theelf wrote on 2025-02-24, 20:44:

I always say that virus are a invention from antivirus companies! some weeks i have my XP computer 24x7, love emule

That reminds me of the Amiga demoscene! 😀
There was a group which released a virus and then an anti-virus soon after.
Those crazy kids! 😁
(The works were Virusmaker and Viruskiller by Tristar, I think.)

Anti-virus:
https://www.pouet.net/prod.php?which=48004
https://www.youtube.com/watch?v=eavtXl4Ei3c&t=6450s

Also interesting: https://en.wikipedia.org/wiki/AIDS_(Trojan_horse)
https://www.heise.de/en/news/Missing-Link-35- … k-10247713.html

Edit: This part is kind of amusing, I think, albeit a bit tragic too.
(I don't mean to make fun of passed by people, but the situation as such is akwardly funny.)

"According to the psychiatrist’s report Popp’s mental condition since his extradition to the UK from the United States in May of […]
Show full quote

"According to the psychiatrist’s report Popp’s mental condition
since his extradition to the UK from the United States in May
of this year declined considerably. A spell of several days on
remand at Brixton Prison is understood to have had a particu-
larly adverse effect on his mental state. His recent antics have
included wearing a cardboard box, putting hair rollers in his
beard to protect himself from ‘radiation’ and ‘micro-organ-
isms’ and wearing condoms on his nose. In recent months
Popp has been resident at the Maudsley hospital, a psychiatric
care unit in south London."

Src: https://www.virusbulletin.com/uploads/pdf/mag … 1992/199201.pdf

This one was also a thing:

https://en.wikipedia.org/wiki/Virus_Creation_Laboratory

I think I still have it somewhere on a floppy disk.
I never was brave enoght to even try to run it. 😁

I think that nowdays nobody wants to target virus for WinXP (and older) except NSA etc. who needs to hit some very special industrial targets in hostile countries but such virus would surely not be spreaded widely to users but targeted very precise way. I think that current viruses developed for W10/11 mostly couldn't even run on old XP as developed by modern tools that are incompatible with XP. So I think most danger could be some internet/warez archives of old SW that may contain some old virus from XP era that could be detectable even with old AV. It doesn't infect the PC magically without user action but someone needs to run infected executable. Of course it can't stop some retro fan to develop a new virus for XP and spread it for fun so make backups 😀

RayeR wrote on 2025-02-24, 22:17:

I think that nowdays nobody wants to target virus for WinXP (and older)

Your right no one is targeting XP, however a lot of code is backwards compatible so good chance a vulnerability in Win11 also exists in XP.
However the further we move away from XP or any x32 version of Windows fewer and fewer virus will work anymore, just like how Win9x is pretty safe now.

Hm. Now I have this picture in my head, of malware developers in suits, running MS Visual Studio 2022 on their latests PCs in open-plan offices..
Is it really like this? Developers of malware being up-to-date, writing clean, MS certified code that runs snuggly on modern Windows?

I was always under the impression that hackers were those underground guys with their hacky development tools. Like the keygen scene, maybe.
Hackers who're exploiting the oldest, deepest parts of Win32 sub system.
Who're using Win32 assembler, hex editors, or efficient Delphi and Borland compilers from 90s etc.
Always looking for system services and network stacks that can be exploitet.
Maybe digging into Windows NT native API..

RayeR wrote on 2025-02-24, 22:17:

It doesn't infect the PC magically without user action but someone needs to run infected executable.

It isn't true that you your PC won't get infected if you not running any executable.

Look at this:
https://www.youtube.com/watch?v=Dlpws3dE3sE

Rencer wrote on 2025-02-24, 23:45:

RayeR wrote on 2025-02-24, 22:17:

It doesn't infect the PC magically without user action but someone needs to run infected executable.

It isn't true that you your PC won't get infected if you not running any executable.

Exactly!

And you don't even need any modern magical devices for that.
The problem was known already in the 90s - no infected executables, just Microsoft Office data files with macro viruses...
And then there came the XP (and other versions, XP was just the most common) with vulnerable MS RPC service - put it on a public IP address, and it's *guaranteed* to catch something soon, without the need for the user to do anything!

Rencer wrote on 2025-02-24, 23:45:

It isn't true that you your PC won't get infected if you not running any executable.
Look at this:
https://www.youtube.com/watch?v=Dlpws3dE3sE

Sure, there are USB HID exploits but it requires physical access to your computer. If someone has physical access he can do a lot evil stuff and break through most of protections.

