A Windows XP machine's life expectancy in 2024 seems to be about 10 minutes before even just an idle net connection renders it a trojan-riddled zombie PC

News
By
published

That's all without clicking a single hot link.

How long do you think it takes an unprotected Windows XP box to fall foul to malware? To be clear, this is a machine sitting idle, no internet browsing required, just connected to the internet.

One YouTuber, Eric Parker, decided to find out (via XDA). Using a virtual machine, Parker set up a Windows XP instance and configured it to be fully exposed with no firewall and no anti-virus software, just like the good old days. So, how long exactly does it take for malicious software to appear on the PC?

Parker returns to the PC 10 minutes later and, sure enough, there's something nasty running in Task Manager named conhoz.exe, a known trojan. 

He shuts that process down and leaves the machine running. Within just a few more minutes, a new user has been added, plus a number of new processes, including an FTP server.

So, yeah, within 15 minutes that's multiple malware processes and an entirely compromised machine with the bad guys having already created a new admin account and an FTP server running locally. Jaysus!

Parker then traces the malware's communication to, yup you guessed, the Russian Federation. He speculates that the bad guys might be trying to set up a botnet or spam email server from his compromised machine.

conhoz.exe

Your friendly neighbourhood conhoz.exe process! (Image credit: Eric Parker)

Further investigation reveals even more malware, including another Trojan and a rootkit. A Malwarebytes scan then reveals the full horror, with eight nasties actually running including four trojans, two backdoors, and a couple of adware apps.

In other words, the machine is already a complete and utter zombie. Anyway, it's a fun watch as Parker observes his virtual XP machine being ravaged in real time and a reminder of what bubbling away behind the firewalls and malware protections on all of our PCs.

Sniffing through your running processes in Task Manager used to be something of a regular ritual for the well-informed. Now, it's not really necessary... famous last words and all that.

Indeed, it just goes to show how effective those measures are that we can all be connected to the internet 24/7 and not give this stuff much of a thought. It's dangerous out there, boys and girls. Be careful!

Windows 11 reviewHow to install Windows 11Windows 11 TPM requirement


Windows 11 review: What we think of the latest OS.
How to install Windows 11: Guide to a secure install.
Windows 11 TPM requirement: Strict OS security.

Jeremy Laird
Jeremy Laird
Hardware writer

Jeremy has been writing about technology and PCs since the 90nm Netburst era (Google it!) and enjoys nothing more than a serious dissertation on the finer points of monitor input lag and overshoot followed by a forensic examination of advanced lithography. Or maybe he just likes machines that go “ping!” He also has a thing for tennis and cars.

More about hardware
Wooting 80HE on a desk and controlled by the Wootility.

There's one reason I come back to this one rapid trigger gaming keyboard over the rest, and that's great software
Nvidia RTX 5070 Founders Edition graphics card from various angles

Nvidia RTX 5070 hands-on preview: a sneak peek at my unreleased RTX Blackwell card hitting triple digit frame rates in Cyberpunk 2077 at 1440p and Avowed at 4K
A girl in a school uniform pilots a giant robot

Steam Next Fest's most-played demo is a game almost everybody hates
See more latest