Malware Wiki

Microsoft Windows

1,345pages on
this wiki
Add New Page
Comments3 Share
Microsoft Windows (also known as MS Windows, Windows, or Windows OS) is a series of software, operating systems, and graphical user interfaces produced by Microsoft. Windows uses both DOS and NT as their kernels, and as of now, NT is their current default kernel type. Microsoft first introduced an operating environment named Windows in November 18, 1985 as an add-on to MS-DOS in response to the growing interest in graphical user interfaces (GUIs) at the time. Microsoft Windows came to dominate the world's personal computer market, overtaking Mac OS, which had been introduced previously. As of July 2009, Windows had approximately 93% of the market share of the client operating systems for usage on the Internet. The most recent client version of Windows is Windows 10 released on July 29th, 2015. Several editions, flavors, and versions of Windows have been released in the following years that come in 32-bit operating systems, (x86), and 64-bit operating systems (x64), in which most of them are consumer-friendly. Deleting System32 will delete Windows, so it is advised to install a secondary operating system if the user deletes System32.
65px-Windows logo – 2012 (dark blue).svg

The symbol for Windows

Due to its extremely high usage in home computers, workplaces, and servers, Microsoft Windows is one of the most targeted operating systems in the world for malware, along with Android, iOS, Mac OS, and Linux. This is also a reason why there are many antiviruses built for this platform.

List of Windows Versions

Windows Updated Family Tree

Windows Family Tree

WARNING: The following may be misleading.

  • MS-DOS
  • Windows 1x
  • Windows 2x
  • Windows 3x
  • Windows NT 4.0
  • Windows 9x
  • Windows XP
  • Windows Vista
  • Windows 7
  • Windows 8x
  • Windows 10
  • Windows Servers

Windows 1.x & 2.x DOS


Windows 1.01

Windows 1.01 was the first publicly released edition of Windows, released on November 20, 1985. Windows added a graphical user interface (GUI) to MS-DOS, and included several features including the ability to use a mouse, draw pictures, and more. It could either be installed on a floppy disk, or a hard drive. Windows 1.02, 2.03, 1.03, 2.11, and 1.04 would follow.

Windows 2.03 was released in 1987, came in two flavors: 2.03/286, and 2.03/386. Despite these names, however, Windows 2.03 (and 2.11) will work on a Intel 8086/8088, although it would not use the high memory area, as none existed on a 8086 processor, although EMS could still be used if it was present. An updated version, 2.11, was released shortly afterwards. 2.03 added several features still used in Windows today, such as windows that could be moved, overlap, and more.

There is no known malware targeted specifically at 1.x or 2.x, although if one launches a DOS virus from 1.x & 2.x, they will take effect on the DOS portion of the computer.

Windows 3.x DOS


Windows 3.1

Windows 3.0 was released on May 22, 1990. Windows 3.0 introduced a significantly revamped and improved user interface and more consumer-friendly, as well as technical improvements to make better use of the memory management capabilities of Intel's 80286 and 80386 processors (although it could still run on a 8086/8088). Windows was starting to get more popular and eventually became a rival to the Commodore Amiga, and the Apple Macintosh.

Windows 3.1 was released on April 6, 1992, and quickly became one of the most popular operating systems in the world. It features numerous improvements, including supporting more memory (being able to a maximum 256 MB of RAM, as opposed to Windows 3.0 which could only supported a mere 16 MB), and more.

As Windows was now getting more popular with the home and workplace market, some malware was written for it. The most prominent examples are Apparition, Klon, Lucky, and others.

Windows NT 3.x & 4.x

Windows NT 3.1 was released a year after Windows 3.1, on July 27, 1993. Rather then a 16-bit application dependent on MS-DOS, Windows NT was 32-bit, and could be booted and installed on most computers. It supported more architectures then Windows 3.x, supporting Alpha and MIPS. Later, PowerPC support was added to Windows NT. Windows NT 3.5 was released a year later on September 21, 1994. It featured a new startup screen, the ability to use names up to 255 characters for computer files, Object Linking and Embedding, and more. It required less memory than Windows NT 3.1. NT 3.5 however, refuses to install on anything newer than the original Pentium, but it can be installed through modification of the installation CD. Windows NT 3.51 fixed this issue.

There was very few malware written for 3.x, due to its low usage. Malware that runs on Windows 95 may affect Windows NT 3.51, however, and certain malware that runs on Windows 3.x will also affect Windows NT 3.x.

Windows NT 4.x was released in several editions, including Terminal Server, Enterprise Edition, Embedded, and more. It was released on August 24, 1996, one year after Windows 95, and featured several improvements including a graphical environment similar to that of Windows 95, and could access a maximum of 4 GB of RAM (compared to Windows 95, which fails to start with more than 440 MB of RAM.)

Some malware that affects Windows 95 also affects Windows NT 4.0. Microsoft had plans to release a seventh service pack, SP7, due for release in 2001; this was replaced with Service Pack SP6a, which was not a full service pack. Microsoft had plans to support SP7 until 2009, however, due to a major security flaw found in the Windows NT kernel that could not be patched without significant changes to the core operating system, security updates ended early, and NT support officially ended in 2006.

Windows 9x DOS


Windows 95

Windows 9x includes Windows 95, 98, and ME. Windows 95 was released on August 24, 1995, Windows 98 was released on June 25, 1998, and Windows ME was released on September 14, 2000. Like Windows 3.x, Windows 9x were dependent on MS-DOS, although having MS-DOS installed was not a pre-requirement (except in Windows 95A, the first release). Windows 95 introduced the task bar, the start menu, and the desktop icons, which are still used in Windows today.

