WinXP Lasts 10 Minutes Before Becoming Infected

John Lister's picture

An unprotected Windows XP machine lasted just 10 minutes online before being infected. It was an extreme and arguably unrealistic experiment, but does show just how prevalent online threats are.

YouTuber Eric Parker carried out the test with a virtual machine running Windows XP. A virtual machine is a machine that lives inside of another machine, which makes it appear as if the virtual machine is a separate, physical computer. It's often used by people running two operating systems on the same computer. In fact, this website runs as a virtual machine.

At any rate: it's no secret that running Windows XP is not a great idea in 2024 due to the lack of security updates. The outcome was inevitable, but Parker was curious about just how quickly it would take for the Windows XP virtual machine to be compromised.

He connected the computer to the Internet, with the virtual XP having no security software running and with the built-in firewall switched off. It's hard to imagine anyone doing that on their actual computer, but the experiment was about the scale of the threat, not whether it would succeed. (Source:

10 Minute Takedown

Parker didn't open a web browser or run any applications. However, within 10 minutes the computer was running a known variant of "trojan horse" malware called conhoz.exe. (Source:

After just five minutes more, a new Windows user was added and the device was running an FTP server. A full scan showed a total of eight malicious applications, including two which gave people remote access to the computer and two which delivered unwanted advertising.

Examination of the malware suggested the computer was already communicating with a source in Russia. Parker believes the most likely explanation is that hackers were trying to weaponize the computer, either to deliver spam emails or to be part of a botnet of infected PCs that could spread malware or attempt to disrupt websites.

Botnet Bonanza

The sheer speed of the infection aside, the results probably shouldn't have been surprising given the complete lack of defenses. However, it is a reminder that some hackers take a relentless approach, scanning the Internet for unprotected computers. That's how they were able to connect to Parker's machine despite him not clicking any links or even opening a web page.

Fortunately, only around 0.33 percent of Windows computers are still running Windows XP, though across the world that equates to several million. Most of those will presumably at least have the default firewall switched on, but it's still a potentially attractive target for people trying to build botnets.

What's Your Opinion?

Are you surprised by this result? Did you realize unprotected PCs can be infected without the owner actively using the Internet? Is there any hope for people still running XP?

Rate this article: 
Average: 5 (6 votes)


topgum's picture

Surprised? No. But this test was akin to driving on the expressway with your hands off the wheel. What did you expect?

Wing and a Chair's picture

It just demonstrates what can be done by totally disabling it's defences. Now do the same thing, but with a fully patched version of Windows 8, and a competent antivirus program, running behind a decent router/firewall. Post the results. Once that is done, try the original experiment with Windows 10 and 11.