Vistapocalypse Posted January 6, 2020 Posted January 6, 2020 2 hours ago, IntMD said: I've scanned these files with Windows Defender/Security in Windows 10 1909 (18363.535) with latest definitions, and it hasn't detected anything. At both of your VirusTotal links, Microsoft's engine detects Trojan Win32/Occamy C. In the past, I have submitted fake "Flash Player Updates" offered as drive-by downloads by strange URLs I was mysteriously redirected to (i.e. couldn't possibly be legitimate) that were only detected by 2 or 3 engines. I'm with caliber, and would never consider using a program that is detected by 23 engines!
FranceBB Posted January 6, 2020 Posted January 6, 2020 On 1/5/2020 at 7:36 PM, caliber said: that tool from github contains a trojan. why don't github files get scanned ? It has a file called "kernelxp.dll". Once you patch a programme, the programme will use kernelxp.dll instead of directly calling the XP kernel. Such a thing is needed as it implements redirections to the xp kernel for known functions while it uses Wine implementations for those missing. Of course an antivirus isn't going to like that! Heck, you're basically redirecting calls of programmers and you're gonna let pass to the real kernel only those you decided to let pass while you're gonna employ a non Microsoft compiled and totally unsigned mini kernel for the others. What did you expect from the Antivirus? To say that everything was fine? XD Anyway those are all false positive. Feel free to check @TuMaGoNx code on Github if you don't believe me. As to the behaviours you encountered, you may wanna let him know if you are 100% sure that it's xompie that it's causing them. By the way, Tuma, shall we expect a new release in the future or did you just drop the project? 1
caliber Posted January 7, 2020 Posted January 7, 2020 2 hours ago, FranceBB said: Once you patch a programme, the programme will use kernelxp.dll instead of directly calling the XP kernel. Anyway those are all false positive. Feel free to check @TuMaGoNx code on Github if you don't believe me. I have not patched anything with it. it could be a false positive for Avast but once you install it and get infected it can be nothing but a trojan.
IntMD Posted January 7, 2020 Posted January 7, 2020 10 hours ago, caliber said: it could be a false positive for Avast but once you install it and get infected it can be nothing but a trojan. Like I said, provide concrete proof that it's a trojan, and not just a circumstantial thing. Have you tried making a clean XP SP3 VM to test whether this also happens with both 0.6a and the master build?
NojusK Posted January 7, 2020 Posted January 7, 2020 On 1/6/2020 at 4:02 PM, caliber said: this trojan makes firefox based browsers @roytam1 almost unusable unless you delete the profile folder or start them in safe mode. I had sort of this problem with Roy's browsers after installing XomPie (On Windows Server 2003 the browsers don't start at all and some programs that aren't patched give errors until you uninstall the patcher) It seems like there some sort of "DLL conflict" with the programs, but again it's NOT a Trojan or nor anything malicious included, some AntiViruses give false positives for these custom DLLs from my experience 2
i430VX Posted January 8, 2020 Posted January 8, 2020 11 hours ago, Nojus2001 said: I had sort of this problem with Roy's browsers after installing XomPie (On Windows Server 2003 the browsers don't start at all and some programs that aren't patched give errors until you uninstall the patcher) It seems like there some sort of "DLL conflict" with the programs, but again it's NOT a Trojan or nor anything malicious included, some AntiViruses give false positives for these custom DLLs from my experience I cannot say I've ever run into this problem you speak of. I've even installed XomPie on server 03, didnt happen there. 1
ED_Sln Posted January 17, 2020 Posted January 17, 2020 uTorrent latest versions (3.5.5) does not work in XP. Can anyone know what is the latest working version? You can start using xompie, but all the control buttons disappear from the window.
RED-CHAMBER Posted January 17, 2020 Posted January 17, 2020 The latest version of Telegram 1.9.3 can be installed but is no longer compatible with XP. So, I guess the support's over.
i430VX Posted January 17, 2020 Posted January 17, 2020 18 minutes ago, RED-CHAMBER said: The latest version of Telegram 1.9.3 can be installed but is no longer compatible with XP. So, I guess the support's over. I've added the latest working installer (1.8.15) to my EOL repository on my web-site: http://i430vx.net/files/XP/EOL/tsetup.1.8.15.exe 1
caliber Posted January 17, 2020 Posted January 17, 2020 8 hours ago, ED_Sln said: uTorrent latest versions (3.5.5) does not work in XP. 1.8.5 or 2.04 I use either of them they feature the last nice visual theme.
ED_Sln Posted January 17, 2020 Posted January 17, 2020 37 minutes ago, caliber said: 1.8.5 or 2.04 I use either of them they feature the last nice visual theme. I know, I myself use these versions and version 2.1.1 with the skin installed. I just found out that the latest version is not working already, so I’m looking for the latest supported one to add it to the archive.
caliber Posted January 17, 2020 Posted January 17, 2020 24 minutes ago, ED_Sln said: I know, I myself use these versions and version 2.1.1 with the skin installed. 2.1.1 ? http://es.oldversion.com/windows/utorrent/ http://es.oldversion.com/windows/utorrent-2-2-1-2
ED_Sln Posted January 18, 2020 Posted January 18, 2020 13 hours ago, caliber said: 2.1.1 ? Oh, a typo, version 2.2.1.
UCyborg Posted January 18, 2020 Posted January 18, 2020 (edited) qBittorrent 4.1.9.1 is the last version that runs on XP. Edit: Never mind, was already mentioned I see. I just noticed today. Edited January 18, 2020 by UCyborg
FranceBB Posted January 19, 2020 Posted January 19, 2020 (edited) On 1/17/2020 at 3:00 PM, RED-CHAMBER said: The latest version of Telegram 1.9.3 can be installed but is no longer compatible with XP. So, I guess the support's over. In case anyone was wondering, I tried with my modified kernel and it doesn't run on my machine either. All the missing kernel calls are patched except for "CancelIoEx": https://docs.microsoft.com/en-us/windows/win32/fileio/cancelioex-func The good news though was that there's CancelIo in Windows XP, so I replaced CancelIoEx with its non-ex counterpart and I tried to make a few tests without any positive result. The reason is that the normal CancelIo (the non-ex one available in XP) can't be used to cancel io operations in other threads, so most of time it just hangs on nn_close... On top of that, the new code has several missing calls for the UI as well and I can't fix any of them in Shell32 as I'm not a UI guy... I guess I'm gonna stick with 1.8.15 'till it's gonna work, then I don't know... A few screenshot for those interested: On a normal XP SP4 Installation: On my XP running a custom kernel: Then there are missing calls in Shell32 and User32: I guess that's pretty much it for Telegram, unless someone wants to try to fork it and re-introduce XP compatibility. I'll leave a link to the source code anyway: https://github.com/telegramdesktop/tdesktop Out of curiosity, is there anyone who can try the official installer on Windows Vista? Edited January 19, 2020 by FranceBB
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now