Thanks to the huge popularity of Windows 95, the growing interest of the internet, amongst other things, there were thousands, if not tens of thousands of malware created for Windows 9x series of operating systems. The most famous ones are CIH, a virus that completely wipes out a hard drive and destroys certain motherboards carrying Intel chipsets; LoveLetter, one of the most widespread worms in the history of computing, Happy99, a virus that completely destroys the system after emailing itself to everyone in the user's contacts, Melissa, a macro virus that affects Microsoft Word, Magistr, a worm that tries to do capabilities of combined viruses like CIH and Shoerec, and more.

Windows ME has some code that is reworked and no longer allows the user to reboot to DOS. This makes a few viruses fail to work on Windows ME, like Shoerec.

Windows NT Kernel Editions

Windows NT is the primary kernel and current model of kernel of Windows developed by Microsoft. Windows NT is the most used operating system kernel in the world, first started with Windows NT 3.1 (1993), and still continues today with Windows 10 (2015). The Windows NT line of products includes Windows NT 3.1 (1993), Windows NT 3.5 (1994), Windows NT 3.51 (1995), Windows NT 4.0 (1996), Windows 2000 (1999), Windows XP (2001), Windows Vista (2007), Windows 7 (2009), Windows 8 (2012), Windows 8.1 (2013), and Windows 10 (2015). It also hosts the Windows Server line of products beginning with Windows NT 3.1 Advanced Server, up to Windows Server 2016 Technical Preview 4.

Malware on Windows

Windows NT is the most used operating system kernel in the world. Thanks to this fact, it is easily the most malware-infected kernel in the world, housing millions of malware with hundreds discovered every day. Windows 10 also contains a bit of spyware, however it can be blocked with 3rd party software and can also be partially turned off in the settings. However, antiviruses are also at their strongest to this day, successful at blocking most malware attacks. Windows also has Windows Defender and Microsoft Security Essentials as built-in starter antiviruses. The Death Screen for Windows was the Blue Screen, found when the user's computer is too unstable or if there is too much malware. Windows NT's most prominent viruses were CodeRed, which took down thousands of

The current version of the Blue Screen

servers across the world, and was one of the first botnet viruses ever created. Klez (which also affected Windows 9x), one of the most destructive worms in history which caused over $19 billion USD in damage, Blaster, another botnet virus, which took down several websites in mid 2003 and caused $335 million USD in damage (and also contained a message to Bill Gates), Welchia, one of the most widespread worms in history and the first "anti-worm" worm that deletes Blaster, Mydoom, the second most damaging virus in history (causing $22.6 billion USD in damage), Sobig, the most destructive virus in history that caused nearly $40 billion USD in damage (about $37.1 billion USD), Conficker, one of the most widespread botnet worms that emerged in late 2008, ZeroAccess, a trojan and rootkit discovered in early 2011 that hooks a computer up to a botnet, while also killing nearly every executable, and (sometimes) deleting critical files, and Cryptolocker, the first official ransomware that requests the user to pay a fee to regain access to encrypted files. Some viruses and trojans can delete entire boot sectors and partitions of Windows and can also delete files, brick phones attached, destroy entire hard drives, and stone the user's PC. Though these are somewhat uncommon, most have been detected and now can be removed. If the user do not have an antivirus on the user's PC, these viruses and/or other variants (Like Sobig.F, a variant of Sobig) will find a backdoor to the user's computer, causing high damage. It is best to keep safe and use recommended software from Microsoft or trusted.

The Microsoft symbol


  • The operating system was called "Windows" because of how the tabs looked like windows.
  • There were two unreleased operating system codenames, Windows Nashville and Neptune.
    • Windows Nashville was meant to come after Windows 95 and to gain more features with internet browsing. Some say this version was Windows 96. Nearly everything, including the boot screen is still the same as Windows 95(A), the only major difference is that Internet Explorer added.
    • Windows Neptune was supposed to be the home version of Whistler, and Odyssey would've come as that version's server version. This project was merged with Whistler and Whistler also have some home features as a result. While based on Windows 2000's kernel, new features were added in this beta and even the boot screen is changed.
  • Windows operating systems all had codenames. Here is a small list of a few:
    • Windows Janus (Windows 3.1)
    • Windows Chicago (Windows 95)
    • Windows Memphis (Windows 98)
    • Windows NT 5.0 (Windows 2000)
    • Windows Millennium (Windows ME)
    • Windows Whistler (Windows XP)
    • Windows Longhorn (Windows Vista)
    • Windows Vienna/Blackcomb (Windows 7)
    • Windows Blue (Windows 8.1)
    • Windows Threshold/Redstone (Windows 10)
  • Windows 7 has the highest market share for any operating system, followed by Windows 10 and Windows XP.
  • Windows 9 was skipped by Microsoft for unknown reasons. There have been many conspiracies and thoughts to why Windows 9 may have been skipped. One main speculation (although never confirmed by Microsoft) was that Windows 9 was skipped due to some programs having trouble starting up, due to the fact that it detected "Windows 9" as Windows 95/98. Also, Windows 10 is the last version that changes numbers (7,8,10). However, Windows 10 will have feature updates periodically to keep supporting windows 10.Microsoft employees were wearing a shirt with the Windows logo in binary, which was decoded into this message:
    Microsoft Shirt

    The image on the Windows shirts

1. "There are 10 types of people in the world."

2. "Windows 10, because 7 8 9."

3. "Congrats on being one of the first."

4. "Windows Insiders help us develop the future. Talk to us @ Windows."

  • There have been 5 Windows logos so far.
  • Microsoft had also made its own Linux "distro" at one point.

External links and References

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.