November 23, 2009 | Windows

I got hit badly with some nasty viruses which ultimately led me to move from Windows to Ubuntu as my default operating system.

First, I was hit with conficker!mem, but I didn’t know it at the time. I had noticed for a while that I wasn’t able to go to microsoft.com, but I loathed having to spend time to debug it. After all, there isn’t much on microsoft.com that I really care for.

Only later did I realize while trying to fix something else that I’d been hit with a virus. That something else was a process (svchost.exe) taking up a lot of CPU time. As the name suggests, the program is a Windows system file, and it’s supposed to host services (long-running system processes). But the virus was using it to do its nefarious deeds.

Can’t reach security-related sites

The virus does a funny thing with the DNS on your system and it prevents you from going to any site which is remotely security-related. This includes

• microsoft.com
• nai.com
• symantec.com
• other antivirus vendors
• other sites that match certain string patterns

In retrospect that fact that I couldn’t reach microsoft.com indicated I had a virus, but I didn’t know it the time.

Windows shuts down immediately

The second problem I had was that Windows XP would shut down immediately after logging in. What happened is that one day I left the computer running (which I usually do), and when I came back it was off. That was disturbing. First I thought maybe someone had turned it off. Then I thought there might have been a problem with the UPS (which would turn the computer off through APC’s PowerChute program).  Anyway, I turned the computer on to see what was up, but it turned off again! Luckily, I had another Linux computer running Ubuntu from which I was able to access the web to research the problem and download fixes. I found that it was the Sasser virus which was responsible for the shutdowns.

Hooking up Windows XP directly to the Internet

After my virus misadventures, I remembered that I had I been having some problems with my router/switch, so I hooked up the DSL modem directly to the Windows XP computer to access the Internet. That was a mistake, since Windows must have been compromised through one vulnerability or another. And that’s probably where the Sasser virus came from.

I’ll be detailing my travails removing the virus and installing Ubuntu in posts over the next weeks.

If you liked this article

If you liked this article, don’t forget to subscribe for updates!

Get updates by RSS (What’s RSS?)

Subscribe by email:

Follow me on Twitter

Top Incoming Search Terms

Related posts:

1. Latest Windows XP Update Crashes Computers There are reports that Microsoft's latest update for Windows XP...
2. Removing Conficker and Sasser Viruses from Windows XP with Kaspersky and BitDefender As I mentioned in a post a few days ago,...
3. One in Ten Computers is a Mac People like to say that the Apple only has a...
4. How to Install Miro Podcast Viewer on Windows Miro is a free and open source podcast viewer for...
5. What’s Good Podcast about Why Macs Are Better Than PCs The John Chow blog featured a guest article by the...

Explore related content: conficker, conficker!mem, Sasser, virus, Windows XP

2 Responses to “My Windows XP Gets Virus Infected”

1. Removing Conficker and Sasser Viruses from Windows XP with Kaspersky and BitDefender | Digitivity says:

   November 25, 2009 at 10:22 am

   [...] I mentioned in a post a few days ago, I was hit pretty badly with a virus infection on my Windows XP installation. One of the symptoms was Windows shutting down almost immediately after logging in. Once I [...]
2. What’s Good Podcast about Why Macs Are Better Than PCs | Digitivity says:

   January 2, 2010 at 3:34 pm

   [...] #1, that, of course, is the reason I moved to Ubuntu (after cleaning a virus infection on [...]