Subscribe to Posts
Today I was infected with a virus called W32.Netsky.P@mm!enc. It arrived via an email sent to the address I have for this website. I download mail from that address with Thunderbird. As soon as the email was downloaded, Norton’s notified me that I had this virus. I hadn’t opened an attachment or even clicked on the email to read it. More disturbingly, Norton’s told me it couldn’t get rid of the virus because it wasn’t allowed access to the file! Eventually, by reading here and here, I discovered that I needed to close Thunderbird and disable Windows System Restore before Norton’s could eliminate the virus. Since this is technically a worm, which hunts for email addresses on the infected computer and mails itself to them, I may have inadvertently infected some of you. The email won’t appear to have come from my computer, however. It will look like one of the examples in item 12 on this page. I was able to clean out the virus within an hour or so of being infected, but it took me a while to find out what I needed to do. Nothing like Norton’s telling you it can’t get rid of a virus that it knows you have! I had 8 instances of the virus to clean out by the time I figured out what to do. This MIME-encoded version of the worm has only been in Norton’s database since May 5, 2005, so if your virus software doesn’t automatically update itself, you may be harboring this worm yourself. Hmmm, maybe I got it from you! Sorry to be the bearer of bad news, but forewarned is forearmed.
Popularity: 2% [?]
2 responses so far ↓
1
jenn
// May 11, 2005 at 10:47 am
Thanks for the heads-up.
I have Norton on auto-update, so hopefully it wasn’t me. I’ll run a scan tonight and double-check.
Nasty way to start a day.
Sorry that you got zapped.
2
Rob
// May 16, 2005 at 9:53 am
Please Leave a Comment