Also there were some security holes in network stack/other services that could be exploited but it was mostly problem of unpatched original XP, maybe SP1. Since SP2/SP3 I think most of it was fixed. Even it continued with security updates for XPE untill 2019... And I always disabled services like RDP by default and left only needed minimum.

Jo22 wrote on 2025-02-24, 22:49:

Hm. Now I have this picture in my head, of malware developers in suits, running MS Visual Studio 2022 on their latests PCs in open-plan offices..
Is it really like this? Developers of malware being up-to-date, writing clean, MS certified code that runs snuggly on modern Windows?

I think most spreaded kind of viruses now is some kind of ransomware because it really works to make money. And to make many money you need to spread your ransomware in wide audience - this means Win10/11 users and not 1% of fosil XP or 9x users. So yes, you will need use modern tools to make your ransomware run on Win10/11 not 90' delphi 😀

https://thorium.rocks/winxp/
https://win32subsystevm.live/supermium/
Installed those a couple weeks ago. One was much faster than the other -sorry, I don't remember which (cool story, bro).

The song hasn't changed at all in the last 20 (almost 25) years. 😜

https://arstechnica.com/civis/threads/19-reas … dows-xp.941657/

This one sounds most relatable to me, just change XP to 10 and 3.1 to XP (and even Win10 is becoming old stuff).

Think about it. Most people use windows because they have to at work because they have specific programs that only run on windows. MS can and will stop supporting current OS's eventually. You will be assimilated--most programs require a certain version of windows to run. MS has the stranglehold, developers always develop for the newest version of their OS. Sooner or later, the app that you need and use on a daily basis will only run on XP or better. How many people are running Win 3.1? How many apps can you buy that will run on 3.1? MS is in control, and they know it.

Somewhat related:

"You will be upgraded!"

RayeR wrote on 2025-02-24, 22:17:

I think that nowdays nobody wants to target virus for WinXP (and older) except NSA etc. who needs to hit some very special industrial targets in hostile countries but such virus would surely not be spreaded widely to users but targeted very precise way. I think that current viruses developed for W10/11 mostly couldn't even run on old XP as developed by modern tools that are incompatible with XP. So I think most danger could be some internet/warez archives of old SW that may contain some old virus from XP era that could be detectable even with old AV. It doesn't infect the PC magically without user action but someone needs to run infected executable. Of course it can't stop some retro fan to develop a new virus for XP and spread it for fun so make backups 😀

I do mainly Flight Simulator 98 which does not work at W10 and beyond. I have observed in this SDK that some graphical subroutine beyond OpenGL1.2.

Main retro gaming os? Yes.

RayeR wrote on 2025-02-25, 01:46:

I think most spreaded kind of viruses now is some kind of ransomware because it really works to make money. And to make many money you need to spread your ransomware in wide audience - this means Win10/11 users and not 1% of fosil XP or 9x users. So yes, you will need use modern tools to make your ransomware run on Win10/11 not 90' delphi :)

Believe it or not, but among the best programs in DOS* and Win16/32 era had been written with Turbo Pascal and Delphi! :D

(*IMHO on DOS with Turbo Pascal 3-7 - the latter with Turbo Vision, on Windows 3.x using Turbo Pascal for Windows/Borland Pascal for Windows/Delphi 1 and on Windows 9x/NT using Delphi 3, 5 and 7!)

RayeR wrote on 2025-02-25, 01:46:

this means Win10/11 users and not 1% of fosil XP or 9x users. So yes, you will need use modern tools to make your ransomware run on Win10/11 not 90' delphi :)

I'm not certain. Using Windows 9x/NT compatible executables doesn't mean that you can't exploit vulnerabilities in modern Windows.
And especially by using old, obscure API functions or old DLL/services the malware becomes harder to detect.

Also, EXEs compiled with Delphi 3 or 7 don't need any special requirements. They just work! : D
There's no .NET Framework being required, no runtime that has to be installed.
Windows 95 era applications are small and quick, they don't trigger an "This application needs MS Visual C++ 2005 runtime" pop-up window that raises suspiscion.
Heck, even Visual Basic 6 applications are portable. Msvbvm60.dll is part of every Windows since 98.

