Jump to content
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble
Strawberry Orange Banana Lime Leaf Slate Sky Blueberry Grape Watermelon Chocolate Marble

MSFN is made available via donations, subscriptions and advertising revenue. The use of ad-blocking software hurts the site. Please disable ad-blocking software or set an exception for MSFN. Alternatively, register and become a site sponsor/subscriber and ads will be disabled automatically. 


harkaz

Introducing - Unofficial Windows XP SP4

Recommended Posts

Not so sure you can do that. My investigation reveals MS integrated some HotFixes, not to mention a couple of VM-oriented files. I wouldn't use the Unofficial SP4 except against a clean SP3-only Install. Sorry... :( (and a big FYI...)

 

Addendum - I could be wrong - maybe the SP4 "checks" for any pre-existing HotFixes? :unsure: I haven't used/tried it yet.

Share this post


Link to post
Share on other sites

Like I said, I haven't used it yet either, so I could have misunderstood.  But this is the conversation I remembered from back in Oct 2014:
 

I tested this on 2 virtual systems, an existing XP mode VM that I have been using for quite some time and a fresh XP mode VM. The existing XP mode VM is now stuck in a reboot loop and the fresh XP mode VM install took several tries to boot to desktop but once it did everything seemed fine aside from the fact that automatic login seems broken. It asks for a password but should not.

On the off chance you don't know this VM it is the free XP VM you get to use with 7 pro.


For automatic logon to function porperly, make sure that the user account you're using to logon with exists. I'm testing XP SP4 in XP Mode right now.


Issue fixed. I will add RDC 7.0 MS catalogs and fix a registry entry in xpfixit.inf. I type this Message from Windows XP Mode with Integration Features enabled. I don't like Windows XP Mode, but it seems to work fine now.


Cool, thanks. XP mode is not the greatest way to emulate XP for sure but a lot of people use it so it was good to fix this bug.


Cheers and Regards

  • Upvote 1

Share this post


Link to post
Share on other sites

My virus scanner reported 3 infected files in USP4 v2

They are:

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\ndpsp.exe

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\setup.exe

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\dotnetfx.exe

I verified that about 1/3 of scanners at virus total.

Downloaded from:

https://drive.google.com/folderview?id=0B7k-l_4omFECNWRGNHBEdVBsTTA&usp=sharing

The SHA1 hash from Ryanvm's web site matches with my executable:

SHA1: 95AE364CE2CB39D9ED022E84F8829C883F43AB5F

 

Hash is from: http://www.ryanvm.net/forum/viewtopic.php?t=10321

 

Found the same infections in the 2 CD download of v2 as well.

Edited by mike1504

Share this post


Link to post
Share on other sites
Guest

Do you have the VirusTotal results link? Which AV do you use?

Edited by 5eraph

Share this post


Link to post
Share on other sites

I uploaded all 3 of the files tonight.

Yes they were detected earlier, but the sha1 and MD5 checksums on the scanner match those of the files I uploaded.  I doubt seriously the files differ at all.

If it were just MD5 checksums there might be a small chance, but not with the SHA1.

Share this post


Link to post
Share on other sites

It's not that the files are gonna be "different" but that the detections (beside your FP factory Avast) may be different, :whistle: Small developers like Harkaz are plagued by many FP's...I suspect these are FP's, I also suspect that Harkaz will be along in 3....2.....1.... to explain as much.

YMMV.

Share this post


Link to post
Share on other sites

The USP4 loaded nicely without the files in quesion.
I'm not sure what their purpose was, but they carried names that are part of .net framework, but of a very different binary.

It would be nice to know what they do...and of course I will have to disable Avast to do any thing with them...It already stole one of them after I disabled it long enough to re extract them...just because I right clicked to check the hashes.

I really do appreciate the work that Harkaz put into this rollup.  It was nice to only need some POS updates when the install completed.

Share this post


Link to post
Share on other sites

I have used Pelles C to compile these 3 EXEs:

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\ndpsp.exe

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\setup.exe

WindowsXP-USP4-v2-x86-ENU.exe\i386\root\dotnetfx\dotnetfx.exe

 

They are placeholders for some MCE disks. They do absolutely nothing (empty WinMain). I don't know why they are reported as malware.

 

EDIT: The source code is ATTACHED.

Aspuncln-PellesC.rar

Edited by harkaz

Share this post


Link to post
Share on other sites

Something wrong with this Service pack I am also getting a report of this Servive pack as being Trojans within Avira Antivir:

 

Dotnetfx.exe TR/Rogue.37376.27

Ndpsp.exe TR/Rogue.378646.65

Setup.exe TR/Rogue.36864.71

 

Antivir stopped the process of slipstreaming quarantined the files then all sorts of errors proceeded unable to proceed

Share this post


Link to post
Share on other sites

NEWS: A v3 of SP4 will be released soon.

 

This version will include:

 

- A fix for the 16-bit app emulation not working when installed from CD-ROM

- Latest updated file versions except for the buggy May 2014 shlwapi.dll

- Some security enhancements with firewall configuration

- Removal of FP "malware" files and replacement with new, clean, smaller placeholders

 

This will be the final-final build of SP4 ever.

Share this post


Link to post
Share on other sites

Something wrong with this Service pack I am also getting a report of this Servive pack as being Trojans within Avira Antivir:

 

Dotnetfx.exe TR/Rogue.37376.27

Ndpsp.exe TR/Rogue.378646.65

Setup.exe TR/Rogue.36864.71

 

Antivir stopped the process of slipstreaming quarantined the files then all sorts of errors proceeded unable to proceed

Hi Quick heal also showing same previously thanks for fixes.

Detected: Trojan.Dorv.016816 in

C:\Users\Dr.Mom Samanta\Desktop\last\Aspuncln-PellesC\Aspuncln-PellesC\ndpsp.exe

Action taken: Repaired

Detected: Trojan.Dorv.016816 in

C:\Users\Dr.Mom Samanta\Desktop\last\Aspuncln-PellesC\Aspuncln-PellesC\dotnetfx.exe

Action taken: Repaired

Detected: Trojan.Dorv.016816 in

C:\Users\Dr.Mom Samanta\Desktop\last\Aspuncln-PellesC\Aspuncln-PellesC\setup.exe

Action taken: Repaired

I am testing it on my mothers laptop.

Share this post


Link to post
Share on other sites

Those are *probably* False Positives. Maybe due to Repack to get all of the Updates merged? :unsure:

Share this post


Link to post
Share on other sites

SP4 v3 is now available.

 

Download available at the usual location.

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...