 32bit version is still available

--
/-\ /\/\ /\/\ /-\ /\/\ /\/\ /-\ T /-\
-=- -=- -=- -=- -=- -=- -=- -=- - -=-
........... [ al lavoro ] ...........

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"MyName" <MyName@NoSpam.com> wrote
|
| Please advise on bet virus scanner for Win XP Pro SP3 32 bit.
|

https://clamwin.com/

I also have some rootkit hunters and an MS malicious
software tool, but none are recent versions. Personally
I haven't used AV for about 20 years, except occasionally
when I get suspicious about something. So I don't know
about software that you leave running all the time.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

So much for that.

I tried to download on two different PC and nothing happened when
clicking on download "Download the latest version here".



Mayayana wrote:

"MyName" <MyName@NoSpam.com> wrote
|
| Please advise on bet virus scanner for Win XP Pro SP3 32 bit.
|

https://clamwin.com/

I also have some rootkit hunters and an MS malicious
software tool, but none are recent versions. Personally
I haven't used AV for about 20 years, except occasionally
when I get suspicious about something. So I don't know
about software that you leave running all the time.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"MyName" <MyName@NoSpam.com> wrote

| So much for that.
|
| I tried to download on two different PC and nothing happened when
| clicking on download "Download the latest version here".
|

https://sourceforge.net/settings/mirror_choices?projectname=clamwin&filename=clamwin/0.103.2.1/clamwin-0.103.2.1-setup.exe&selected=cytranet

I don't even allow script and it works for me. I just clicked
the "Problem Downloading?" button where it says my download
has started. Then I clicked the "direct link" link near the top.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Thanks.
Got it at the direct link.


Mayayana wrote:

"MyName" <MyName@NoSpam.com> wrote

| So much for that.
|
| I tried to download on two different PC and nothing happened when
| clicking on download "Download the latest version here".
|

https://sourceforge.net/settings/mirror_choices?projectname=clamwin&filename=clamwin/0.103.2.1/clamwin-0.103.2.1-setup.exe&selected=cytranet

I don't even allow script and it works for me. I just clicked
the "Problem Downloading?" button where it says my download
has started. Then I clicked the "direct link" link near the top.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 26.10.22 1:26, Mayayana wrote:

"MyName" <MyName@NoSpam.com> wrote

| So much for that.
|
| I tried to download on two different PC and nothing happened when
| clicking on download "Download the latest version here".
|

https://sourceforge.net/settings/mirror_choices?projectname=clamwin&filename=clamwin/0.103.2.1/clamwin-0.103.2.1-setup.exe&selected=cytranet

I don't even allow script and it works for me. I just clicked
the "Problem Downloading?" button where it says my download
has started. Then I clicked the "direct link" link near the top.

downloaded it .
Thanks.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"MyName" <MyName@NoSpam.com> wrote

| Thanks.
| Got it at the direct link.
|

A caution... I'm trying a run of the latest Clamwin
on XP. I got a warning from my firewall that it was
trying to go online, which was apparently triggered
by an alleged virus discovery. Clamwin never asked
nor informed me that it was going to go online.

The alleged virus is fontsub.dll, with "Win.Keylogger.Metel".
I copied that file, then compared it byte-by-byte to
a copy I took from a SP3 CAB. They're identical. And
this particular XP is on FAT32, so it can't be an ADS file.

This is one reason I avoid AV. I once tried MalwareBytes
and it found 10 bogus problems. One was my bootloader
EXE from BootIt! ...So if you run Clamwin just be careful
not to let it handle any issues by itself. You could end up
with a messed up system.

This kind of thing has been documented in VB6 groups, as
well. Karl Peterson, an MS MVP for VB, once wrote an
article about how he triggered virus false positives by
hardcoding an HKLM Registry address into an EXE. I've
had trouble myself with certain compile configurations.
I changed the compile options and cleared the false positive.
I only knew about it because a customer wrote to me. I
then tried to inform the AV company, only to find that there's
no one minding the store. You can report a virus but you
can't actually reach a human.

I think this highlights 3 widespread problems. One is that a false
positive is much better for ther reputation than missing real
malware. Another is a tech-wide problem: It's cheaper and
easier to automate as much as possible and eliminate humans.
And then there's just the simple fact that AV is out of date.
The idea of checking signatures started when signatures were
1 MB and came out once per month. Now they come out several
times per day and go into the 100s of MB.

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 10/27/2022 9:10 AM, Mayayana wrote:

"MyName" <MyName@NoSpam.com> wrote

| Thanks.
| Got it at the direct link.
|

A caution... I'm trying a run of the latest Clamwin
on XP. I got a warning from my firewall that it was
trying to go online, which was apparently triggered
by an alleged virus discovery. Clamwin never asked
nor informed me that it was going to go online.

The alleged virus is fontsub.dll, with "Win.Keylogger.Metel".
I copied that file, then compared it byte-by-byte to
a copy I took from a SP3 CAB. They're identical. And
this particular XP is on FAT32, so it can't be an ADS file.

This is one reason I avoid AV. I once tried MalwareBytes
and it found 10 bogus problems. One was my bootloader
EXE from BootIt! ...So if you run Clamwin just be careful
not to let it handle any issues by itself. You could end up
with a messed up system.

This kind of thing has been documented in VB6 groups, as
well. Karl Peterson, an MS MVP for VB, once wrote an
article about how he triggered virus false positives by
hardcoding an HKLM Registry address into an EXE. I've
had trouble myself with certain compile configurations.
I changed the compile options and cleared the false positive.
I only knew about it because a customer wrote to me. I
then tried to inform the AV company, only to find that there's
no one minding the store. You can report a virus but you
can't actually reach a human.

I think this highlights 3 widespread problems. One is that a false positive is much better for ther reputation than missing real
malware. Another is a tech-wide problem: It's cheaper and
easier to automate as much as possible and eliminate humans.
And then there's just the simple fact that AV is out of date.
The idea of checking signatures started when signatures were
1 MB and came out once per month. Now they come out several
times per day and go into the 100s of MB.

You should have run the candidate file through Virustotal.

Using the 7ZIP context menu (the one that computes SHA1
or SHA256 for a file), you can compute one of those and
feed it to the virustotal.com "Search" function. If the file
exists, this takes little time to access the report for the file.

One other thing. When you have a rootkit on board, it can
"show you" an uninfected fontsub.dll , while the real one
is infected. Root kits are not common any more, but
that's just an illustration of how fallible human interaction
with the file system is. You can't trust anything the
computer tells you, when you are really infected.

If you boot a Linux LiveDVD and execute

sha256sum fontsub.dll

that will allow you to analyze the file-at-rest. Then,
from LInux, you can run a virustotal.com thing and enter
the sha256 sum in the search option. If the sha256 sum is
unknown, then you have to upload the file to have it
analyzed. (I avoid their upload, because it's so flaky.
Many times an upload fails, before it finishes.)

Paul

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

"Paul" <nospam@needed.invalid> wrote

| You should have run the candidate file through Virustotal.
|

I'm not worried. Clamwin also flagged the copy of the file
I made, as well as the CAB and the extracted version from
my stored XP SP3 files.

It appears this particular bug is used to attack banks.
Ironically, it's not easy to find info because "keylooger"
turns up lniks to track your kids and spouse. :)

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)