I would dare to assume that modern Microsoft developers barely see through old code any more, because the original developers are six feet under, fired or retired.
That's why Microsoft tries to switch to Linux more and more, the underlying NT system has become too complex to handle.
Linux is easier to manage, with lots of free volunteers everywhere.
Also, you can hire&fire more frequent - firing a real Windows developer always means a loss of knowledge.

Here: Delphi 7 from the 2002 was in common use until 2020 or so.

"Delphi 7, released in August 2002, added support for: […]
Show full quote

"Delphi 7, released in August 2002, added support for:

Web application development
Windows XP Themes

Used by more Delphi developers than any other single version, Delphi 7 is one of the most successful IDEs created by Borland.
Its stability, speed, and low hardware requirements led to active use through 2020. "

https://en.wikipedia.org/wiki/History_o ... 80%932003)

If you want to be absolutely sure your windows can not get viruses, just use Windows 3.11 for Workroups to go to internet. Garanteed safe fun browsing.

Cyberdyne wrote on 2025-02-26, 02:09:

Garanteed safe fun browsing.

Well, browsing FTP sites is always safe...

...and there's not much more you're able to browse from WfW 3.11 🤣

Cyberdyne wrote on 2025-02-26, 02:09:

If you want to be absolutely sure your windows can not get viruses, just use Windows 3.11 for Workroups to go to internet. Garanteed safe fun browsing.

Yes, maybe.

On other hand, it can run Win32 executables if Win32s is installed.
Programs compiled with Delphi 2 or an similarily old C compiler do run natively from Windows 3.1x+Win32 up to Windows 11.

And that's exactly because they're so well written, exactly because they originally were meant to run on Windows NT 3.1 and 3.5x.
Applications that run on Win32s do contain relocation tables and are thus compatible with DEP!

They also limit themselves to the basic Win32 API and plain i386 instructions set, which are well being supported - even on RISC platforms.
Such as ARM (Win11), Alpha PC with FX!32 emulator (NT4) or Intel Itanium (XP64).

If I was an malware writer, I would have chosen to implement at least two code paths to attack the target system using different methods each.
Via PlatformID API function, it's easy to determine between Win32s, Windows 9x and NT.
No need to figure out version number, even.

https://learn.microsoft.com/en-us/dotnet/api/ … id?view=net-9.0

I seeno problem why someone couldn't use Delphi 2 from 1995 to make an API call that's exlusive to newest Windows 10/11 function or system service.
Back in the Visual Basic days it was just common to extend functionality by using VBX files or by directly calling into Windows API and use features originally not available in the IDE/compiler.

Edit: I may seem like a sentimental, old fart living in the past here but it's not as if I hadn't thought this through.
See, by using older or lower system APIs your circumventing security/safety mechanisms added in higher layers, such as garbage collection.

A modern Windows application uses managed code and the calls must pass through .NET framework, Visual C++ runtime, Direct2D or GDI+.
Until the final call ends up being at Win32 layer.

By using Win32 or Native API directly, a lot of these intermediate layers are being avoided.
The filtering process is being avoided. Which can be either good or bad, depending on the situation.

That's quite simplified, of course. I'm just an user, after all.
In practice, on modern Windows, Win32 and GDI do talk back to higher APIs, too.
Because some of the old APIs are being intercepted and emulated by more modern APIs (just like Windows 3.1 FastDisk does filter int21h MS-DOS calls. 😉 )
Which in turn might call back the truely old APIs/DLLs of same name.

I had to stop using XP on my daily PC because of support from newer software. Currently I run a mix of Linux and Win7 on different machines. Win7 is okay, but I liked XP better. I do not like Win10 at all.

Of all the reasons I stopped using WinXP, viruses had nothing to do with it. I've been surprised at how many knowledgeable users worry so much about that. I understand worrying about it on behalf of less knowledgeable users. There are people who have a habit of infecting themselves, I certainly have some of those in my family. It's easier for me to let those people be nannied by their modern OS. But surely people on this site are conscious of what they're installing on their PCs.

No sensible person connects their home PC directly to the internet anymore. It's going through a NAT, so nobody can randomly access your PC from the internet. Port forwarding would expose you (on that port), but that's rarely necessary for a home PC. If you don't trust your LAN, then use a local firewall.

The biggest risk is web browsers (not the OS), because their support for script-happy web sites opens lots of possibility for bugs that might be exploited by "dodgy" sites. But at this point web browsers on XP are barely usable anyway. There was a time when I ran NoScript (whitelisting sites I trusted) but I don't even know if it's possible to browse the web productively that way anymore. The script happy culture of the modern web is just too rampant.
If you really are worried about this, run your web browser on a user with limited permissions.

