Don't go running off looking for proof because you won't find it. I don't mind someone disagreeing with me but have some kind of information otherwise its a waste of time.
The original poster sounds like he went online with unpatched xp, and got his updates online. Not good, the threat has grown and even 2 years ago there was evidence of how dangerous that is. That is the whole purpose of slipstreaming xp and why I recommend everyone does it.
http://www.usatoday.com/money/industries/technology/2004-11-29-honeypot_x.htm
"While most break-in tries fail, an unprotected PC can get hijacked within minutes of accessing the Internet. Once hijacked, it is likely to get grouped with other compromised PCs to dispense spam, conduct denial-of-service attacks or carry out identity-theft scams. Those are key findings of a test conducted by USA TODAY and Avantgarde, a San Francisco tech marketing and design firm."
"The test did not measure Web attacks that require user participation, namely spyware, which gets spread by visiting contagious Web sites, or e-mail viruses, which proliferate via e-mail attachments."
In other words it measured threats from simply being online and had 341 break in attempts in the first hour.
"Less than four minutes from start of the test, an intruder breaks into Windows XP SP1 through the vulnerability most famously exploited by last May's Sasser worm. Ensuing instructions get garbled."
"Eleven minutes later another intruder breaks into XP SP1 through the security hole exploited by the July 2003 MS Blaster worm. Ensuing instructions get garbled"
"While the previous break-in is still unfolding, another intruder, using a different attacking computer, breaks into XP SP1 through the Sasser hole. Ensuing instructions get garbled."
"An intruder breaks into XP SP1 for the fourth time using the MS Blaster hole. Things go smoothly. He begins uploading commands. He confirms XP SP1 is connected to the Internet, then begins making repeated attempts to connect XP SP1 to a server running an Internet Relay Chat channel, the equivalent of a private Instant Messaging line."
"The intruder successfully connects XP SP1 to the IRC channel, which is probably also running on a hijacked PC."
"The intruder instructs XP SP1 to navigate to a designated Web site, likely running on yet another hijacked PC. XP SP1 downloads a program, called ie.exe, from the Web site."
"XP SP1 begins scanning the Internet, poised to similarly hijack other PCs exhibiting the same unpatched security hole."