I don't like autorun, so I used policy or registry settings (I forget which) to "disable autorun completely" - I recall XP is a little stubborn about this so standard GUI options aren't enough to truly disable it. Be careful with untrusted USB flash drives from your cousin's girlfriend.

I keep installers archived so I rarely need to dig up new installers from the web. But if I have to do that, I scan it with virustotal and research anything that looks concerning.

I've had viruses twice in my life, both in the early 2000s and I know why it happened both times. It was foolishness in both cases, nothing that justified the annoyance of memory resident Antivirus software, and so I've preferred not to use it.

The only malware issue I have is my Windows 10 machine, which I only use for games. Win10 harasses me about 5 times every time I boot it up about different things Mother Microsoft wants me to install, change in my settings, or whatever. It also quietly installs things I don't want, and it also broke my video driver once, forcing me to manually roll it back. Windows XP never did any of that, it respected my choices.

shamino wrote on 2025-02-26, 07:09:

I
The biggest risk is web browsers (not the OS), because their support for script-happy web sites opens lots of possibility for bugs that might be exploited by "dodgy" sites. But at this point web browsers on XP are barely usable anyway. There was a time when I ran NoScript (whitelisting sites I trusted) but I don't even know if it's possible to browse the web productively that way anymore. The script happy culture of the modern web is just too rampant.
If you really are worried about this, run your web browser on a user with limited permissions.

There is latest Chrome on XP, 132 i think

For me works everything exept drm content, no netflix, but i dont care i prefer emule

dormcat wrote on 2025-02-23, 19:33:

Sabina_16bit. wrote on 2025-02-23, 18:56:

& what antivirus r U using in Windows XP?

I use AVG 18.6.3983.0 (dated 2018/08/21). Later I found Avast 18.8.4084 (dated 2018/11/15; note their version numbers had similar patterns as Avast had already acquired AVG back then) but haven't installed it on my two XP builds.

Those were the last editions actually run on XP and still capable to receive definition updates (but not program updates); later editions, while claimed to be XP-compatible on Avast's website for quite some time, were in fact incompatible. Avast quietly removed XP from its system requirements couple years later but I didn't remember the exact time.

& do Your AVG worx without side effects?
My is exploiting csrss.exe for about last month after an update causing constant 100% CPU usage,it is an EoL sabotage & happened on both my XP-only builds,where I have antivirus on XP(on multiboot systems I check all partitions from Win.7 by its antivirus).
Do U deal with same problem (successfully)?

GemCookie wrote on 2025-02-23, 19:52:

I didn't expect to see this thread a second time.

My Core 2 Quad PC primarily runs Windows 11 these days. I would've never made the switch, had I not found a way to fix the user interface early this year. My Windows XP installation remains intact, however, it can't access the Internet. I didn't want to steal an Ethernet cable from another PC, so I installed a Wi-Fi card with Windows 7+ drivers.

That said, my K6-2 and Pentium III builds still run Windows XP. I use the latter when my main PC is busy. I've tried Windows 7 on it, but it's simply too demanding for the hardware. My K6-2 would need a BIOS update to run it at all. My attempts to use Linux on these systems ended in disaster; the Riva TNT2 cards inside are not usable, even though the nouveau website claims they're supported. I have yet to get 2D acceleration working in OpenBSD on the K6-2.

I am surprised,Win.7 even worked on a P3,I did never tested Windows 7 on anthing older than P4/Atom,even no reason,as I have quite a lot P4/C2D MoBos,no need to tyranize an older HW with it.
On P3 I use mostly Windows 4.10.2222(98SE)/NT 5.0(2000)/NT 5.1(XP).
I would never guess,a Win.7 would even successfully install & boot on a P3,as highest P3 configuration is 800MHz & 2GB RAM & many P3 BIOSes have 32GB limit for HDD & Windows 7 32bit needs as min.1GHz CPU,2GB RAM & 40GB HDD.Maybe some UltraLite edition could make sense on P3,I got Windows 7 UltraLite on 4GB SSD of Asus EeePC 901,but as it is unofficial home-made edition,it is buggy,mainly the Desktop is buggy & shows contnts of boot dir instead of the desktop's normal dir.This happened few days after install & I never could fix it.